Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/EDB507ACF5B711EF89C9826A762E951A.roa
File: EDB507ACF5B711EF89C9826A762E951A.roa (raw, json)
Hash identifier: bxjLEAHxuD5xsPEP7Pu2WwIYnyARZWDOopuyZNCraRo=
Subject key identifier: D9:5B:EA:24:E6:D6:BB:3F:C8:BF:2F:55:27:79:EA:38:C6:AD:14:B8
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 016A55
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/EDB507ACF5B711EF89C9826A762E951A.roa
Signing time: Fri 28 Feb 2025 09:39:39 +0000
ROA not before: Fri 28 Feb 2025 09:39:35 +0000
ROA not after: Mon 31 Mar 2025 09:39:35 +0000
asID: 399195
IP address blocks: 154.193.112.0/20 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 92757 (0x16a55)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Feb 28 09:39:35 2025 GMT
Not After : Mar 31 09:39:35 2025 GMT
Subject: CN=67c1845b-1b5d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:61:96:2f:d4:f7:6e:65:17:86:63:69:1c:59:
89:3e:e5:6b:8a:81:16:88:26:8e:9f:ad:7a:2f:f9:
b1:ac:4f:9a:09:9e:e6:3f:35:e7:63:7e:0f:68:5d:
5a:24:48:f7:c5:75:70:6a:23:12:8d:8c:c3:db:f0:
2d:9a:86:c3:0b:34:b5:7a:ac:ed:9b:68:70:70:fd:
c8:8e:c3:99:67:ea:b1:33:55:20:72:ab:28:87:64:
f5:eb:a2:57:29:85:e3:0c:5d:bc:f1:52:6d:d6:2e:
c8:1e:93:37:58:d4:c3:41:fb:25:82:f9:97:6e:37:
0c:e9:b3:e5:08:81:08:7c:bb:18:17:29:64:9e:e3:
2f:19:10:d2:a3:96:29:a8:26:40:a9:e6:a7:32:66:
7d:a0:e0:29:f8:cf:fb:ed:67:bc:b7:3b:c0:0c:5d:
d8:18:66:c7:bb:5d:35:c2:7f:c6:3b:40:9d:e4:fb:
af:24:67:55:46:b5:57:71:a8:48:f8:fb:06:3e:01:
d7:6d:0b:a6:ff:de:e8:7e:ab:e2:ea:c2:ac:f7:be:
39:80:40:40:d4:9e:91:80:ab:2d:fa:e2:36:0f:89:
74:90:37:e6:da:f4:7a:dd:50:3e:7c:cf:c8:f2:54:
65:5a:a9:2a:09:05:5b:d4:30:27:2f:b9:1e:7b:3e:
6a:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:5B:EA:24:E6:D6:BB:3F:C8:BF:2F:55:27:79:EA:38:C6:AD:14:B8
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/EDB507ACF5B711EF89C9826A762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.193.112.0/20
Signature Algorithm: sha256WithRSAEncryption
31:b9:21:25:e3:5b:51:ce:dd:b6:af:8f:a2:83:6b:d5:a5:40:
cf:f2:db:75:2b:5e:16:62:1c:ef:56:e5:41:3e:ab:b9:ab:a5:
bc:ba:0b:48:1e:51:27:20:46:ab:47:41:c5:d3:f3:35:4d:5a:
d0:b8:d1:67:d5:68:75:49:b1:14:c0:80:3a:8c:1d:96:c1:08:
cb:f5:9c:5a:77:5c:81:aa:6f:6f:7d:b5:8b:56:2d:ce:0a:2a:
66:42:1d:b5:dc:0b:41:1a:1b:db:b5:6a:b6:c4:58:37:5c:1d:
72:27:e2:6e:9c:7d:7e:ed:86:4c:2a:1f:32:dc:dd:f5:c2:64:
ac:8d:9f:e2:41:54:4b:81:b4:16:4d:23:10:7c:3d:98:cd:64:
85:9d:ff:41:18:bd:7a:f6:c9:b9:e6:56:87:ca:75:ba:57:94:
d3:64:7c:ba:25:b1:bc:b6:72:9a:9f:24:41:24:19:2c:ec:5c:
bd:12:3a:cf:64:5a:87:67:44:44:b1:a7:c6:8f:06:ac:c6:3b:
1f:39:5d:69:d3:ca:56:58:c7:b2:d4:ba:d8:e3:80:62:f0:75:
4e:e8:eb:50:90:05:0c:94:63:1e:97:ed:4f:fe:ca:80:80:8e:
d4:69:c4:1a:b9:22:24:5d:5e:a3:69:71:a5:48:44:4b:64:16:
50:a5:1f:cb
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAWpVMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMjI4MDkzOTM1WhcNMjUwMzMxMDkzOTM1WjAYMRYw
FAYDVQQDEw02N2MxODQ1Yi0xYjVkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAxGGWL9T3bmUXhmNpHFmJPuVrioEWiCaOn616L/mxrE+aCZ7mPzXnY34P
aF1aJEj3xXVwaiMSjYzD2/AtmobDCzS1eqztm2hwcP3IjsOZZ+qxM1Ugcqsoh2T1
66JXKYXjDF288VJt1i7IHpM3WNTDQfslgvmXbjcM6bPlCIEIfLsYFylknuMvGRDS
o5YpqCZAqeanMmZ9oOAp+M/77We8tzvADF3YGGbHu101wn/GO0Cd5PuvJGdVRrVX
cahI+PsGPgHXbQum/97ofqvi6sKs9745gEBA1J6RgKst+uI2D4l0kDfm2vR63VA+
fM/I8lRlWqkqCQVb1DAnL7keez5qQQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFNlb
6iTm1rs/yL8vVSd56jjGrRS4MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9FREI1MDdBQ0Y1QjcxMUVGODlDOTgyNkE3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEmsFwMA0GCSqGSIb3DQEB
CwUAA4IBAQAxuSEl41tRzt22r4+ig2vVpUDP8tt1K14WYhzvVuVBPqu5q6W8ugtI
HlEnIEarR0HF0/M1TVrQuNFn1Wh1SbEUwIA6jB2WwQjL9Zxad1yBqm9vfbWLVi3O
CipmQh213AtBGhvbtWq2xFg3XB1yJ+JunH1+7YZMKh8y3N31wmSsjZ/iQVRLgbQW
TSMQfD2YzWSFnf9BGL169sm55laHynW6V5TTZHy6JbG8tnKanyRBJBks7Fy9EjrP
ZFqHZ0REsafGjwasxjsfOV1p08pWWMey1LrY44Bi8HVO6OtQkAUMlGMel+1P/sqA
gI7UacQauSIkXV6jaXGlSERLZBZQpR/L
-----END CERTIFICATE-----
Generated at Fri May 9 11:40:10 2025 by rpki-client