Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/74302E4E24C811F0A4DB2B92DAE4EC9C.roa
File: 74302E4E24C811F0A4DB2B92DAE4EC9C.roa (raw, json)
Hash identifier: Aj5iqHWiVQ8y9XOozs0Otl23cVwv331xwHu2kGmX+TA=
Subject key identifier: D9:73:D0:16:A0:05:8F:4E:18:22:26:CB:05:9A:86:86:0B:B3:BB:C3
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 017CB2
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/74302E4E24C811F0A4DB2B92DAE4EC9C.roa
Signing time: Tue 29 Apr 2025 07:06:21 +0000
ROA not before: Tue 29 Apr 2025 07:06:16 +0000
ROA not after: Fri 09 May 2025 07:06:16 +0000
asID: 203020
IP address blocks: 154.205.186.0/24 maxlen: 24
154.223.137.0/24 maxlen: 24
154.223.138.0/24 maxlen: 24
154.223.139.0/24 maxlen: 24
154.223.140.0/24 maxlen: 24
154.223.143.0/24 maxlen: 24
154.223.160.0/24 maxlen: 24
154.223.161.0/24 maxlen: 24
154.223.186.0/24 maxlen: 24
154.223.187.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 97458 (0x17cb2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Apr 29 07:06:16 2025 GMT
Not After : May 9 07:06:16 2025 GMT
Subject: CN=68107a6d-efee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:ba:a9:98:e9:db:70:dc:2a:8e:3b:2d:63:55:
46:87:4b:65:fe:85:cb:22:41:75:62:46:be:76:d5:
19:6a:42:2e:5b:80:43:38:8e:18:5a:4d:4c:cb:e6:
e5:ed:b9:5b:5c:ca:c5:08:21:99:4b:78:ce:83:f7:
6c:c0:57:fd:d5:24:f7:4f:10:38:fc:eb:8e:ac:e9:
3c:c9:4d:d6:4e:32:fa:23:0d:12:4a:9a:f2:4a:c6:
83:51:de:ab:3a:32:aa:0f:f2:e3:71:aa:50:d7:6c:
d0:aa:cd:2b:23:01:bb:bb:e7:c6:94:4a:e1:43:be:
e3:77:3d:12:66:3c:75:da:f2:9e:4e:0b:7b:42:3c:
77:a6:a2:2e:1b:19:19:a0:78:ba:7f:aa:d5:c5:e2:
61:3b:44:0b:d2:a2:5e:67:91:1a:fa:0a:c0:83:a9:
27:32:e1:0d:42:9e:33:d3:4a:26:b7:1b:26:52:b1:
39:10:a2:e3:28:9d:c0:4d:e2:d2:31:f1:56:16:9f:
48:ca:cc:67:76:0b:35:22:72:55:c2:9f:8c:76:8f:
9f:0a:f9:ca:9c:83:bf:07:af:34:fd:29:e9:4f:e6:
42:69:01:02:65:0c:fc:d6:1e:b7:31:82:19:1b:75:
d8:77:ba:bb:81:aa:27:16:46:5f:fa:32:98:b7:ac:
10:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:73:D0:16:A0:05:8F:4E:18:22:26:CB:05:9A:86:86:0B:B3:BB:C3
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/74302E4E24C811F0A4DB2B92DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.205.186.0/24
154.223.137.0-154.223.140.255
154.223.143.0/24
154.223.160.0/23
154.223.186.0/23
Signature Algorithm: sha256WithRSAEncryption
4b:89:96:9e:3d:c4:81:40:94:70:ec:e5:3d:10:4a:e5:1b:1b:
e0:3a:d6:46:6b:f0:40:df:28:80:b3:72:1d:1e:95:fd:a7:5e:
8b:78:c0:79:e8:e1:05:30:f7:f7:2c:10:d1:8e:72:c7:0f:04:
b9:4c:32:fc:93:50:30:6d:c4:e6:bf:6e:ae:d4:6d:d0:7a:c5:
55:24:a0:8f:33:95:39:22:c8:98:b9:3f:00:d0:a8:75:17:cf:
32:a6:09:81:26:4d:ee:fb:59:33:b8:ea:69:db:b7:ad:43:2f:
62:12:17:04:f0:99:ea:0b:c8:0b:63:60:05:26:bf:44:40:81:
52:ba:da:8b:3c:58:75:2d:3e:11:2b:0d:33:38:d9:05:ca:9a:
62:51:47:57:2b:94:06:65:3f:fa:80:97:f9:dc:f7:65:14:b3:
d6:7f:41:17:69:6f:28:ff:3b:b4:60:6f:85:3e:ff:43:94:ab:
ee:bd:98:41:28:d6:d0:dc:7e:f8:86:91:bd:0a:70:45:82:bd:
42:09:98:86:1a:90:c8:c5:65:a5:f4:9f:7e:a9:5c:26:ce:6d:
ca:71:45:27:46:11:96:82:ef:dd:6f:1a:77:cf:36:6f:7e:92:
09:f9:f4:81:da:d7:2d:7a:78:3e:bf:ed:79:19:0c:aa:11:07:
0b:6f:fd:c8
-----BEGIN CERTIFICATE-----
MIIFpDCCBIygAwIBAgIDAXyyMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNDI5MDcwNjE2WhcNMjUwNTA5MDcwNjE2WjAYMRYw
FAYDVQQDEw02ODEwN2E2ZC1lZmVlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAorqpmOnbcNwqjjstY1VGh0tl/oXLIkF1Yka+dtUZakIuW4BDOI4YWk1M
y+bl7blbXMrFCCGZS3jOg/dswFf91ST3TxA4/OuOrOk8yU3WTjL6Iw0SSprySsaD
Ud6rOjKqD/LjcapQ12zQqs0rIwG7u+fGlErhQ77jdz0SZjx12vKeTgt7Qjx3pqIu
GxkZoHi6f6rVxeJhO0QL0qJeZ5Ea+grAg6knMuENQp4z00omtxsmUrE5EKLjKJ3A
TeLSMfFWFp9Iysxndgs1InJVwp+Mdo+fCvnKnIO/B680/SnpT+ZCaQECZQz81h63
MYIZG3XYd7q7gaonFkZf+jKYt6wQ3QIDAQABo4ICxTCCAsEwHQYDVR0OBBYEFNlz
0BagBY9OGCImywWahoYLs7vDMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC83NDMwMkU0RTI0QzgxMUYwQTREQjJCOTJEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQAms26MAwDBACa34kDBACa
34wDBACa348DBAGa36ADBAGa37owDQYJKoZIhvcNAQELBQADggEBAEuJlp49xIFA
lHDs5T0QSuUbG+A61kZr8EDfKICzch0elf2nXot4wHno4QUw9/csENGOcscPBLlM
MvyTUDBtxOa/bq7UbdB6xVUkoI8zlTkiyJi5PwDQqHUXzzKmCYEmTe77WTO46mnb
t61DL2ISFwTwmeoLyAtjYAUmv0RAgVK62os8WHUtPhErDTM42QXKmmJRR1crlAZl
P/qAl/nc92UUs9Z/QRdpbyj/O7Rgb4U+/0OUq+69mEEo1tDcfviGkb0KcEWCvUIJ
mIYakMjFZaX0n36pXCbObcpxRSdGEZaC791vGnfPNm9+kgn59IHa1y16eD6/7XkZ
DKoRBwtv/cg=
-----END CERTIFICATE-----
Generated at Sun May 11 04:13:40 2025 by rpki-client