Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/E7F40AD2F5B911EF935B5D78762E951A.roa
File: E7F40AD2F5B911EF935B5D78762E951A.roa (raw, json)
Hash identifier: J+VPfbbGuczk2nLy4nbxkQ/KmbRyIRopTRxEZdGvGrc=
Subject key identifier: 84:8B:45:9E:31:46:34:19:2B:C8:15:C2:ED:69:BF:95:E1:3D:41:30
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 016A66
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/E7F40AD2F5B911EF935B5D78762E951A.roa
Signing time: Fri 28 Feb 2025 09:53:48 +0000
ROA not before: Fri 28 Feb 2025 09:53:44 +0000
ROA not after: Mon 31 Mar 2025 09:53:44 +0000
asID: 54600
IP address blocks: 154.219.32.0/19 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 92774 (0x16a66)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Feb 28 09:53:44 2025 GMT
Not After : Mar 31 09:53:44 2025 GMT
Subject: CN=67c187ac-0f5a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:55:0d:48:54:a1:e8:c4:32:3a:86:1d:04:a2:
2f:b5:be:cb:bc:06:d9:6e:21:c0:2f:93:2a:07:6e:
92:37:4a:6f:15:07:32:ad:2d:8f:04:a1:84:91:f5:
90:60:c6:9a:ac:b1:3a:31:a0:7f:2e:cd:48:12:75:
62:0a:37:d0:b5:1d:05:d0:18:7d:5f:db:4e:02:b0:
64:21:29:7e:ba:ba:01:30:7a:25:bf:44:f5:5b:09:
57:79:f1:d3:d4:ac:36:9e:3b:fa:6f:c8:b2:2f:63:
01:5e:d9:b7:01:1e:c1:25:f9:ce:b9:4d:19:84:b0:
5f:02:18:5e:58:c6:1f:b5:88:0d:25:57:76:b6:63:
02:7f:29:d6:7f:e3:fc:7d:aa:f7:1f:c6:b9:d0:76:
ef:d8:63:97:e9:0b:65:3d:96:2a:e2:1f:b3:af:00:
f2:56:77:d1:ac:2b:a5:63:b5:eb:cb:a3:58:97:a2:
bd:ed:30:d9:73:cd:e5:e6:5e:59:b8:ce:ed:d3:62:
f7:cd:c3:1c:a5:f7:ea:aa:a8:f0:bd:3a:6f:ab:88:
e8:30:ac:4e:04:ec:d5:3e:c4:2f:f9:b5:60:03:f1:
41:d8:ba:46:7b:a1:10:91:f2:be:4e:e6:8f:57:bf:
a2:5c:96:bc:37:02:ce:7c:80:55:8e:3b:a0:cd:c0:
59:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:8B:45:9E:31:46:34:19:2B:C8:15:C2:ED:69:BF:95:E1:3D:41:30
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/E7F40AD2F5B911EF935B5D78762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.219.32.0/19
Signature Algorithm: sha256WithRSAEncryption
2b:b5:cd:0a:56:45:87:68:db:9d:57:43:79:1b:b1:63:09:6a:
5a:c2:96:49:13:77:6d:23:63:24:21:cc:2e:9a:df:2b:71:6b:
46:33:3a:2d:9d:64:24:7b:d9:0c:52:4b:d1:4f:36:47:bc:d5:
29:57:f3:af:8a:c2:17:04:bc:ff:ed:d6:38:0a:2a:1a:69:89:
6b:13:9b:63:05:02:5f:1e:0a:2a:48:cf:2a:b6:eb:28:01:e0:
e4:6f:9d:14:eb:ff:f4:e9:82:c2:51:34:78:62:5b:cd:e1:76:
b1:e6:3d:e3:e2:3c:3d:68:b0:83:2d:ed:32:77:c6:eb:23:56:
6a:cd:a4:db:1c:47:69:48:14:c1:e7:5c:db:02:64:37:a1:e4:
31:a8:c5:21:d0:5e:83:fa:b2:b9:5d:0f:63:2e:71:08:e3:90:
a0:2d:35:75:a6:01:b7:08:7d:26:e4:46:b0:f4:f3:90:77:64:
dd:2a:c3:2c:6f:22:be:ec:28:0f:71:e9:2a:04:f2:4e:5e:52:
1d:b1:7b:6f:0a:f2:c2:af:20:f1:55:11:7d:25:3e:b1:6a:33:
c3:d8:f2:51:eb:fe:c5:e4:6b:3e:e8:72:0a:34:a5:92:6f:34:
4d:ac:59:1f:c4:57:30:ad:aa:d0:e8:df:f9:55:8d:76:3e:e6:
e1:2a:7d:2e
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAWpmMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMjI4MDk1MzQ0WhcNMjUwMzMxMDk1MzQ0WjAYMRYw
FAYDVQQDEw02N2MxODdhYy0wZjVhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA51UNSFSh6MQyOoYdBKIvtb7LvAbZbiHAL5MqB26SN0pvFQcyrS2PBKGE
kfWQYMaarLE6MaB/Ls1IEnViCjfQtR0F0Bh9X9tOArBkISl+uroBMHolv0T1WwlX
efHT1Kw2njv6b8iyL2MBXtm3AR7BJfnOuU0ZhLBfAhheWMYftYgNJVd2tmMCfynW
f+P8far3H8a50Hbv2GOX6QtlPZYq4h+zrwDyVnfRrCulY7Xry6NYl6K97TDZc83l
5l5ZuM7t02L3zcMcpffqqqjwvTpvq4joMKxOBOzVPsQv+bVgA/FB2LpGe6EQkfK+
TuaPV7+iXJa8NwLOfIBVjjugzcBZ5wIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFISL
RZ4xRjQZK8gVwu1pv5XhPUEwMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9FN0Y0MEFEMkY1QjkxMUVGOTM1QjVENzg3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQFmtsgMA0GCSqGSIb3DQEB
CwUAA4IBAQArtc0KVkWHaNudV0N5G7FjCWpawpZJE3dtI2MkIcwumt8rcWtGMzot
nWQke9kMUkvRTzZHvNUpV/OvisIXBLz/7dY4CioaaYlrE5tjBQJfHgoqSM8qtuso
AeDkb50U6//06YLCUTR4YlvN4Xax5j3j4jw9aLCDLe0yd8brI1ZqzaTbHEdpSBTB
51zbAmQ3oeQxqMUh0F6D+rK5XQ9jLnEI45CgLTV1pgG3CH0m5Eaw9POQd2TdKsMs
byK+7CgPcekqBPJOXlIdsXtvCvLCryDxVRF9JT6xajPD2PJR6/7F5Gs+6HIKNKWS
bzRNrFkfxFcwrarQ6N/5VY12PubhKn0u
-----END CERTIFICATE-----
Generated at Fri May 9 06:19:44 2025 by rpki-client