Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/5FBC76023E1D11F083BA6ABADAE4EC9C.roa
File: 5FBC76023E1D11F083BA6ABADAE4EC9C.roa (raw, json)
Hash identifier: 7XQrs6RdYwVY0XlY2i1sk/UZ3eoca3ceECvVYTQbyq0=
Subject key identifier: 9F:DD:E0:A2:DB:29:33:B0:EC:88:93:20:02:17:C3:7B:49:A0:1A:83
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 018402
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/5FBC76023E1D11F083BA6ABADAE4EC9C.roa
Signing time: Sat 31 May 2025 12:47:13 +0000
ROA not before: Sat 31 May 2025 12:47:08 +0000
ROA not after: Mon 16 Jun 2025 12:47:08 +0000
asID: 40779
IP address blocks: 154.219.96.0/19 maxlen: 24
154.222.16.0/20 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 99330 (0x18402)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: May 31 12:47:08 2025 GMT
Not After : Jun 16 12:47:08 2025 GMT
Subject: CN=683afa51-a7ad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:88:92:32:90:77:6b:b7:00:09:f0:aa:5e:6b:
52:73:e2:eb:e9:0e:0f:8c:77:c4:e6:d9:29:2a:9b:
cc:c1:76:c4:8e:aa:31:68:f4:6a:c2:70:48:b5:06:
f3:51:64:79:5c:ba:f5:55:94:bd:3b:62:3a:7f:a7:
62:6b:88:ed:97:4b:89:03:78:2f:6d:7f:3b:1b:36:
fb:03:2e:01:6f:6d:0a:b7:5d:40:a6:6f:69:26:d8:
a4:ea:e0:8a:0d:1a:98:00:f3:93:9d:db:c8:ab:da:
0a:75:7d:1f:4a:72:ca:df:34:73:4f:ff:f0:33:29:
68:94:0c:9d:86:98:2f:47:db:e3:f8:89:af:08:9c:
f1:4c:d3:4d:51:38:10:c0:78:2f:04:e8:2a:bc:07:
94:94:5f:d0:e7:ab:cc:4e:fd:11:37:0f:eb:04:50:
05:7c:a1:1c:83:46:50:5a:bd:e3:c5:2d:4f:64:61:
20:95:d2:3b:cf:6b:0e:c5:3d:9b:b9:f6:a2:06:fd:
3b:22:94:70:b0:86:4c:d0:c4:9b:b1:98:30:a7:e9:
c6:e1:bf:34:e9:a8:6e:93:c1:a9:e0:70:36:3e:21:
8e:d4:7c:78:e4:91:13:6b:a9:62:d5:96:3e:bd:e4:
5f:3c:8c:d8:fc:f6:01:3d:c6:57:47:ee:0f:10:2a:
5d:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:DD:E0:A2:DB:29:33:B0:EC:88:93:20:02:17:C3:7B:49:A0:1A:83
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/5FBC76023E1D11F083BA6ABADAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.219.96.0/19
154.222.16.0/20
Signature Algorithm: sha256WithRSAEncryption
7d:37:01:89:e8:94:e3:76:ae:51:32:2b:3f:d8:ab:c8:7b:d8:
b9:24:83:70:f4:b4:9a:e7:b3:54:9e:57:b0:97:98:6c:01:69:
08:64:95:75:3e:7d:97:ef:df:51:71:c0:39:0b:5f:9e:9c:63:
43:ef:be:28:0e:17:eb:b3:a9:59:56:9d:a1:dc:62:3d:40:18:
67:74:4f:b9:b4:20:6d:26:60:b0:a8:44:f2:7d:c7:d1:9f:16:
c1:64:9a:1c:d5:8e:1c:43:f0:fd:85:ff:e7:41:86:95:62:d0:
45:bc:da:3a:06:98:7c:23:5d:3e:04:2d:9e:0f:ae:46:04:34:
eb:d3:4d:d2:a6:e7:dd:bd:1a:27:c5:37:41:83:9a:82:b9:8f:
61:47:03:81:b3:6e:bd:b8:31:46:81:ce:c3:70:24:cc:c6:0a:
a1:3f:1d:82:df:37:38:5c:ab:09:61:6c:cd:81:d8:ff:0b:6a:
b5:6b:b0:b5:1d:c9:2c:4a:a4:5c:fd:de:bf:ad:26:76:e8:01:
80:e5:d1:0e:d9:7d:83:64:e5:1c:af:9b:0d:81:e5:b9:38:a1:
4e:02:10:11:e3:96:34:6b:dc:93:9a:86:0f:42:01:c1:4f:d2:
45:51:8b:b1:24:58:44:ec:21:c0:a2:8e:dc:ad:d8:56:c9:f2:
6c:18:00:2a
-----BEGIN CERTIFICATE-----
MIIFijCCBHKgAwIBAgIDAYQCMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNTMxMTI0NzA4WhcNMjUwNjE2MTI0NzA4WjAYMRYw
FAYDVQQDEw02ODNhZmE1MS1hN2FkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAxIiSMpB3a7cACfCqXmtSc+Lr6Q4PjHfE5tkpKpvMwXbEjqoxaPRqwnBI
tQbzUWR5XLr1VZS9O2I6f6dia4jtl0uJA3gvbX87Gzb7Ay4Bb20Kt11Apm9pJtik
6uCKDRqYAPOTndvIq9oKdX0fSnLK3zRzT//wMylolAydhpgvR9vj+ImvCJzxTNNN
UTgQwHgvBOgqvAeUlF/Q56vMTv0RNw/rBFAFfKEcg0ZQWr3jxS1PZGEgldI7z2sO
xT2bufaiBv07IpRwsIZM0MSbsZgwp+nG4b806ahuk8Gp4HA2PiGO1Hx45JETa6li
1ZY+veRfPIzY/PYBPcZXR+4PECpdAwIDAQABo4ICqzCCAqcwHQYDVR0OBBYEFJ/d
4KLbKTOw7IiTIAIXw3tJoBqDMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC81RkJDNzYwMjNFMUQxMUYwODNCQTZBQkFEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQFmttgAwQEmt4QMA0GCSqG
SIb3DQEBCwUAA4IBAQB9NwGJ6JTjdq5RMis/2KvIe9i5JINw9LSa57NUnlewl5hs
AWkIZJV1Pn2X799RccA5C1+enGND774oDhfrs6lZVp2h3GI9QBhndE+5tCBtJmCw
qETyfcfRnxbBZJoc1Y4cQ/D9hf/nQYaVYtBFvNo6Bph8I10+BC2eD65GBDTr003S
pufdvRonxTdBg5qCuY9hRwOBs269uDFGgc7DcCTMxgqhPx2C3zc4XKsJYWzNgdj/
C2q1a7C1HcksSqRc/d6/rSZ26AGA5dEO2X2DZOUcr5sNgeW5OKFOAhAR45Y0a9yT
moYPQgHBT9JFUYuxJFhE7CHAoo7crdhWyfJsGAAq
-----END CERTIFICATE-----
Generated at Wed Jun 18 16:02:27 2025 by rpki-client