Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/FCB388FEF87911EFBDDD1CA8762E951A.roa
File: FCB388FEF87911EFBDDD1CA8762E951A.roa (raw, json)
Hash identifier: jjnWar+LK4ymRuJmxN/dAwS6hOfF2Q65sjGUrkp+DAU=
Subject key identifier: 3A:A0:C4:BC:93:3B:E8:8E:67:C7:E0:EC:85:C3:5F:8D:D3:30:12:D2
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01714B
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/FCB388FEF87911EFBDDD1CA8762E951A.roa
Signing time: Mon 03 Mar 2025 21:53:49 +0000
ROA not before: Mon 03 Mar 2025 21:53:45 +0000
ROA not after: Thu 27 Mar 2025 21:53:45 +0000
asID: 44559
IP address blocks: 154.81.40.0/24 maxlen: 24
154.81.41.0/24 maxlen: 24
154.81.42.0/24 maxlen: 24
154.81.43.0/24 maxlen: 24
154.81.44.0/24 maxlen: 24
154.81.45.0/24 maxlen: 24
154.81.46.0/24 maxlen: 24
154.81.47.0/24 maxlen: 24
154.81.54.0/24 maxlen: 24
154.81.55.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 94539 (0x1714b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Mar 3 21:53:45 2025 GMT
Not After : Mar 27 21:53:45 2025 GMT
Subject: CN=67c624ec-8cf8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:b6:c1:d4:ca:db:66:ad:bd:ea:61:d6:cc:dd:
1b:29:d9:38:cc:d9:85:9b:4b:81:72:1c:94:8c:5d:
bc:0f:de:dc:d3:61:dc:de:1d:d5:9b:dd:0a:13:ae:
54:53:04:e3:aa:dd:dc:32:26:b9:4e:8c:e9:02:8d:
28:1a:e0:c4:48:6d:94:ae:9f:99:6a:2e:b2:3b:06:
64:2f:a5:a7:f7:75:fc:b3:26:a1:6a:99:da:f7:cb:
29:7e:f4:08:fe:c8:7a:65:cd:37:3c:9b:be:ed:cf:
c0:09:f4:4e:9a:c0:3e:e3:d2:22:3d:64:c8:df:49:
66:e0:65:2d:c5:cd:43:79:08:9f:ba:eb:2d:cd:5b:
34:0e:9b:b1:1d:70:15:a8:a1:07:e9:f6:44:1d:2b:
26:ba:4f:6f:35:cf:48:bb:9f:59:e7:59:b8:94:9c:
11:2e:be:ad:94:bc:ec:ec:40:2c:ea:f1:b6:82:d3:
23:3b:cd:9b:2f:89:db:59:a3:aa:6d:ed:5c:d5:9b:
0c:9e:b9:f4:08:93:55:4a:cf:29:31:c1:f3:0b:c5:
ed:af:d1:76:e3:12:b4:f8:aa:f8:aa:14:f9:de:ca:
e5:f6:8d:f8:3e:77:f8:2f:74:d1:48:44:64:27:08:
48:c7:05:d2:ec:5f:a6:2f:aa:c4:28:36:07:d7:c6:
7a:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:A0:C4:BC:93:3B:E8:8E:67:C7:E0:EC:85:C3:5F:8D:D3:30:12:D2
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/FCB388FEF87911EFBDDD1CA8762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.81.40.0/21
154.81.54.0/23
Signature Algorithm: sha256WithRSAEncryption
2f:6f:6c:25:f8:22:31:ea:93:5d:e9:84:c6:01:29:c3:34:31:
dc:f9:46:ba:6f:fd:8d:ef:7b:0d:1c:00:e7:0a:c8:f8:13:08:
53:15:49:d6:3c:a1:9f:6a:09:c1:10:48:7f:a5:f2:93:b9:1f:
7f:d7:fb:1f:ef:db:73:2e:02:1e:12:6d:52:a6:b3:db:c7:d5:
87:4d:d7:61:29:c2:ae:9f:77:7f:3f:79:05:78:76:66:39:90:
4b:e5:09:83:1a:1c:f1:f2:05:17:3a:1e:c6:e6:e7:2a:3e:a3:
7a:bf:a0:62:94:4e:04:ab:9c:09:3a:4a:94:38:8f:d1:9b:18:
34:1e:62:a5:da:a7:43:7d:32:63:af:47:45:19:13:db:b8:ba:
91:f9:28:4f:e5:0a:2e:c1:2d:f8:38:a6:90:88:d1:f9:2c:62:
16:64:88:7f:57:3c:67:50:f7:7f:d4:cd:49:c7:5b:a4:1a:f7:
8b:98:4a:e1:62:78:d3:8b:30:82:aa:47:fa:72:b5:87:2d:e7:
d7:4e:4e:35:52:77:4c:85:ee:c3:a0:43:18:59:4e:be:2b:84:
3d:57:82:9b:92:e6:a4:67:47:98:15:f5:40:73:8b:24:01:81:
7d:7a:83:76:ec:02:2d:42:12:87:9c:fb:f0:df:62:d0:1f:87:
24:56:fb:77
-----BEGIN CERTIFICATE-----
MIIFijCCBHKgAwIBAgIDAXFLMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMzAzMjE1MzQ1WhcNMjUwMzI3MjE1MzQ1WjAYMRYw
FAYDVQQDEw02N2M2MjRlYy04Y2Y4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA4LbB1MrbZq296mHWzN0bKdk4zNmFm0uBchyUjF28D97c02Hc3h3Vm90K
E65UUwTjqt3cMia5TozpAo0oGuDESG2Urp+Zai6yOwZkL6Wn93X8syahapna98sp
fvQI/sh6Zc03PJu+7c/ACfROmsA+49IiPWTI30lm4GUtxc1DeQifuustzVs0Dpux
HXAVqKEH6fZEHSsmuk9vNc9Iu59Z51m4lJwRLr6tlLzs7EAs6vG2gtMjO82bL4nb
WaOqbe1c1ZsMnrn0CJNVSs8pMcHzC8Xtr9F24xK0+Kr4qhT53srl9o34Pnf4L3TR
SERkJwhIxwXS7F+mL6rEKDYH18Z6eQIDAQABo4ICqzCCAqcwHQYDVR0OBBYEFDqg
xLyTO+iOZ8fg7IXDX43TMBLSMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9GQ0IzODhGRUY4NzkxMUVGQkRERDFDQTg3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDmlEoAwQBmlE2MA0GCSqG
SIb3DQEBCwUAA4IBAQAvb2wl+CIx6pNd6YTGASnDNDHc+Ua6b/2N73sNHADnCsj4
EwhTFUnWPKGfagnBEEh/pfKTuR9/1/sf79tzLgIeEm1SprPbx9WHTddhKcKun3d/
P3kFeHZmOZBL5QmDGhzx8gUXOh7G5ucqPqN6v6BilE4Eq5wJOkqUOI/Rmxg0HmKl
2qdDfTJjr0dFGRPbuLqR+ShP5QouwS34OKaQiNH5LGIWZIh/VzxnUPd/1M1Jx1uk
GveLmErhYnjTizCCqkf6crWHLefXTk41UndMhe7DoEMYWU6+K4Q9V4KbkuakZ0eY
FfVAc4skAYF9eoN27AItQhKHnPvw32LQH4ckVvt3
-----END CERTIFICATE-----
Generated at Fri May 9 21:56:21 2025 by rpki-client