Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/C2307464265311F09580EBE9DAE4EC9C.roa
File: C2307464265311F09580EBE9DAE4EC9C.roa (raw, json)
Hash identifier: JfPiEGcGIhsMA+/fIzfEqa4XSOuKEtGXP1iPwMSSybE=
Subject key identifier: E6:B7:CC:F1:A7:EE:23:7F:43:9B:13:92:EE:B0:62:05:9E:E1:C7:83
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 017DB6
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/C2307464265311F09580EBE9DAE4EC9C.roa
Signing time: Thu 01 May 2025 06:16:03 +0000
ROA not before: Thu 01 May 2025 06:15:59 +0000
ROA not after: Fri 09 May 2025 06:15:59 +0000
asID: 9009
IP address blocks: 154.216.192.0/24 maxlen: 24
154.216.200.0/24 maxlen: 24
154.216.216.0/24 maxlen: 24
154.216.221.0/24 maxlen: 24
154.216.225.0/24 maxlen: 24
154.216.226.0/24 maxlen: 24
154.216.230.0/24 maxlen: 24
154.216.235.0/24 maxlen: 24
154.216.251.0/24 maxlen: 24
154.216.255.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 97718 (0x17db6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: May 1 06:15:59 2025 GMT
Not After : May 9 06:15:59 2025 GMT
Subject: CN=681311a3-c299
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:8d:e1:cb:5b:90:b5:26:bf:15:8c:7b:0a:87:
e3:81:b4:b0:33:ce:6e:10:04:96:0f:2f:82:6c:a0:
d4:80:6a:c0:66:e0:4d:f7:77:70:bd:dd:70:ec:c7:
66:ce:c6:43:57:10:24:56:51:2f:77:a3:1f:0d:47:
18:40:6e:5b:db:b9:a5:db:62:22:b4:99:88:09:9d:
1c:80:6b:6a:fa:44:e3:e5:b2:b8:a3:d9:e8:43:12:
0c:05:fa:fe:b3:e3:ac:a6:b6:58:97:be:01:86:99:
09:88:e9:a7:cc:5c:28:e1:5a:00:14:e5:3a:a6:90:
5f:e6:c0:f2:b5:46:dd:81:f4:65:72:d9:cc:ba:6d:
a4:90:76:ea:ae:06:47:d0:7f:8e:d3:98:89:98:de:
e8:58:60:c1:af:af:6e:8f:ad:a7:9c:f3:8a:dc:93:
e8:65:3a:a9:36:69:22:bf:3c:d1:40:7c:52:28:8a:
30:27:8e:cc:c4:c5:a6:5c:0b:fb:b4:87:dc:fa:4e:
3a:26:5a:d1:a9:7d:6d:1f:a1:7f:41:8c:06:b0:fd:
6a:b7:3e:2e:8d:70:d0:07:6e:7c:9d:ea:21:b8:68:
d8:ba:3d:86:3e:10:f5:d2:ca:72:a2:47:f4:f3:86:
71:97:1d:5c:67:71:0f:90:88:7e:02:58:fd:39:9e:
ae:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:B7:CC:F1:A7:EE:23:7F:43:9B:13:92:EE:B0:62:05:9E:E1:C7:83
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/C2307464265311F09580EBE9DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.216.192.0/24
154.216.200.0/24
154.216.216.0/24
154.216.221.0/24
154.216.225.0-154.216.226.255
