Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/603792D045F511F0BBB06EB6DAE4EC9C.roa
File: 603792D045F511F0BBB06EB6DAE4EC9C.roa (raw, json)
Hash identifier: FCjDcCiCb2JoGYFQbBaMbs+fVP5ogcVqOjF+YRWuGho=
Subject key identifier: 7B:8B:A0:BF:0E:D9:54:44:A4:C0:AA:83:36:38:03:BF:59:A8:80:D6
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0185B8
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/603792D045F511F0BBB06EB6DAE4EC9C.roa
Signing time: Tue 10 Jun 2025 12:21:04 +0000
ROA not before: Tue 10 Jun 2025 12:20:58 +0000
ROA not after: Mon 16 Jun 2025 12:20:58 +0000
asID: 18013
IP address blocks: 154.210.16.0/20 maxlen: 24
154.212.132.0/22 maxlen: 24
154.215.2.0/23 maxlen: 24
154.221.2.0/23 maxlen: 24
154.221.8.0/21 maxlen: 24
154.222.224.0/20 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 99768 (0x185b8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jun 10 12:20:58 2025 GMT
Not After : Jun 16 12:20:58 2025 GMT
Subject: CN=6848232f-c4ee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:63:21:c5:4b:bd:14:84:ae:20:ba:8e:aa:52:
7f:3a:df:d8:d3:08:d0:42:8d:03:55:2e:73:a3:99:
e0:62:e2:1d:84:43:b9:5e:f5:28:20:7b:5a:b0:44:
7c:6a:bb:e4:71:2b:9e:0e:8b:d5:5d:ce:31:83:44:
a6:7b:75:0a:4e:c6:56:77:73:77:67:2a:19:ee:0a:
3b:9d:76:55:7a:89:78:d0:ea:8c:3c:67:85:d6:8a:
15:c4:70:63:5d:00:5d:52:25:19:df:50:7c:f2:f9:
94:2d:38:ea:b7:88:ac:97:1e:15:62:b8:a2:f8:b4:
51:d4:43:3b:0d:50:c4:8f:8f:87:d1:81:89:2d:ee:
63:66:4c:f4:fc:f2:29:49:ee:79:d6:3c:c4:44:1b:
af:64:b2:12:1b:24:08:b9:5b:45:2a:8b:30:da:f8:
1a:e8:1e:f5:54:6e:b5:e7:93:28:8a:7a:a5:84:ab:
e4:cb:5a:6f:63:09:84:68:72:6c:9f:c8:dc:2c:f8:
5d:56:3b:00:8e:08:ac:04:0d:7f:97:5e:08:60:8a:
f6:38:88:c3:ed:8b:c6:1f:c6:96:2c:a8:e1:1e:9a:
a9:74:fd:f9:b7:4f:e8:e5:5c:69:96:2f:11:14:21:
4e:d9:3c:a1:ba:b1:01:77:39:51:f1:ff:01:eb:b3:
55:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7B:8B:A0:BF:0E:D9:54:44:A4:C0:AA:83:36:38:03:BF:59:A8:80:D6
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/603792D045F511F0BBB06EB6DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.210.16.0/20
154.212.132.0/22
154.215.2.0/23
154.221.2.0/23
154.221.8.0/21
154.222.224.0/20
Signature Algorithm: sha256WithRSAEncryption
b1:03:de:47:ce:f6:dc:67:90:68:d5:d3:76:1a:db:34:fb:cd:
9a:c9:65:63:98:8d:95:83:8b:b8:e6:da:a1:f9:a9:9d:9f:a2:
ee:74:b2:b1:ac:84:87:fa:be:e0:2a:05:c4:33:50:55:d4:df:
4a:10:84:1d:5c:90:98:41:e2:be:85:a8:1a:71:88:e2:30:2f:
dc:95:c0:ad:ed:cd:b3:cf:b8:01:2d:4d:ed:66:41:e0:35:74:
07:5a:a8:f5:8e:09:ac:26:8a:02:4d:a3:e6:87:59:5c:41:d7:
91:52:36:6a:62:5b:4c:45:8a:03:67:e5:6b:9a:b0:39:e8:bd:
85:b9:54:b4:01:24:d0:0a:66:57:fb:ee:62:ec:49:cb:4c:cc:
f3:ef:e9:75:be:c4:f4:d0:f7:03:57:e7:3f:d9:3a:06:0a:76:
4f:03:a9:30:23:88:ed:a6:22:21:5f:6f:04:24:8a:35:4c:89:
33:9e:0d:db:0a:30:bc:5b:36:b0:23:12:e4:fa:70:67:a6:a0:
b7:f8:43:05:3c:3e:4c:d3:76:10:f6:fc:ed:f4:0a:56:f4:fd:
0d:09:fb:0a:92:ac:92:26:b7:80:77:6b:75:0f:82:b1:8c:fa:
35:05:bc:44:93:5e:4b:73:06:37:bb:94:fb:64:b4:af:d1:ec:
3f:68:02:e1
-----BEGIN CERTIFICATE-----
MIIFojCCBIqgAwIBAgIDAYW4MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNjEwMTIyMDU4WhcNMjUwNjE2MTIyMDU4WjAYMRYw
FAYDVQQDEw02ODQ4MjMyZi1jNGVlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA6GMhxUu9FISuILqOqlJ/Ot/Y0wjQQo0DVS5zo5ngYuIdhEO5XvUoIHta
sER8arvkcSueDovVXc4xg0Sme3UKTsZWd3N3ZyoZ7go7nXZVeol40OqMPGeF1ooV
xHBjXQBdUiUZ31B88vmULTjqt4islx4VYrii+LRR1EM7DVDEj4+H0YGJLe5jZkz0
/PIpSe551jzERBuvZLISGyQIuVtFKosw2vga6B71VG6155MoinqlhKvky1pvYwmE
aHJsn8jcLPhdVjsAjgisBA1/l14IYIr2OIjD7YvGH8aWLKjhHpqpdP35t0/o5Vxp
li8RFCFO2TyhurEBdzlR8f8B67NVwwIDAQABo4ICwzCCAr8wHQYDVR0OBBYEFHuL
oL8O2VREpMCqgzY4A79ZqIDWMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC82MDM3OTJEMDQ1RjUxMUYwQkJCMDZFQjZEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQEmtIQAwQCmtSEAwQBmtcC
AwQBmt0CAwQDmt0IAwQEmt7gMA0GCSqGSIb3DQEBCwUAA4IBAQCxA95HzvbcZ5Bo
1dN2Gts0+82ayWVjmI2Vg4u45tqh+amdn6LudLKxrISH+r7gKgXEM1BV1N9KEIQd
XJCYQeK+hagacYjiMC/clcCt7c2zz7gBLU3tZkHgNXQHWqj1jgmsJooCTaPmh1lc
QdeRUjZqYltMRYoDZ+VrmrA56L2FuVS0ASTQCmZX++5i7EnLTMzz7+l1vsT00PcD
V+c/2ToGCnZPA6kwI4jtpiIhX28EJIo1TIkzng3bCjC8WzawIxLk+nBnpqC3+EMF
PD5M03YQ9vzt9ApW9P0NCfsKkqySJreAd2t1D4KxjPo1BbxEk15LcwY3u5T7ZLSv
0ew/aALh
-----END CERTIFICATE-----
Generated at Mon Jun 16 15:30:39 2025 by rpki-client