Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/FDB3E0F2D8BF11EFA7E7154B762E951A.roa
File: FDB3E0F2D8BF11EFA7E7154B762E951A.roa (raw, json)
Hash identifier: gZfqewzi36pAzLR268PqTbdW3AFUcjfFRlWKJDw2rbc=
Subject key identifier: 38:49:BD:BA:28:E6:25:D9:DD:8F:6D:B4:E7:EF:3B:37:C3:8C:82:3B
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 013F64
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/FDB3E0F2D8BF11EFA7E7154B762E951A.roa
Signing time: Wed 22 Jan 2025 12:54:18 +0000
ROA not before: Wed 22 Jan 2025 12:54:14 +0000
ROA not after: Tue 01 Apr 2025 12:54:14 +0000
asID: 138915
IP address blocks: 154.93.126.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 81764 (0x13f64)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jan 22 12:54:14 2025 GMT
Not After : Apr 1 12:54:14 2025 GMT
Subject: CN=6790ea7a-9396
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:3d:75:2c:8b:b1:25:88:cb:ad:58:ba:61:47:
4b:a7:83:eb:98:ec:a7:ec:d8:f2:e3:4d:a8:63:fe:
f8:20:59:e7:c2:09:44:00:5e:96:db:4b:27:24:4d:
1b:0a:d4:f6:74:a2:a0:33:bd:ce:e5:63:cc:d8:55:
2f:76:b1:20:ad:bf:66:1a:18:72:ed:c0:7f:03:b6:
54:22:6c:3a:4f:db:28:4a:11:41:34:98:78:6f:53:
4c:36:c6:d0:25:28:6b:f9:cf:1d:ac:d7:c1:95:0f:
9e:f9:41:be:47:d9:3a:c9:48:4e:c5:6a:c5:ce:b8:
bb:de:34:0c:a4:00:64:77:f1:81:ac:04:9b:4c:3e:
15:9d:86:55:15:8a:8a:be:8a:ce:3c:d7:60:4f:7d:
b6:ed:b5:8e:69:49:0a:82:1a:df:6c:5f:10:4f:a5:
4f:9a:00:97:e8:66:0f:02:bd:44:42:21:44:12:5b:
10:ed:df:5b:3c:bd:1d:94:37:82:c0:61:5d:69:90:
6f:f4:fb:ea:bb:c3:2b:ee:97:9c:5d:0c:f3:35:1b:
e4:3d:b1:20:e0:fa:e9:3b:0d:93:69:db:77:c5:bd:
7c:75:23:c7:4e:f9:e6:f3:a5:ad:33:f4:5c:c6:ed:
20:38:7f:33:e7:01:30:8a:81:b9:b1:69:94:ea:8e:
68:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:49:BD:BA:28:E6:25:D9:DD:8F:6D:B4:E7:EF:3B:37:C3:8C:82:3B
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/FDB3E0F2D8BF11EFA7E7154B762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.93.126.0/24
Signature Algorithm: sha256WithRSAEncryption
58:46:7a:f6:d5:66:0f:57:30:6d:76:50:d7:6d:3b:8c:07:e7:
e6:d0:60:75:4b:2a:c2:f3:39:49:9b:a3:58:5a:8e:07:27:fb:
5a:1a:dd:13:7f:0e:62:26:3f:24:6c:ad:39:6c:63:d1:51:b7:
71:29:f5:b0:48:b0:ca:6c:c6:41:6e:06:90:a3:4a:2a:ff:a8:
ed:a1:47:c3:d9:13:d3:ee:dd:54:fa:8c:25:30:06:31:cc:bf:
97:76:4c:63:3e:cc:3d:b5:a9:ac:ba:ca:e5:a3:59:7d:8f:99:
99:a3:c8:ce:95:7e:3b:de:41:03:71:de:7e:e5:2c:2b:1b:99:
3a:94:d0:02:d2:68:df:61:4b:19:e2:7d:b6:72:27:1c:94:82:
d7:0e:1c:73:0c:bf:04:fc:9a:c2:c7:e9:88:ab:0f:1c:72:d6:
2e:f0:1c:9e:0d:b3:4a:5e:a8:8e:8b:49:ff:5b:3b:5a:dc:76:
4a:ed:de:6f:66:2a:c5:6d:d9:69:82:4a:58:2d:12:22:76:91:
ff:3f:a9:28:8b:7b:bf:83:3f:bc:9a:83:b3:b5:a0:d5:37:77:
e8:d9:4b:ca:2e:41:b8:18:b3:0c:27:12:d0:e0:b2:22:9d:05:
74:e6:40:0a:1b:e0:16:ab:07:27:f7:67:b0:8f:4f:a6:cd:55:
45:49:e0:e7
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAT9kMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTIyMTI1NDE0WhcNMjUwNDAxMTI1NDE0WjAYMRYw
FAYDVQQDEw02NzkwZWE3YS05Mzk2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAzz11LIuxJYjLrVi6YUdLp4PrmOyn7Njy402oY/74IFnnwglEAF6W20sn
JE0bCtT2dKKgM73O5WPM2FUvdrEgrb9mGhhy7cB/A7ZUImw6T9soShFBNJh4b1NM
NsbQJShr+c8drNfBlQ+e+UG+R9k6yUhOxWrFzri73jQMpABkd/GBrASbTD4VnYZV
FYqKvorOPNdgT3227bWOaUkKghrfbF8QT6VPmgCX6GYPAr1EQiFEElsQ7d9bPL0d
lDeCwGFdaZBv9Pvqu8Mr7pecXQzzNRvkPbEg4PrpOw2Tadt3xb18dSPHTvnm86Wt
M/Rcxu0gOH8z5wEwioG5sWmU6o5oqwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFDhJ
vboo5iXZ3Y9ttOfvOzfDjII7MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9GREIzRTBGMkQ4QkYxMUVGQTdFNzE1NEI3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAml1+MA0GCSqGSIb3DQEB
CwUAA4IBAQBYRnr21WYPVzBtdlDXbTuMB+fm0GB1SyrC8zlJm6NYWo4HJ/taGt0T
fw5iJj8kbK05bGPRUbdxKfWwSLDKbMZBbgaQo0oq/6jtoUfD2RPT7t1U+owlMAYx
zL+XdkxjPsw9tamsusrlo1l9j5mZo8jOlX473kEDcd5+5SwrG5k6lNAC0mjfYUsZ
4n22cicclILXDhxzDL8E/JrCx+mIqw8cctYu8ByeDbNKXqiOi0n/Wzta3HZK7d5v
ZirFbdlpgkpYLRIidpH/P6koi3u/gz+8moOztaDVN3fo2UvKLkG4GLMMJxLQ4LIi
nQV05kAKG+AWqwcn92ewj0+mzVVFSeDn
-----END CERTIFICATE-----
Generated at Thu Apr 17 04:25:04 2025 by rpki-client