Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/BE9AF1BC107811F0905DFE48762E951A.roa
File: BE9AF1BC107811F0905DFE48762E951A.roa (raw, json)
Hash identifier: 0VPWNCtihUpaepc6W9YT0R7bhs/Hq1mDIzIUj9vWqyo=
Subject key identifier: 2C:0E:1E:3B:33:95:7C:D5:BC:07:FA:05:11:BA:B8:DF:14:8B:1B:E7
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01776F
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/BE9AF1BC107811F0905DFE48762E951A.roa
Signing time: Thu 03 Apr 2025 10:45:23 +0000
ROA not before: Thu 03 Apr 2025 10:45:19 +0000
ROA not after: Mon 14 Apr 2025 10:45:19 +0000
asID: 5065
IP address blocks: 154.83.207.0/24 maxlen: 24
154.83.225.0/24 maxlen: 24
154.83.229.0/24 maxlen: 24
154.83.231.0/24 maxlen: 24
154.83.251.0/24 maxlen: 24
154.84.182.0/24 maxlen: 24
154.84.183.0/24 maxlen: 24
154.85.108.0/24 maxlen: 24
154.85.109.0/24 maxlen: 24
154.85.111.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 96111 (0x1776f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Apr 3 10:45:19 2025 GMT
Not After : Apr 14 10:45:19 2025 GMT
Subject: CN=67ee66c3-8558
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:62:3d:06:35:48:0b:4a:e0:d0:17:57:be:e0:
36:62:37:fa:a5:72:cf:a4:c0:14:96:c5:4a:1a:bc:
cb:b4:28:39:af:82:96:4b:02:e2:c0:5d:ff:30:9b:
70:86:1f:ad:53:8a:d8:4f:36:2b:ba:e1:4b:79:a1:
f4:c6:71:f1:21:e4:c6:16:b9:aa:b5:db:58:74:b4:
3c:10:ab:24:74:78:fc:41:b4:7f:ac:db:c0:f5:3c:
5a:06:0f:fd:b0:95:82:5c:f0:96:e8:6e:20:dd:88:
a1:08:ea:58:e8:2f:8b:d4:aa:9e:6f:a5:ef:12:b2:
ba:ae:da:03:ef:75:32:2c:27:ae:de:68:d2:71:39:
b5:84:bc:87:c5:5f:db:86:3e:6b:4a:51:0a:62:3c:
cf:cd:ab:71:33:b4:61:fa:b0:38:d4:5f:fe:97:2c:
12:ac:1e:6f:71:50:36:08:71:84:79:6b:7a:2d:83:
b7:ad:fb:a0:0e:3b:9a:7c:c1:77:bc:3a:a9:f0:73:
fd:af:62:82:40:f5:39:ff:6a:13:d4:fe:58:65:73:
b5:6c:55:89:8f:fc:3f:24:8f:da:0c:f6:25:6d:56:
f5:a1:28:f7:6e:a1:cf:d9:9d:3d:b1:9a:ea:af:d2:
2c:00:87:33:76:b0:7b:05:35:66:cf:ea:a1:d0:b6:
7a:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:0E:1E:3B:33:95:7C:D5:BC:07:FA:05:11:BA:B8:DF:14:8B:1B:E7
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/BE9AF1BC107811F0905DFE48762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.83.207.0/24
154.83.225.0/24
154.83.229.0/24
