Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/EB885E3C437A11F0A7C80A9DDAE4EC9C.roa
File: EB885E3C437A11F0A7C80A9DDAE4EC9C.roa (raw, json)
Hash identifier: JP9noHCrPhDPhj+5SZwB9I1oDHm80lPmnCxd39+Rwuk=
Subject key identifier: C2:94:79:EE:75:45:80:25:0B:30:59:5A:D0:AA:C5:40:D7:17:EC:72
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 018538
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/EB885E3C437A11F0A7C80A9DDAE4EC9C.roa
Signing time: Sat 07 Jun 2025 08:39:27 +0000
ROA not before: Sat 07 Jun 2025 08:39:22 +0000
ROA not after: Mon 16 Jun 2025 08:39:22 +0000
asID: 23764
IP address blocks: 154.85.14.0/24 maxlen: 24
154.85.15.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 99640 (0x18538)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jun 7 08:39:22 2025 GMT
Not After : Jun 16 08:39:22 2025 GMT
Subject: CN=6843fabf-5de5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:0d:b8:d3:a4:4c:c2:c7:36:12:5e:29:4e:48:
90:4d:a9:f0:e1:13:1d:e3:9b:7c:74:29:fa:cc:18:
1c:db:1d:57:c8:d4:b5:69:fc:e1:94:25:e0:68:6f:
52:c8:11:bc:db:e6:5e:92:62:4d:e1:3a:df:4b:f0:
f6:ce:b4:c0:a1:92:9c:66:74:a9:a0:89:ef:47:08:
f1:15:41:2f:1b:17:8d:db:c9:8f:36:97:aa:ff:c9:
61:8d:b2:3c:84:5b:ed:92:f6:ca:22:0e:55:e4:13:
64:3e:f1:2b:e1:e5:1f:65:68:d3:5e:fd:e4:fe:00:
ca:25:3e:4f:c7:67:cb:d1:44:28:49:6e:bf:55:fd:
c0:5e:26:8a:bf:20:4e:22:08:ee:03:10:40:7a:88:
6a:f6:23:f5:82:db:a6:ec:be:34:aa:c5:6c:ee:67:
04:81:a0:e2:43:db:1d:53:24:38:a5:27:99:88:40:
51:9c:b0:38:25:b0:06:c5:91:6f:34:a7:31:6e:d9:
e4:70:f6:a2:5e:45:b5:d9:c3:05:d1:e1:b8:ff:bb:
91:0f:d3:0e:ee:30:2f:2f:f2:16:07:ca:a1:94:d0:
f4:66:92:ee:a2:e6:12:96:ca:ea:eb:da:ad:a4:4e:
29:b0:9d:a5:b2:7e:45:9a:d4:b5:86:95:d0:48:ef:
68:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:94:79:EE:75:45:80:25:0B:30:59:5A:D0:AA:C5:40:D7:17:EC:72
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/EB885E3C437A11F0A7C80A9DDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.85.14.0/23
Signature Algorithm: sha256WithRSAEncryption
c3:7a:af:0c:ef:7b:e1:2f:be:d3:5a:9d:54:73:51:55:ec:0c:
cd:42:1f:c9:a6:17:b4:85:45:0e:30:45:43:60:bb:b4:55:fa:
b5:eb:c1:c2:1b:2a:75:8d:0d:d3:7a:cb:9e:09:52:24:bc:09:
b0:5e:2d:17:a4:3e:c5:bd:b7:8f:7d:aa:d8:94:54:e2:fb:e9:
b1:07:4a:16:0d:d1:65:b1:b0:9d:ef:a0:ac:1b:df:04:3b:fa:
0d:4b:ff:a5:36:55:79:6a:16:a6:76:43:ba:d0:cf:ae:4b:27:
40:9d:73:60:f5:ff:8e:a5:f7:92:91:4b:c7:d2:25:a2:91:8d:
d3:59:8c:6a:88:c0:83:24:26:5e:2f:12:e1:a6:25:7d:23:02:
e7:44:1e:00:6e:56:73:62:cf:11:7a:09:6d:4d:f2:74:bb:6d:
d4:ba:d3:ef:c5:14:38:c9:95:64:d3:4e:73:9f:a5:b6:cb:97:
ff:5e:90:fb:8a:ee:c4:e0:aa:32:43:24:0e:c1:d6:ea:f6:99:
ee:98:0d:24:b3:e1:3e:55:e9:04:ed:67:3b:93:c4:61:67:97:
25:6c:cb:89:54:ee:9e:de:41:60:57:69:42:77:1f:8f:50:d3:
5d:1a:dc:50:c7:7d:44:c2:98:0f:c6:e8:1d:6a:fb:af:1f:66:
14:76:30:43
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAYU4MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNjA3MDgzOTIyWhcNMjUwNjE2MDgzOTIyWjAYMRYw
FAYDVQQDEw02ODQzZmFiZi01ZGU1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA2w2406RMwsc2El4pTkiQTanw4RMd45t8dCn6zBgc2x1XyNS1afzhlCXg
aG9SyBG82+ZekmJN4TrfS/D2zrTAoZKcZnSpoInvRwjxFUEvGxeN28mPNpeq/8lh
jbI8hFvtkvbKIg5V5BNkPvEr4eUfZWjTXv3k/gDKJT5Px2fL0UQoSW6/Vf3AXiaK
vyBOIgjuAxBAeohq9iP1gtum7L40qsVs7mcEgaDiQ9sdUyQ4pSeZiEBRnLA4JbAG
xZFvNKcxbtnkcPaiXkW12cMF0eG4/7uRD9MO7jAvL/IWB8qhlND0ZpLuouYSlsrq
69qtpE4psJ2lsn5FmtS1hpXQSO9oeQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFMKU
ee51RYAlCzBZWtCqxUDXF+xyMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9FQjg4NUUzQzQzN0ExMUYwQTdDODBBOUREQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBmlUOMA0GCSqGSIb3DQEB
CwUAA4IBAQDDeq8M73vhL77TWp1Uc1FV7AzNQh/Jphe0hUUOMEVDYLu0Vfq168HC
Gyp1jQ3TesueCVIkvAmwXi0XpD7FvbePfarYlFTi++mxB0oWDdFlsbCd76CsG98E
O/oNS/+lNlV5ahamdkO60M+uSydAnXNg9f+OpfeSkUvH0iWikY3TWYxqiMCDJCZe
LxLhpiV9IwLnRB4AblZzYs8RegltTfJ0u23UutPvxRQ4yZVk005zn6W2y5f/XpD7
iu7E4KoyQyQOwdbq9pnumA0ks+E+VekE7Wc7k8RhZ5clbMuJVO6e3kFgV2lCdx+P
UNNdGtxQx31EwpgPxugdavuvH2YUdjBD
-----END CERTIFICATE-----
Generated at Tue Jun 17 13:57:46 2025 by rpki-client