Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/FDB70A26F62811EF87FCB968762E951A.roa
File: FDB70A26F62811EF87FCB968762E951A.roa (raw, json)
Hash identifier: pMJG/OGablVuYzuVpot4Qp+YH++j3mTDnt2SQudss6w=
Subject key identifier: 82:B6:FC:FD:A3:71:26:88:38:9E:F9:3E:78:FB:A9:26:27:CB:68:02
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 016CB5
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/FDB70A26F62811EF87FCB968762E951A.roa
Signing time: Fri 28 Feb 2025 23:08:59 +0000
ROA not before: Fri 28 Feb 2025 23:08:55 +0000
ROA not after: Wed 26 Mar 2025 23:08:55 +0000
asID: 62240
IP address blocks: 154.194.122.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 93365 (0x16cb5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Feb 28 23:08:55 2025 GMT
Not After : Mar 26 23:08:55 2025 GMT
Subject: CN=67c2420b-94a8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:6c:dc:16:d5:20:0e:9a:9e:e8:54:9c:8a:f7:
c2:2e:32:37:2b:58:9a:b7:7a:a1:1a:f5:f9:64:c2:
3c:f8:10:09:7e:f2:45:3d:e6:b3:57:f2:da:9f:7b:
a8:2e:3c:79:be:c2:07:83:01:8b:05:82:16:a7:03:
9e:85:8c:4c:74:6e:4b:10:5d:f6:fd:9e:f3:e1:c6:
d3:cd:18:ac:3f:d9:af:0d:e2:ce:d7:7f:a0:eb:53:
56:81:c1:d7:26:12:c5:be:91:e7:b3:10:3e:45:d6:
3a:a6:a7:2d:bd:6b:cc:82:65:7b:15:c6:ed:43:ee:
6d:ef:ac:b8:24:ac:04:d6:96:a7:eb:08:bd:4c:70:
71:a8:1c:dd:9f:f9:22:4d:b9:02:b1:c9:a8:09:5b:
d5:53:f0:c7:b9:9c:90:34:d3:3d:5c:50:52:33:8a:
d2:72:e8:ab:c7:80:73:0e:51:1a:2b:36:50:e4:00:
77:54:f7:98:1f:83:ac:c5:cc:cf:f9:c3:55:d6:65:
67:b5:fa:2b:11:19:cb:5f:5c:ae:a4:d5:77:15:ab:
ea:65:be:3a:1c:4b:d6:23:44:33:d4:c6:9d:94:b8:
09:dc:ef:4c:a6:d7:27:ba:21:57:60:76:25:78:d6:
84:44:b2:5b:aa:cb:fb:1b:aa:4f:d4:ef:2e:e7:70:
55:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:B6:FC:FD:A3:71:26:88:38:9E:F9:3E:78:FB:A9:26:27:CB:68:02
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/FDB70A26F62811EF87FCB968762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.194.122.0/24
Signature Algorithm: sha256WithRSAEncryption
b9:ce:44:8c:6d:3d:4c:75:52:5a:69:3a:93:97:e9:31:22:e5:
6f:a4:30:d9:41:e8:fa:1b:54:d3:42:6c:14:70:23:73:42:d6:
9a:be:8b:2f:b2:eb:5c:17:d1:e9:ed:35:95:fc:06:5c:f1:3e:
78:8c:5a:61:3b:05:4f:db:76:22:79:ce:22:82:bb:8a:e9:38:
37:7f:70:3d:81:05:5a:42:42:40:97:8e:70:1e:c3:70:f9:04:
ad:e6:86:2c:b7:74:83:d2:88:03:4b:1f:ae:8b:75:b9:24:7f:
25:45:38:e4:9b:ea:a8:c1:c8:95:76:ca:5d:a8:d3:60:dd:9d:
3b:d4:e0:45:65:d1:64:3b:5f:03:e5:44:bb:e3:3b:34:5c:d5:
94:11:62:18:0b:b9:b9:46:3c:84:b9:94:a6:fc:79:db:aa:b2:
ac:28:4e:8c:2b:c6:01:06:f5:b0:e5:fa:e2:68:34:58:7c:bb:
e9:f3:c1:08:21:8f:1f:73:d3:cd:d1:d5:fc:95:28:c9:e2:4e:
63:37:de:69:0e:de:bc:d5:d2:2e:19:a4:0c:6d:b7:33:4c:ed:
7d:51:ce:3b:fb:40:29:e9:3e:c5:85:ba:83:0f:52:e3:4d:0d:
41:2c:26:b0:e5:b5:06:b9:ea:f4:85:2f:51:e0:53:0c:4a:94:
5a:a2:82:1f
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAWy1MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMjI4MjMwODU1WhcNMjUwMzI2MjMwODU1WjAYMRYw
FAYDVQQDEw02N2MyNDIwYi05NGE4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAp2zcFtUgDpqe6FScivfCLjI3K1iat3qhGvX5ZMI8+BAJfvJFPeazV/La
n3uoLjx5vsIHgwGLBYIWpwOehYxMdG5LEF32/Z7z4cbTzRisP9mvDeLO13+g61NW
gcHXJhLFvpHnsxA+RdY6pqctvWvMgmV7FcbtQ+5t76y4JKwE1pan6wi9THBxqBzd
n/kiTbkCscmoCVvVU/DHuZyQNNM9XFBSM4rScuirx4BzDlEaKzZQ5AB3VPeYH4Os
xczP+cNV1mVntforERnLX1yupNV3FavqZb46HEvWI0Qz1MadlLgJ3O9MptcnuiFX
YHYleNaERLJbqsv7G6pP1O8u53BVTQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFIK2
/P2jcSaIOJ75Pnj7qSYny2gCMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9GREI3MEEyNkY2MjgxMUVGODdGQ0I5Njg3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmsJ6MA0GCSqGSIb3DQEB
CwUAA4IBAQC5zkSMbT1MdVJaaTqTl+kxIuVvpDDZQej6G1TTQmwUcCNzQtaavosv
sutcF9Hp7TWV/AZc8T54jFphOwVP23Yiec4igruK6Tg3f3A9gQVaQkJAl45wHsNw
+QSt5oYst3SD0ogDSx+ui3W5JH8lRTjkm+qowciVdspdqNNg3Z071OBFZdFkO18D
5US74zs0XNWUEWIYC7m5RjyEuZSm/HnbqrKsKE6MK8YBBvWw5friaDRYfLvp88EI
IY8fc9PN0dX8lSjJ4k5jN95pDt681dIuGaQMbbczTO19Uc47+0Ap6T7FhbqDD1Lj
TQ1BLCaw5bUGuer0hS9R4FMMSpRaooIf
-----END CERTIFICATE-----
Generated at Fri May 9 17:15:08 2025 by rpki-client