Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/0334D5DCF40D11EF81CCF763762E951A.roa
File: 0334D5DCF40D11EF81CCF763762E951A.roa (raw, json)
Hash identifier: 1xAmfyakdysPUYN4CQoVcY+VcDz22FF+bjUOKe/aQkk=
Subject key identifier: 74:E2:75:12:1A:B8:D5:9C:15:18:EF:89:0A:B7:A4:6C:B1:42:3F:1F
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0160FD
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/0334D5DCF40D11EF81CCF763762E951A.roa
Signing time: Wed 26 Feb 2025 06:43:40 +0000
ROA not before: Wed 26 Feb 2025 06:43:36 +0000
ROA not after: Fri 28 Mar 2025 06:43:36 +0000
asID: 214413
IP address blocks: 154.193.180.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 90365 (0x160fd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Feb 26 06:43:36 2025 GMT
Not After : Mar 28 06:43:36 2025 GMT
Subject: CN=67beb81c-6cb2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:dc:10:e8:aa:fd:64:4c:7c:63:2e:68:0b:c0:
3f:7c:6f:0f:27:cc:02:dd:be:3e:f6:d9:44:bc:b1:
67:b6:4f:f2:12:d1:06:c7:5c:a2:ac:d4:80:28:a7:
a5:2c:f2:2a:d1:c5:11:01:1a:a3:66:90:a8:06:e1:
fb:32:f4:76:8d:92:fa:21:41:b3:27:48:75:35:0a:
38:fb:8c:b6:0e:95:6c:c4:42:e8:14:43:4b:ad:4d:
03:1e:59:2d:78:77:73:63:bb:a8:0b:d4:e2:c3:2c:
00:ab:a1:c6:b2:65:e2:ea:79:e2:21:d9:33:93:e6:
5f:3d:29:e8:6b:6b:9e:2e:82:41:33:12:03:98:6a:
21:29:a0:ec:e9:27:be:d8:83:3d:2c:d3:4b:68:df:
51:ab:26:79:55:8a:a4:3e:1c:33:91:47:89:2a:8a:
d2:f0:fa:08:ab:19:a7:f7:e8:15:b9:30:03:9e:0a:
2f:62:8e:25:53:27:b9:4f:66:ce:b8:ba:87:a3:7c:
7f:79:8f:ab:6f:30:42:d2:ac:3c:1f:4b:fb:e4:f0:
a4:1b:3c:ee:dd:2f:7e:61:6f:bb:12:e0:37:69:71:
5d:65:e8:82:8e:7e:fd:c5:44:39:e3:ec:31:6c:56:
3d:26:d9:a9:ca:57:4c:89:a4:8b:e8:ea:a0:ce:be:
74:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:E2:75:12:1A:B8:D5:9C:15:18:EF:89:0A:B7:A4:6C:B1:42:3F:1F
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/0334D5DCF40D11EF81CCF763762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.193.180.0/22
Signature Algorithm: sha256WithRSAEncryption
4b:30:ca:55:d1:d0:54:58:a9:7c:19:7d:2f:0f:48:e5:6b:0d:
41:c8:90:0b:b4:22:3e:ff:5b:7d:9d:3c:67:fa:d1:5c:f3:f2:
2a:d7:36:f4:3c:3b:93:bc:b7:2a:bf:66:36:f2:47:02:bb:28:
dd:32:24:c4:42:f7:23:b1:35:85:fc:5e:e9:c9:de:90:3d:f2:
3a:e0:28:fd:ca:ba:55:1b:06:8c:e8:03:95:88:e8:34:2a:93:
21:2d:54:ae:19:35:b2:66:dc:ab:f5:d3:88:86:fb:bc:60:17:
1d:15:65:e9:50:c6:00:91:7a:f2:fc:95:ca:c9:5c:2c:e1:e4:
a5:14:8f:c8:09:f1:cc:f6:01:a9:df:be:75:45:13:b4:ad:b9:
91:b3:4a:7e:9b:16:77:db:8d:df:79:a8:87:2f:b1:ce:71:1e:
a7:df:af:26:1b:eb:e4:5f:3e:f9:ac:17:25:e7:78:72:44:24:
03:e4:5a:37:7f:b3:90:e9:b0:b2:88:e8:a5:e0:a6:81:fc:53:
83:2c:61:3f:8b:91:c9:ab:14:05:39:3a:c9:af:34:52:2e:90:
ab:3a:f4:dd:d5:4d:f9:ca:56:9b:c2:65:34:8b:8f:61:8b:64:
dd:c1:91:a7:f1:b1:ad:a8:5f:81:48:9d:f3:92:41:d0:8d:1d:
13:cb:d2:3c
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAWD9MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMjI2MDY0MzM2WhcNMjUwMzI4MDY0MzM2WjAYMRYw
FAYDVQQDEw02N2JlYjgxYy02Y2IyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAvNwQ6Kr9ZEx8Yy5oC8A/fG8PJ8wC3b4+9tlEvLFntk/yEtEGx1yirNSA
KKelLPIq0cURARqjZpCoBuH7MvR2jZL6IUGzJ0h1NQo4+4y2DpVsxELoFENLrU0D
HlkteHdzY7uoC9TiwywAq6HGsmXi6nniIdkzk+ZfPSnoa2ueLoJBMxIDmGohKaDs
6Se+2IM9LNNLaN9RqyZ5VYqkPhwzkUeJKorS8PoIqxmn9+gVuTADngovYo4lUye5
T2bOuLqHo3x/eY+rbzBC0qw8H0v75PCkGzzu3S9+YW+7EuA3aXFdZeiCjn79xUQ5
4+wxbFY9JtmpyldMiaSL6Oqgzr503QIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFHTi
dRIauNWcFRjviQq3pGyxQj8fMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8wMzM0RDVEQ0Y0MEQxMUVGODFDQ0Y3NjM3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCmsG0MA0GCSqGSIb3DQEB
CwUAA4IBAQBLMMpV0dBUWKl8GX0vD0jlaw1ByJALtCI+/1t9nTxn+tFc8/Iq1zb0
PDuTvLcqv2Y28kcCuyjdMiTEQvcjsTWF/F7pyd6QPfI64Cj9yrpVGwaM6AOViOg0
KpMhLVSuGTWyZtyr9dOIhvu8YBcdFWXpUMYAkXry/JXKyVws4eSlFI/ICfHM9gGp
3751RRO0rbmRs0p+mxZ3243feaiHL7HOcR6n368mG+vkXz75rBcl53hyRCQD5Fo3
f7OQ6bCyiOil4KaB/FODLGE/i5HJqxQFOTrJrzRSLpCrOvTd1U35ylabwmU0i49h
i2TdwZGn8bGtqF+BSJ3zkkHQjR0Ty9I8
-----END CERTIFICATE-----
Generated at Fri May 9 11:43:18 2025 by rpki-client