154.216.230.0/24
154.216.235.0/24
154.216.251.0/24
154.216.255.0/24
Signature Algorithm: sha256WithRSAEncryption
d1:7b:3f:a1:fd:9c:03:e3:ff:62:c3:01:12:f3:7a:b7:83:3a:
44:45:61:01:57:8a:70:d7:5e:85:18:a1:49:2b:b0:58:6d:d9:
8b:34:77:29:98:81:aa:ff:c4:f8:0b:03:f8:7e:00:61:2b:04:
c0:68:a8:f9:cc:7d:a9:1f:3c:6b:93:f5:f1:05:5a:bc:20:cb:
a0:b4:3c:af:cf:d4:7f:89:1d:ae:34:30:e1:ca:94:64:03:16:
62:4f:e6:c9:91:60:f4:6c:55:33:f9:af:23:80:1d:92:78:d4:
f0:7e:16:8e:56:7e:61:8d:b2:e0:cf:89:14:93:c4:d6:68:88:
90:97:6b:38:41:11:6a:f9:db:44:10:c0:1c:80:9d:41:32:00:
05:58:4d:be:8c:8e:80:13:20:97:6e:59:42:b2:66:de:49:14:
8a:eb:41:fc:62:ef:6b:dc:48:fe:16:bf:8a:4b:ca:d7:3d:e2:
5a:2c:55:fe:23:a9:85:d9:a3:56:84:35:cc:2c:f4:c3:59:14:
e1:6e:52:a7:2c:72:5c:e5:b0:08:1b:71:f9:a7:d9:ff:41:fe:
ca:8e:3d:28:d6:12:e9:b4:38:8f:fe:ee:8e:cd:b4:3d:b9:8d:
e2:74:45:06:6a:af:45:6f:53:18:24:37:ce:cb:ab:7e:bb:5c:
d2:c6:21:f5
-----BEGIN CERTIFICATE-----
MIIFvDCCBKSgAwIBAgIDAX22MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNTAxMDYxNTU5WhcNMjUwNTA5MDYxNTU5WjAYMRYw
FAYDVQQDEw02ODEzMTFhMy1jMjk5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA243hy1uQtSa/FYx7CofjgbSwM85uEASWDy+CbKDUgGrAZuBN93dwvd1w
7MdmzsZDVxAkVlEvd6MfDUcYQG5b27ml22IitJmICZ0cgGtq+kTj5bK4o9noQxIM
Bfr+s+OsprZYl74BhpkJiOmnzFwo4VoAFOU6ppBf5sDytUbdgfRlctnMum2kkHbq
rgZH0H+O05iJmN7oWGDBr69uj62nnPOK3JPoZTqpNmkivzzRQHxSKIowJ47MxMWm
XAv7tIfc+k46JlrRqX1tH6F/QYwGsP1qtz4ujXDQB258neohuGjYuj2GPhD10spy
okf084Zxlx1cZ3EPkIh+Alj9OZ6uIQIDAQABo4IC3TCCAtkwHQYDVR0OBBYEFOa3
zPGn7iN/Q5sTku6wYgWe4ceDMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9DMjMwNzQ2NDI2NTMxMUYwOTU4MEVCRTlEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMFcGCCsGAQUFBwEHAQH/BEgwRjBEBAIAATA+AwQAmtjAAwQAmtjIAwQAmtjY
AwQAmtjdMAwDBACa2OEDBACa2OIDBACa2OYDBACa2OsDBACa2PsDBACa2P8wDQYJ
KoZIhvcNAQELBQADggEBANF7P6H9nAPj/2LDARLzereDOkRFYQFXinDXXoUYoUkr
sFht2Ys0dymYgar/xPgLA/h+AGErBMBoqPnMfakfPGuT9fEFWrwgy6C0PK/P1H+J
Ha40MOHKlGQDFmJP5smRYPRsVTP5ryOAHZJ41PB+Fo5WfmGNsuDPiRSTxNZoiJCX
azhBEWr520QQwByAnUEyAAVYTb6MjoATIJduWUKyZt5JFIrrQfxi72vcSP4Wv4pL
ytc94losVf4jqYXZo1aENcws9MNZFOFuUqcsclzlsAgbcfmn2f9B/sqOPSjWEum0
OI/+7o7NtD25jeJ0RQZqr0VvUxgkN87Lq367XNLGIfU=
-----END CERTIFICATE-----
Generated at Sat May 10 10:16:54 2025 by rpki-client