Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/09223932FF1411EFB436EB86762E951A.roa
File: 09223932FF1411EFB436EB86762E951A.roa (raw, json)
Hash identifier: oPGb5zpGhH40jN70KBXzpWeAueynN1UnhAdi7t90pVA=
Subject key identifier: A2:CB:AA:23:9F:A8:4F:A9:09:91:5A:13:D2:A1:B7:17:B8:31:8A:EE
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 017395
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/09223932FF1411EFB436EB86762E951A.roa
Signing time: Wed 12 Mar 2025 07:31:39 +0000
ROA not before: Wed 12 Mar 2025 07:31:35 +0000
ROA not after: Fri 04 Apr 2025 07:31:35 +0000
asID: 61112
IP address blocks: 154.88.66.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 95125 (0x17395)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Mar 12 07:31:35 2025 GMT
Not After : Apr 4 07:31:35 2025 GMT
Subject: CN=67d1385b-b9b3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f5:15:f6:9b:ff:13:ce:b0:11:e6:dc:6a:0b:b5:
76:23:82:3d:11:3b:b7:20:f3:04:72:df:13:ca:12:
92:5c:88:ea:b2:d4:67:b9:fd:7a:de:6a:71:7e:94:
40:13:8b:26:b5:24:2e:a5:0c:bc:28:b1:57:5c:74:
18:a2:e1:53:5b:8d:d7:bd:c8:96:1c:a2:c4:c3:71:
d4:53:22:38:90:3c:20:2c:6d:6d:8b:46:cd:8f:c9:
35:48:c6:6e:2d:c0:cc:e9:e4:a4:97:cd:6d:90:a7:
b0:70:ca:50:cc:25:1f:8a:6a:8d:6c:11:de:87:cd:
f6:34:a6:e5:87:b8:e1:21:d7:4b:8b:c5:36:e0:4f:
29:60:1f:1f:48:2a:c7:c8:0a:69:cf:92:b9:cc:7f:
a9:32:96:57:cf:b7:57:c5:54:02:62:a1:b0:a4:9b:
be:e6:d0:5b:d4:ff:e7:ef:45:73:7b:e5:67:33:3d:
4f:1a:b9:10:34:72:09:9b:e3:16:0b:c8:26:f0:d5:
d0:27:d6:bc:85:49:71:fb:0e:74:65:e1:6f:f0:8d:
9d:f8:c2:cd:bb:14:56:8b:6d:99:1b:0a:05:ff:ff:
4b:25:b0:7a:3d:c5:07:bc:ba:9f:d9:12:65:97:ef:
74:4f:d4:5a:e7:ba:97:87:32:02:25:ba:c0:e2:f1:
6f:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:CB:AA:23:9F:A8:4F:A9:09:91:5A:13:D2:A1:B7:17:B8:31:8A:EE
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/09223932FF1411EFB436EB86762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.88.66.0/23
Signature Algorithm: sha256WithRSAEncryption
2f:5b:36:14:3e:9e:1d:7a:a9:80:15:db:ee:a2:f2:de:e8:f8:
ea:05:a7:22:e7:81:b6:76:cf:06:f5:43:14:9f:b9:56:d8:a6:
f7:c1:ba:52:a1:9d:7c:9e:b1:28:c7:db:49:ab:9d:20:9d:b0:
9f:64:46:00:14:6b:8d:99:b1:8f:6c:13:40:8c:10:72:e9:8b:
46:97:04:91:cb:75:49:f8:53:da:de:2f:92:4a:a2:58:1a:91:
19:97:46:d5:c9:d6:7f:87:ba:0e:67:1e:dc:30:a0:12:28:a2:
88:52:e2:21:75:b1:a5:05:6c:b6:5f:25:32:78:08:9e:fe:af:
5d:21:7b:38:24:f7:c0:66:b2:2f:5d:64:b1:67:80:e8:32:09:
82:c2:6c:9e:8e:e9:3e:ff:59:af:dc:bc:e5:9b:9f:34:93:af:
39:f0:df:62:92:5c:7f:5b:79:35:02:71:f8:e5:88:89:f2:82:
f6:d6:52:de:44:31:9f:c9:41:47:90:f1:03:70:7f:8c:57:6c:
f0:08:44:2c:cc:43:5c:82:48:ef:cb:99:72:36:5f:3b:3c:2a:
42:62:9c:a0:cc:6d:03:03:1d:e3:9a:b4:cf:a9:a8:b7:f1:e7:
b9:b3:1a:ce:dc:d4:96:bf:83:a5:98:a0:0a:4f:93:c2:a2:b7:
33:75:d8:7a
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAXOVMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMzEyMDczMTM1WhcNMjUwNDA0MDczMTM1WjAYMRYw
FAYDVQQDEw02N2QxMzg1Yi1iOWIzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA9RX2m/8TzrAR5txqC7V2I4I9ETu3IPMEct8TyhKSXIjqstRnuf163mpx
fpRAE4smtSQupQy8KLFXXHQYouFTW43XvciWHKLEw3HUUyI4kDwgLG1ti0bNj8k1
SMZuLcDM6eSkl81tkKewcMpQzCUfimqNbBHeh832NKblh7jhIddLi8U24E8pYB8f
SCrHyAppz5K5zH+pMpZXz7dXxVQCYqGwpJu+5tBb1P/n70Vze+VnMz1PGrkQNHIJ
m+MWC8gm8NXQJ9a8hUlx+w50ZeFv8I2d+MLNuxRWi22ZGwoF//9LJbB6PcUHvLqf
2RJll+90T9Ra57qXhzICJbrA4vFvvwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFKLL
qiOfqE+pCZFaE9Khtxe4MYruMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8wOTIyMzkzMkZGMTQxMUVGQjQzNkVCODY3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBmlhCMA0GCSqGSIb3DQEB
CwUAA4IBAQAvWzYUPp4deqmAFdvuovLe6PjqBaci54G2ds8G9UMUn7lW2Kb3wbpS
oZ18nrEox9tJq50gnbCfZEYAFGuNmbGPbBNAjBBy6YtGlwSRy3VJ+FPa3i+SSqJY
GpEZl0bVydZ/h7oOZx7cMKASKKKIUuIhdbGlBWy2XyUyeAie/q9dIXs4JPfAZrIv
XWSxZ4DoMgmCwmyejuk+/1mv3Lzlm580k6858N9iklx/W3k1AnH45YiJ8oL21lLe
RDGfyUFHkPEDcH+MV2zwCEQszENcgkjvy5lyNl87PCpCYpygzG0DAx3jmrTPqai3
8ee5sxrO3NSWv4OlmKAKT5PCorczddh6
-----END CERTIFICATE-----
Generated at Fri Apr 4 10:54:06 2025 by rpki-client