Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/DD27DFF68A8611EE9D54156C4AD9E6FC.roa
File: DD27DFF68A8611EE9D54156C4AD9E6FC.roa (raw, json)
Hash identifier: p8cHgj9cCNvVgIKyORowHw1Rh877paNrsR+IpDUfuV0=
Subject key identifier: A3:05:A9:FD:02:D8:E2:C3:23:40:F4:62:3C:FE:14:3F:BC:6A:FA:51
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 530C
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/DD27DFF68A8611EE9D54156C4AD9E6FC.roa
Signing time: Fri 24 Nov 2023 05:03:54 +0000
ROA not before: Fri 24 Nov 2023 05:03:50 +0000
ROA not after: Tue 26 Dec 2023 05:03:50 +0000
asID: 62240
IP address blocks: 154.195.158.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 21260 (0x530c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Nov 24 05:03:50 2023 GMT
Not After : Dec 26 05:03:50 2023 GMT
Subject: CN=65602eb9-df01
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:20:2e:8c:f3:c4:2e:d1:da:92:7a:b0:3b:fd:
03:41:1f:17:96:fc:18:06:b6:93:38:fb:76:00:fa:
6e:51:73:f5:90:b7:4d:4c:c1:25:72:80:0c:3e:22:
bf:f6:70:1c:a4:16:e8:c2:2a:58:b7:69:85:70:ad:
14:f3:13:3a:14:17:82:47:44:b7:9c:0c:25:b3:3c:
78:b8:39:0a:77:b3:5c:27:9f:27:19:2e:06:76:b7:
fb:4e:f7:ea:a9:61:03:bd:a0:75:fb:08:cb:7c:2f:
7b:d1:98:72:6b:a7:b1:95:35:94:0a:33:88:7a:5c:
fd:28:cd:e3:bc:e3:0e:e9:95:dd:a8:09:3b:78:4b:
2f:7c:ed:10:01:7f:b6:b9:b3:70:cf:b1:8a:bf:c7:
8a:33:0d:69:fb:75:da:fe:19:91:e1:71:b4:11:7d:
ea:0f:ad:e6:0c:35:ae:4d:47:b8:a3:99:30:c9:ee:
a7:0f:e5:c8:95:5d:46:d6:7e:de:42:11:42:f8:c1:
32:87:a8:3f:9e:82:ba:72:70:f3:d5:96:8d:ad:17:
c6:14:b6:3b:ae:b6:78:29:48:bf:50:94:7b:da:e5:
28:9b:d2:22:93:e3:70:6f:a9:1f:71:50:24:37:a9:
68:02:bf:80:c7:ba:d1:1e:60:cb:15:d0:69:a0:68:
4a:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:05:A9:FD:02:D8:E2:C3:23:40:F4:62:3C:FE:14:3F:BC:6A:FA:51
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/DD27DFF68A8611EE9D54156C4AD9E6FC.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.195.158.0/24
Signature Algorithm: sha256WithRSAEncryption
20:54:47:af:39:7d:2b:ad:55:90:c6:35:18:7d:b9:6c:67:21:
a6:2c:05:15:f8:89:22:bc:83:56:ef:9c:23:26:2b:4e:e3:45:
61:8a:11:37:5b:80:e7:dc:38:f9:e3:d0:6a:92:0f:37:da:42:
3d:0e:41:f0:80:bf:90:55:5a:fa:a2:a8:32:2b:39:99:07:d7:
b9:a4:ca:30:6e:3d:cd:4f:af:89:5b:a4:7f:c9:1f:55:f7:10:
49:eb:6d:27:27:c2:9b:d4:3d:af:ae:5d:11:78:ac:ac:e4:a2:
d0:b4:42:50:a7:c9:fe:51:7f:f7:48:0f:ea:bb:d8:da:29:49:
5e:6b:16:ab:6e:2c:50:7b:da:5d:c9:32:27:86:03:18:88:5b:
da:40:50:ce:da:29:30:92:c1:16:f7:81:0d:a3:51:bd:32:11:
eb:4d:a4:fe:95:e2:90:3e:25:14:3e:98:fb:a7:3b:8a:db:f9:
9a:85:6a:4f:cf:f8:26:a0:47:ae:90:d8:13:8e:05:b2:24:4e:
75:f7:02:a9:c8:d3:db:d2:b6:a1:80:4a:fb:46:c6:0f:f3:8c:
89:7a:ab:59:74:25:eb:ce:21:bd:0d:c9:ba:cc:a8:e6:ef:9e:
b6:a4:fe:ef:b3:bb:3f:64:2d:77:90:a6:c8:12:4e:74:c5:58:
97:b7:f5:da
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICUwwwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
OEYyRDBBRjExMC8GA1UEBRMoMjVENjNFMDhFQUJFN0NGQTY3ODVENEMxRDZEMzQx
MTZERTE1QjNEQzAeFw0yMzExMjQwNTAzNTBaFw0yMzEyMjYwNTAzNTBaMBgxFjAU
BgNVBAMTDTY1NjAyZWI5LWRmMDEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQCtIC6M88Qu0dqSerA7/QNBHxeW/BgGtpM4+3YA+m5Rc/WQt01MwSVygAw+
Ir/2cBykFujCKli3aYVwrRTzEzoUF4JHRLecDCWzPHi4OQp3s1wnnycZLgZ2t/tO
9+qpYQO9oHX7CMt8L3vRmHJrp7GVNZQKM4h6XP0ozeO84w7pld2oCTt4Sy987RAB
f7a5s3DPsYq/x4ozDWn7ddr+GZHhcbQRfeoPreYMNa5NR7ijmTDJ7qcP5ciVXUbW
ft5CEUL4wTKHqD+egrpycPPVlo2tF8YUtjuutngpSL9QlHva5Sib0iKT43BvqR9x
UCQ3qWgCv4DHutEeYMsV0GmgaEoPAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUowWp
/QLY4sMjQPRiPP4UP7xq+lEwHwYDVR0jBBgwFoAUJdY+COq+fPpnhdTB1tNBFt4V
s9wwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjhGMkQwLzdGNEE5OEVBNkUwNTExRTg5QzBENkU0QkY4QUVBMjI4L0pkWS1D
T3EtZlBwbmhkVEIxdE5CRnQ0VnM5dy5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0pkWS1DT3EtZlBwbmhkVEIxdE5CRnQ0VnM5dy5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjhGMkQwLzdGNEE5OEVBNkUwNTExRTg5QzBENkU0QkY4
QUVBMjI4L0REMjdERkY2OEE4NjExRUU5RDU0MTU2QzRBRDlFNkZDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACaw54wDQYJKoZIhvcNAQEL
BQADggEBACBUR685fSutVZDGNRh9uWxnIaYsBRX4iSK8g1bvnCMmK07jRWGKETdb
gOfcOPnj0GqSDzfaQj0OQfCAv5BVWvqiqDIrOZkH17mkyjBuPc1Pr4lbpH/JH1X3
EEnrbScnwpvUPa+uXRF4rKzkotC0QlCnyf5Rf/dID+q72NopSV5rFqtuLFB72l3J
MieGAxiIW9pAUM7aKTCSwRb3gQ2jUb0yEetNpP6V4pA+JRQ+mPunO4rb+ZqFak/P
+CagR66Q2BOOBbIkTnX3AqnI09vStqGASvtGxg/zjIl6q1l0JevOIb0NybrMqObv
nrak/u+zuz9kLXeQpsgSTnTFWJe39do=
-----END CERTIFICATE-----
Generated at Fri May 9 11:07:05 2025 by rpki-client