Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/8780654624C711F091833B8BDAE4EC9C.roa
File: 8780654624C711F091833B8BDAE4EC9C.roa (raw, json)
Hash identifier: jt7Pbnyrk9tyST/tvfm1ylq8egHGs5RxRblIBewC+Yg=
Subject key identifier: 5C:3A:58:19:D1:A1:36:4A:FC:00:67:88:45:C4:7E:C3:66:46:23:64
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 017CB0
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/8780654624C711F091833B8BDAE4EC9C.roa
Signing time: Tue 29 Apr 2025 06:59:44 +0000
ROA not before: Tue 29 Apr 2025 06:59:40 +0000
ROA not after: Fri 09 May 2025 06:59:40 +0000
asID: 203020
IP address blocks: 154.223.141.0/24 maxlen: 24
154.223.142.0/24 maxlen: 24
154.223.162.0/24 maxlen: 24
154.223.163.0/24 maxlen: 24
154.223.172.0/24 maxlen: 24
154.223.173.0/24 maxlen: 24
154.223.174.0/24 maxlen: 24
154.223.175.0/24 maxlen: 24
154.223.184.0/24 maxlen: 24
154.223.185.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 97456 (0x17cb0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Apr 29 06:59:40 2025 GMT
Not After : May 9 06:59:40 2025 GMT
Subject: CN=681078e0-9af3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:80:01:bf:3b:e3:fc:23:6a:3b:d4:43:46:78:
0f:bf:b7:15:35:71:36:07:a0:57:68:d0:61:98:76:
33:00:1b:09:80:b4:13:ea:46:f0:28:ef:d3:49:cb:
66:d1:b0:8e:e6:33:d6:a0:fc:0a:b6:02:b8:da:72:
c6:1a:33:95:e0:95:f4:56:86:b5:1c:f4:c6:83:56:
2a:8f:14:4c:1f:52:a9:ac:06:1b:14:d2:5d:69:36:
a6:e7:96:a8:61:be:dd:69:ca:c8:4a:56:b5:57:9f:
f6:c3:3b:1d:0f:29:74:9b:54:b5:71:f8:d5:66:f4:
72:3f:e9:cc:d5:49:7b:00:f5:0a:79:62:b3:f0:37:
7e:a7:43:b9:04:fb:56:26:9e:a0:8f:28:8c:b3:af:
8f:39:1c:51:11:2e:ec:52:61:f5:32:0a:d6:35:a2:
22:c7:b5:25:f4:e9:ba:23:a4:e7:2a:70:7c:92:96:
87:a8:d8:0b:ce:ad:e0:1f:20:5d:19:96:b6:e6:5a:
b0:1e:49:5b:cb:bf:25:40:3c:9b:92:42:61:b5:80:
9f:e9:18:eb:5c:0e:00:ad:39:c7:96:9f:f7:1f:84:
51:85:8e:1c:84:a5:90:a7:25:60:a5:af:fb:f7:3c:
04:85:cd:dd:d8:55:e9:f3:9a:59:27:cd:df:04:51:
67:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:3A:58:19:D1:A1:36:4A:FC:00:67:88:45:C4:7E:C3:66:46:23:64
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/8780654624C711F091833B8BDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.223.141.0-154.223.142.255
154.223.162.0/23
154.223.172.0/22
154.223.184.0/23
Signature Algorithm: sha256WithRSAEncryption
98:11:c1:0e:33:f4:e6:30:e1:e6:d7:aa:13:66:1b:2e:b9:3c:
e2:3a:d8:8c:11:32:42:f2:fc:3b:ee:2c:4d:36:ea:d7:4d:85:
82:f2:87:08:a0:a1:61:c3:69:ae:a5:d9:e9:1a:fe:8f:40:eb:
33:3b:f0:da:31:6a:c0:8f:ff:10:52:8b:80:bd:41:cc:9f:66:
b8:cc:e5:ab:a7:ab:02:85:82:42:a9:2a:2b:ee:22:41:11:b8:
e0:20:ec:f7:c5:32:7e:8e:1c:be:60:3d:f9:ba:ca:0f:05:96:
a0:78:ee:94:34:12:89:35:3e:94:a0:1f:c0:74:5f:c3:20:d3:
fe:e7:9d:61:4a:22:dd:84:95:91:c9:80:31:60:a5:e2:95:b4:
d8:36:e5:3b:33:11:c7:f9:c3:1c:4a:e7:49:1b:6c:7d:7f:f7:
15:0c:3d:3d:fc:68:6b:f9:d8:6c:b6:eb:9d:3c:29:7d:6a:27:
74:dd:66:c4:ac:cb:0a:be:0c:3d:fb:3e:77:a4:45:97:d7:6d:
41:83:aa:fd:f6:89:b3:c6:3b:5b:6e:34:28:fd:b6:70:f7:fa:
8f:7a:50:e2:8f:27:c5:3a:d4:3b:fd:ec:d3:d2:60:4c:b6:cf:
3c:d3:f9:cc:13:51:44:d2:a8:6c:4d:d7:e8:11:9f:49:c9:24:
5c:7b:64:3d
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIDAXywMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNDI5MDY1OTQwWhcNMjUwNTA5MDY1OTQwWjAYMRYw
FAYDVQQDEw02ODEwNzhlMC05YWYzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAvoABvzvj/CNqO9RDRngPv7cVNXE2B6BXaNBhmHYzABsJgLQT6kbwKO/T
Sctm0bCO5jPWoPwKtgK42nLGGjOV4JX0Voa1HPTGg1YqjxRMH1KprAYbFNJdaTam
55aoYb7dacrISla1V5/2wzsdDyl0m1S1cfjVZvRyP+nM1Ul7APUKeWKz8Dd+p0O5
BPtWJp6gjyiMs6+PORxRES7sUmH1MgrWNaIix7Ul9Om6I6TnKnB8kpaHqNgLzq3g
HyBdGZa25lqwHklby78lQDybkkJhtYCf6RjrXA4ArTnHlp/3H4RRhY4chKWQpyVg
pa/79zwEhc3d2FXp85pZJ83fBFFnnQIDAQABo4ICvzCCArswHQYDVR0OBBYEFFw6
WBnRoTZK/ABniEXEfsNmRiNkMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC84NzgwNjU0NjI0QzcxMUYwOTE4MzNCOEJEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgMAwDBACa340DBACa344DBAGa
36IDBAKa36wDBAGa37gwDQYJKoZIhvcNAQELBQADggEBAJgRwQ4z9OYw4ebXqhNm
Gy65POI62IwRMkLy/DvuLE026tdNhYLyhwigoWHDaa6l2eka/o9A6zM78NoxasCP
/xBSi4C9QcyfZrjM5aunqwKFgkKpKivuIkERuOAg7PfFMn6OHL5gPfm6yg8FlqB4
7pQ0Eok1PpSgH8B0X8Mg0/7nnWFKIt2ElZHJgDFgpeKVtNg25TszEcf5wxxK50kb
bH1/9xUMPT38aGv52Gy26508KX1qJ3TdZsSsywq+DD37PnekRZfXbUGDqv32ibPG
O1tuNCj9tnD3+o96UOKPJ8U61Dv97NPSYEy2zzzT+cwTUUTSqGxN1+gRn0nJJFx7
ZD0=
-----END CERTIFICATE-----
Generated at Sun May 11 10:30:15 2025 by rpki-client