Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/E418A3A6F4D711EF8F7F036A762E951A.roa
File: E418A3A6F4D711EF8F7F036A762E951A.roa (raw, json)
Hash identifier: uZ3PDKP4urMcsKeuOOHIsU1XQMCM1IamFmnxUbkiKOI=
Subject key identifier: 5F:36:62:DF:A7:60:8D:A9:2F:33:CC:57:7B:EF:5A:BD:80:93:32:86
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 016685
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/E418A3A6F4D711EF8F7F036A762E951A.roa
Signing time: Thu 27 Feb 2025 06:55:55 +0000
ROA not before: Thu 27 Feb 2025 06:55:52 +0000
ROA not after: Fri 28 Mar 2025 06:55:52 +0000
asID: 214413
IP address blocks: 154.193.136.0/21 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 91781 (0x16685)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Feb 27 06:55:52 2025 GMT
Not After : Mar 28 06:55:52 2025 GMT
Subject: CN=67c00c7b-8b2b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:8f:ed:6c:9e:e0:17:49:92:d7:a1:3c:fa:89:
e9:3c:b0:2a:7a:3d:d4:da:8c:1b:6c:2b:4e:17:86:
a4:d4:d3:61:b0:96:e0:44:bd:66:9a:5a:e1:11:10:
17:04:8f:bf:02:9f:15:a2:24:fd:01:f8:1f:27:ab:
e0:c3:e2:5d:5e:c8:48:3c:fb:68:3d:8f:1d:07:19:
36:63:58:25:c2:e4:b5:8b:cc:50:5f:74:41:f0:37:
a4:87:61:57:63:59:d8:16:8a:70:4d:20:eb:b6:c5:
5f:c2:18:04:18:45:c9:26:da:10:90:73:6d:3b:77:
6b:7a:ef:1d:a7:2a:4e:94:43:61:08:f1:bf:94:01:
b6:cd:fb:db:e1:e7:5d:fd:fd:bb:c3:2d:22:86:df:
06:79:6d:42:06:b2:36:f8:79:12:25:af:34:07:4c:
f6:53:29:97:5c:fd:31:f7:f6:3d:46:e6:b3:09:54:
a5:46:61:ba:48:8a:2f:10:fe:65:8e:af:90:c6:4c:
0a:58:4d:93:3e:ce:ad:fa:b5:d7:1c:94:2a:cf:0f:
a7:e2:de:5c:8d:bd:dc:0c:48:c5:d5:12:c2:df:63:
9f:9d:3b:70:fc:96:e3:61:03:9d:c3:01:4a:dd:0e:
ba:45:70:c7:b0:aa:f4:83:eb:f2:29:9a:15:b5:71:
23:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:36:62:DF:A7:60:8D:A9:2F:33:CC:57:7B:EF:5A:BD:80:93:32:86
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/E418A3A6F4D711EF8F7F036A762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.193.136.0/21
Signature Algorithm: sha256WithRSAEncryption
3e:be:71:87:76:bd:b5:e6:c7:9b:81:f8:b7:e0:cc:94:d7:c9:
2b:27:4d:34:61:cd:eb:cb:2d:37:a9:8d:20:11:e5:8a:ba:2f:
95:84:ec:0b:66:5e:81:c6:d7:79:f1:77:2c:e1:7b:42:55:50:
a2:4b:73:62:10:73:fb:25:31:92:c5:e0:0a:92:9c:02:61:22:
d0:f9:25:56:52:53:75:b3:74:33:c2:05:6b:15:ab:42:ec:fc:
55:1f:88:9e:14:38:e1:12:e1:a6:82:ac:2e:49:ee:3c:9c:18:
67:e0:ea:a7:9c:80:6b:56:ce:60:c8:98:36:79:61:7e:44:b6:
6f:84:93:5e:98:43:6f:40:ac:4c:d1:f3:ea:30:17:6a:0e:ec:
7d:af:77:f7:82:f6:89:ff:41:ec:bb:d6:78:d5:fb:bf:52:ab:
1d:89:87:e9:50:4f:fa:f9:4c:b7:15:c0:4d:81:3b:55:e4:b4:
7b:38:f3:b2:8e:db:b3:6f:a2:83:1d:3f:da:df:bd:82:00:53:
3f:e0:ae:75:6b:a6:b2:b8:94:59:ed:51:3a:61:ec:f4:f6:72:
fc:ae:26:23:ee:0b:80:a7:66:bb:79:66:ba:36:1d:aa:b7:df:
64:29:c1:18:02:25:f5:74:33:21:31:2f:12:8b:2a:a4:10:f1:
77:d3:b1:95
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAWaFMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMjI3MDY1NTUyWhcNMjUwMzI4MDY1NTUyWjAYMRYw
FAYDVQQDEw02N2MwMGM3Yi04YjJiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAwI/tbJ7gF0mS16E8+onpPLAqej3U2owbbCtOF4ak1NNhsJbgRL1mmlrh
ERAXBI+/Ap8VoiT9AfgfJ6vgw+JdXshIPPtoPY8dBxk2Y1glwuS1i8xQX3RB8Dek
h2FXY1nYFopwTSDrtsVfwhgEGEXJJtoQkHNtO3dreu8dpypOlENhCPG/lAG2zfvb
4edd/f27wy0iht8GeW1CBrI2+HkSJa80B0z2UymXXP0x9/Y9RuazCVSlRmG6SIov
EP5ljq+QxkwKWE2TPs6t+rXXHJQqzw+n4t5cjb3cDEjF1RLC32OfnTtw/JbjYQOd
wwFK3Q66RXDHsKr0g+vyKZoVtXEjKQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFF82
Yt+nYI2pLzPMV3vvWr2AkzKGMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9FNDE4QTNBNkY0RDcxMUVGOEY3RjAzNkE3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDmsGIMA0GCSqGSIb3DQEB
CwUAA4IBAQA+vnGHdr215sebgfi34MyU18krJ000Yc3ryy03qY0gEeWKui+VhOwL
Zl6Bxtd58Xcs4XtCVVCiS3NiEHP7JTGSxeAKkpwCYSLQ+SVWUlN1s3QzwgVrFatC
7PxVH4ieFDjhEuGmgqwuSe48nBhn4OqnnIBrVs5gyJg2eWF+RLZvhJNemENvQKxM
0fPqMBdqDux9r3f3gvaJ/0Hsu9Z41fu/UqsdiYfpUE/6+Uy3FcBNgTtV5LR7OPOy
jtuzb6KDHT/a372CAFM/4K51a6ayuJRZ7VE6Yez09nL8riYj7guAp2a7eWa6Nh2q
t99kKcEYAiX1dDMhMS8SiyqkEPF307GV
-----END CERTIFICATE-----
Generated at Fri May 9 11:44:28 2025 by rpki-client