154.83.231.0/24
154.83.251.0/24
154.84.182.0/23
154.85.108.0/23
154.85.111.0/24
Signature Algorithm: sha256WithRSAEncryption
36:fc:8e:49:9a:b6:98:82:4a:fb:81:ae:b3:5a:17:0a:4d:f2:
89:8a:2a:2b:55:1f:b6:4a:25:e3:16:30:64:da:90:a4:e6:d0:
66:36:16:b5:25:1a:c1:f5:11:09:c0:41:86:51:2f:fc:84:de:
bf:a0:3d:da:e9:6b:a4:23:f8:a6:50:b3:a5:d9:08:59:bd:58:
74:d9:3f:78:28:2d:b5:02:67:43:1d:7e:4f:67:39:f8:1f:4d:
fc:85:3f:22:9e:71:a3:f1:3b:fe:8a:8f:5e:1d:f3:77:f8:d6:
a7:f3:63:e3:9e:e1:c0:cc:14:eb:0c:ba:28:cf:1d:9a:f1:29:
d5:71:d4:eb:58:82:41:e3:57:8b:dd:93:c3:5f:73:0e:e7:81:
ca:3d:04:0f:7f:bb:2d:35:5b:df:9b:16:a9:9c:d2:60:f2:ae:
ef:b7:cc:6d:a2:34:29:40:b0:56:d2:d5:b6:00:fc:4f:ab:ba:
0f:08:e9:38:bb:75:0e:1e:f3:c7:97:9b:47:04:bf:e5:f1:2d:
e0:a6:88:5a:08:8d:bf:e0:5b:ed:0e:8c:82:38:9a:8a:7c:d3:
86:4c:45:14:6b:f4:0c:70:a7:85:6e:cc:cb:fd:52:99:fd:3f:
04:20:9e:d1:27:b4:39:ee:0c:b5:e8:c7:26:81:79:4e:78:03:
d8:87:77:23
-----BEGIN CERTIFICATE-----
MIIFrjCCBJagAwIBAgIDAXdvMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNDAzMTA0NTE5WhcNMjUwNDE0MTA0NTE5WjAYMRYw
FAYDVQQDEw02N2VlNjZjMy04NTU4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAtGI9BjVIC0rg0BdXvuA2Yjf6pXLPpMAUlsVKGrzLtCg5r4KWSwLiwF3/
MJtwhh+tU4rYTzYruuFLeaH0xnHxIeTGFrmqtdtYdLQ8EKskdHj8QbR/rNvA9Txa
Bg/9sJWCXPCW6G4g3YihCOpY6C+L1Kqeb6XvErK6rtoD73UyLCeu3mjScTm1hLyH
xV/bhj5rSlEKYjzPzatxM7Rh+rA41F/+lywSrB5vcVA2CHGEeWt6LYO3rfugDjua
fMF3vDqp8HP9r2KCQPU5/2oT1P5YZXO1bFWJj/w/JI/aDPYlbVb1oSj3bqHP2Z09
sZrqr9IsAIczdrB7BTVmz+qh0LZ6EwIDAQABo4ICzzCCAsswHQYDVR0OBBYEFCwO
HjszlXzVvAf6BRG6uN8UixvnMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9CRTlBRjFCQzEwNzgxMUYwOTA1REZFNDg3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQAmlPPAwQAmlPhAwQAmlPl
AwQAmlPnAwQAmlP7AwQBmlS2AwQBmlVsAwQAmlVvMA0GCSqGSIb3DQEBCwUAA4IB
AQA2/I5JmraYgkr7ga6zWhcKTfKJiiorVR+2SiXjFjBk2pCk5tBmNha1JRrB9REJ
wEGGUS/8hN6/oD3a6WukI/imULOl2QhZvVh02T94KC21AmdDHX5PZzn4H038hT8i
nnGj8Tv+io9eHfN3+Nan82PjnuHAzBTrDLoozx2a8SnVcdTrWIJB41eL3ZPDX3MO
54HKPQQPf7stNVvfmxapnNJg8q7vt8xtojQpQLBW0tW2APxPq7oPCOk4u3UOHvPH
l5tHBL/l8S3gpohaCI2/4FvtDoyCOJqKfNOGTEUUa/QMcKeFbszL/VKZ/T8EIJ7R
J7Q57gy16McmgXlOeAPYh3cj
-----END CERTIFICATE-----
Generated at Thu Apr 17 22:56:29 2025 by rpki-client