Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/474618BA13CC11F0960CA25F762E951A.roa
File: 474618BA13CC11F0960CA25F762E951A.roa (raw, json)
Hash identifier: ppQNyBAtrDtuM+irqMgKGgW9iUHby4m0GpuXGgGIZAE=
Subject key identifier: DA:1D:94:D3:2F:0A:A1:71:7F:A7:F8:16:DB:26:CA:9D:1E:35:59:4C
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 017810
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/474618BA13CC11F0960CA25F762E951A.roa
Signing time: Mon 07 Apr 2025 16:20:54 +0000
ROA not before: Mon 07 Apr 2025 16:20:50 +0000
ROA not after: Sun 11 May 2025 16:20:50 +0000
asID: 60223
IP address blocks: 154.81.179.0/24 maxlen: 24
154.81.182.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 96272 (0x17810)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Apr 7 16:20:50 2025 GMT
Not After : May 11 16:20:50 2025 GMT
Subject: CN=67f3fb66-784b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:d0:bc:ce:fe:03:8b:81:44:0f:98:38:de:e1:
f7:da:1c:75:e1:29:7a:ba:06:27:0c:f7:cf:f5:93:
b9:34:48:94:3f:f3:86:33:8f:39:80:5e:34:b6:2a:
fa:50:ba:66:ff:cf:74:32:6b:b8:84:1d:dc:b1:a8:
c0:bd:b6:79:20:de:87:f9:10:88:f4:15:a1:87:cd:
2e:4a:d5:8f:8c:24:7f:3d:01:e6:cd:2b:08:82:8a:
71:d3:94:ea:07:4b:82:f0:e7:99:52:5c:d2:27:13:
e2:da:6a:6f:24:3e:75:5f:dd:52:7d:49:2f:09:fa:
12:fb:52:eb:aa:07:80:34:31:59:d8:6e:c9:e1:66:
8f:8d:a4:04:49:e2:81:23:d7:3d:fa:5b:61:e4:e7:
39:5c:bb:ef:34:b0:a1:62:e3:39:41:dc:ef:49:05:
95:c4:20:49:1b:bd:67:8c:b1:28:a9:ba:bf:59:3b:
16:0d:e8:76:46:11:06:e2:02:e0:b6:c3:aa:a3:63:
bd:4b:93:1f:84:e4:ec:61:ff:70:37:f9:d3:75:a4:
c8:bc:a9:40:af:d7:11:88:2e:17:5d:dc:f6:ba:03:
57:27:b4:bb:df:64:3c:f5:55:17:e8:4a:d2:d7:21:
1f:b7:2f:30:96:4f:ff:de:f5:92:9b:8b:9a:85:9b:
d2:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:1D:94:D3:2F:0A:A1:71:7F:A7:F8:16:DB:26:CA:9D:1E:35:59:4C
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/474618BA13CC11F0960CA25F762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.81.179.0/24
154.81.182.0/24
Signature Algorithm: sha256WithRSAEncryption
2d:f5:53:80:4f:c1:41:aa:9a:02:fe:1f:70:a4:93:c2:60:49:
c4:31:c7:ae:18:4c:d8:c0:2b:aa:2b:7a:a6:ac:02:20:77:e0:
96:d2:a4:98:6b:14:36:e6:21:f2:14:6e:11:b2:28:0b:5d:ea:
70:e0:bb:dc:55:9b:f3:32:b6:79:6f:4f:86:24:99:fb:d7:c3:
2d:a8:d8:96:b9:3c:7e:f3:5f:cb:a2:8d:85:fa:73:ca:b3:d0:
ee:cb:54:08:ad:dc:1e:5e:71:49:ae:fc:0f:a3:75:bd:7a:9e:
38:ae:6e:cf:4d:f0:ed:06:45:91:87:b1:b3:3f:1b:1d:93:ba:
d3:72:8e:0b:75:d4:e5:22:7a:1f:e5:d7:75:01:40:e1:97:4e:
6c:5b:a4:74:cf:7e:2f:0f:0e:a0:4d:f4:28:ee:c6:43:12:69:
3f:32:98:cd:73:07:10:09:78:a5:b9:80:d3:85:54:ba:77:b4:
c5:2b:1a:09:4d:2d:e5:9d:f2:3d:a0:b0:7f:e2:fe:cf:52:6d:
fa:0e:67:ad:b8:c0:2e:a3:4d:e0:d9:58:82:40:4f:72:4f:97:
9f:f6:ec:6b:c0:bb:fc:f9:df:44:67:33:61:a4:71:b0:43:e1:
f4:36:30:dd:40:97:ef:6c:ca:8d:2a:ec:9d:ea:59:1c:bd:43:
5e:dc:0c:35
-----BEGIN CERTIFICATE-----
MIIFijCCBHKgAwIBAgIDAXgQMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNDA3MTYyMDUwWhcNMjUwNTExMTYyMDUwWjAYMRYw
FAYDVQQDEw02N2YzZmI2Ni03ODRiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAoNC8zv4Di4FED5g43uH32hx14Sl6ugYnDPfP9ZO5NEiUP/OGM485gF40
tir6ULpm/890Mmu4hB3csajAvbZ5IN6H+RCI9BWhh80uStWPjCR/PQHmzSsIgopx
05TqB0uC8OeZUlzSJxPi2mpvJD51X91SfUkvCfoS+1LrqgeANDFZ2G7J4WaPjaQE
SeKBI9c9+lth5Oc5XLvvNLChYuM5QdzvSQWVxCBJG71njLEoqbq/WTsWDeh2RhEG
4gLgtsOqo2O9S5MfhOTsYf9wN/nTdaTIvKlAr9cRiC4XXdz2ugNXJ7S732Q89VUX
6ErS1yEfty8wlk//3vWSm4uahZvSGwIDAQABo4ICqzCCAqcwHQYDVR0OBBYEFNod
lNMvCqFxf6f4Ftsmyp0eNVlMMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC80NzQ2MThCQTEzQ0MxMUYwOTYwQ0EyNUY3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAmlGzAwQAmlG2MA0GCSqG
SIb3DQEBCwUAA4IBAQAt9VOAT8FBqpoC/h9wpJPCYEnEMceuGEzYwCuqK3qmrAIg
d+CW0qSYaxQ25iHyFG4RsigLXepw4LvcVZvzMrZ5b0+GJJn718MtqNiWuTx+81/L
oo2F+nPKs9Duy1QIrdweXnFJrvwPo3W9ep44rm7PTfDtBkWRh7GzPxsdk7rTco4L
ddTlInof5dd1AUDhl05sW6R0z34vDw6gTfQo7sZDEmk/MpjNcwcQCXiluYDThVS6
d7TFKxoJTS3lnfI9oLB/4v7PUm36DmetuMAuo03g2ViCQE9yT5ef9uxrwLv8+d9E
ZzNhpHGwQ+H0NjDdQJfvbMqNKuyd6lkcvUNe3Aw1
-----END CERTIFICATE-----
Generated at Tue May 13 11:59:37 2025 by rpki-client