Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/E7D1D80E258E11F0878227C4DAE4EC9C.roa
File: E7D1D80E258E11F0878227C4DAE4EC9C.roa (raw, json)
Hash identifier: KN5mlFBgLfodKflyCdD/3pDtRdqxfRUH3L945uEX8fY=
Subject key identifier: A1:4C:F4:20:93:2D:FD:CC:B5:50:9A:0E:82:84:DA:6F:7B:DB:16:84
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 017D04
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/E7D1D80E258E11F0878227C4DAE4EC9C.roa
Signing time: Wed 30 Apr 2025 06:46:56 +0000
ROA not before: Wed 30 Apr 2025 06:46:51 +0000
ROA not after: Fri 09 May 2025 06:46:51 +0000
asID: 22724
IP address blocks: 154.89.16.0/20 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 97540 (0x17d04)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Apr 30 06:46:51 2025 GMT
Not After : May 9 06:46:51 2025 GMT
Subject: CN=6811c760-1da1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:9c:a2:0e:24:ed:d8:f0:0b:91:52:9d:08:0f:
cd:82:3f:a9:7d:ab:47:e5:39:93:57:eb:48:5a:2f:
56:8b:d2:5c:0c:22:b7:d4:52:53:d4:5c:3e:73:06:
71:fb:68:5c:13:c1:4a:d7:f9:94:e5:42:fa:4d:1a:
6e:44:88:47:a7:47:27:f9:d1:df:38:ab:3d:12:8d:
ba:5d:52:c6:17:3a:3d:48:1e:ab:a2:5d:65:2b:c7:
b8:00:5e:f1:43:59:cd:ce:03:17:f9:99:65:b0:4f:
cc:81:22:b8:8c:0f:0c:3e:d2:03:fd:06:f5:5f:67:
03:01:ba:cf:70:1d:10:78:79:f0:99:f9:ca:ba:8a:
47:af:a9:d2:c4:01:1b:26:89:a9:09:45:60:4a:8c:
fe:61:a6:ef:68:2a:7c:31:c5:8c:6f:22:d6:81:b1:
9b:e9:b5:f8:b0:0f:46:d7:c3:9f:61:62:13:81:0e:
3a:ca:0a:9f:5f:47:26:dd:50:25:5a:2b:c0:5f:a4:
6d:82:90:05:32:9f:e0:70:e9:49:d3:b4:c8:54:01:
3b:30:13:38:20:93:64:cd:73:b1:60:b7:1c:28:2b:
72:35:f7:62:f4:f0:ad:57:b2:e1:92:0e:7f:4a:57:
c9:08:ad:71:44:65:71:62:b9:d5:83:07:b5:5e:7f:
b2:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:4C:F4:20:93:2D:FD:CC:B5:50:9A:0E:82:84:DA:6F:7B:DB:16:84
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/E7D1D80E258E11F0878227C4DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.89.16.0/20
Signature Algorithm: sha256WithRSAEncryption
00:35:c0:12:d0:c2:46:b6:5e:12:09:ae:c2:d9:2d:9d:42:7f:
67:33:9b:6f:e2:66:05:29:6f:c1:d6:62:3e:48:80:00:d1:3e:
16:a6:07:1d:ed:99:bd:d9:cd:ce:e8:e8:2f:0b:71:41:f3:a7:
a6:71:6f:87:e4:08:0a:15:73:86:ce:fc:29:1a:ed:fb:d1:68:
4a:2e:7e:4f:de:05:ff:c9:4f:5b:c6:eb:3e:23:e4:77:65:d8:
ed:53:62:5a:65:f2:13:a7:50:10:dd:7a:ed:76:95:9b:71:e5:
47:43:79:c0:4f:88:7d:b8:66:6c:fb:f5:9d:70:89:cc:24:c4:
1c:6a:58:4d:4f:ae:c7:39:27:05:34:0a:90:30:a1:76:32:24:
31:a7:ac:9b:16:53:fb:58:eb:47:9f:5d:d3:a6:dd:b7:22:5b:
f5:f2:23:25:0f:51:0a:7c:aa:be:08:49:dc:49:df:02:ca:cc:
6b:e8:c0:cf:19:2d:6c:1e:12:59:50:fc:aa:48:48:5a:f6:c1:
a7:97:93:d9:22:82:d8:12:6d:63:29:8d:e0:8c:ac:2d:88:ef:
36:ae:75:02:79:3f:41:a4:6c:41:8f:2e:2c:6c:0c:63:36:7f:
6a:b2:55:f3:61:d1:bb:61:af:ad:22:a7:8b:06:09:79:b9:37:
fa:3c:4e:a2
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAX0EMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNDMwMDY0NjUxWhcNMjUwNTA5MDY0NjUxWjAYMRYw
FAYDVQQDEw02ODExYzc2MC0xZGExMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAuJyiDiTt2PALkVKdCA/Ngj+pfatH5TmTV+tIWi9Wi9JcDCK31FJT1Fw+
cwZx+2hcE8FK1/mU5UL6TRpuRIhHp0cn+dHfOKs9Eo26XVLGFzo9SB6rol1lK8e4
AF7xQ1nNzgMX+ZllsE/MgSK4jA8MPtID/Qb1X2cDAbrPcB0QeHnwmfnKuopHr6nS
xAEbJompCUVgSoz+YabvaCp8McWMbyLWgbGb6bX4sA9G18OfYWITgQ46ygqfX0cm
3VAlWivAX6RtgpAFMp/gcOlJ07TIVAE7MBM4IJNkzXOxYLccKCtyNfdi9PCtV7Lh
kg5/SlfJCK1xRGVxYrnVgwe1Xn+yrQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFKFM
9CCTLf3MtVCaDoKE2m972xaEMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9FN0QxRDgwRTI1OEUxMUYwODc4MjI3QzREQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEmlkQMA0GCSqGSIb3DQEB
CwUAA4IBAQAANcAS0MJGtl4SCa7C2S2dQn9nM5tv4mYFKW/B1mI+SIAA0T4Wpgcd
7Zm92c3O6OgvC3FB86emcW+H5AgKFXOGzvwpGu370WhKLn5P3gX/yU9bxus+I+R3
ZdjtU2JaZfITp1AQ3XrtdpWbceVHQ3nAT4h9uGZs+/WdcInMJMQcalhNT67HOScF
NAqQMKF2MiQxp6ybFlP7WOtHn13Tpt23Ilv18iMlD1EKfKq+CEncSd8Cysxr6MDP
GS1sHhJZUPyqSEha9sGnl5PZIoLYEm1jKY3gjKwtiO82rnUCeT9BpGxBjy4sbAxj
Nn9qslXzYdG7Ya+tIqeLBgl5uTf6PE6i
-----END CERTIFICATE-----
Generated at Sun May 11 03:14:20 2025 by rpki-client