Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/09247FB0F6BF11EF94067A70762E951A.roa
File: 09247FB0F6BF11EF94067A70762E951A.roa (raw, json)
Hash identifier: entyNBaVHpqIc6SE7/4GKlUcaenBrhhNN5403gvScxE=
Subject key identifier: 81:BA:C0:7A:68:02:5E:C5:CF:07:34:94:45:ED:9D:6D:99:AD:C8:46
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 016F0D
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/09247FB0F6BF11EF94067A70762E951A.roa
Signing time: Sat 01 Mar 2025 17:03:02 +0000
ROA not before: Sat 01 Mar 2025 17:02:59 +0000
ROA not after: Mon 31 Mar 2025 17:02:59 +0000
asID: 202656
IP address blocks: 154.219.236.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 93965 (0x16f0d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Mar 1 17:02:59 2025 GMT
Not After : Mar 31 17:02:59 2025 GMT
Subject: CN=67c33dc6-bd9a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:a1:7e:da:dd:fe:fb:4c:00:52:ae:2d:c8:eb:
e2:f5:f8:30:8d:5d:c5:ff:7b:0c:4b:be:7e:07:87:
26:f2:99:51:58:34:d2:36:df:15:6f:c9:d8:a6:1d:
3f:8c:fa:73:dd:88:94:cc:8c:dd:a4:b7:ba:d7:92:
06:f7:98:d4:5a:af:3b:a7:fe:f1:a6:36:e9:45:b3:
0c:0f:e8:c2:19:41:84:d3:12:42:d0:c7:6a:da:f9:
6d:b5:71:af:1c:20:cd:77:a5:82:c8:bd:08:db:90:
a7:99:17:3f:6c:35:ac:1d:4b:92:c7:3b:96:d4:46:
e5:f0:fa:a2:89:0e:b0:2e:87:e2:42:10:bd:9b:b2:
d1:de:b0:5d:5b:d5:5c:1b:53:36:c5:dd:d3:cb:02:
65:47:d2:99:60:3d:5e:48:64:ba:d4:a2:5e:62:71:
bd:b0:30:9b:da:11:93:c8:ce:55:09:c6:80:eb:71:
e2:61:e0:26:28:1f:2f:9f:db:83:4f:8f:14:d5:77:
4e:d2:77:10:46:87:fc:2e:6d:57:c0:d8:f5:4d:25:
92:7e:88:66:79:8e:27:81:dd:73:25:2d:38:42:eb:
0c:2e:03:a6:ed:39:da:d0:c6:8e:17:49:2d:8d:d7:
b8:af:f5:52:d4:cd:dc:4b:44:a0:07:b8:e5:1b:33:
dc:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:BA:C0:7A:68:02:5E:C5:CF:07:34:94:45:ED:9D:6D:99:AD:C8:46
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/09247FB0F6BF11EF94067A70762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.219.236.0/24
Signature Algorithm: sha256WithRSAEncryption
c0:17:ac:d0:e3:30:cf:8d:46:0b:12:c6:26:04:b5:24:e7:d0:
5b:09:9c:28:0f:4f:9b:81:76:4c:21:29:09:94:c1:b0:30:99:
12:df:e0:09:c8:48:f4:23:7b:f2:ba:3e:c7:9d:06:78:6f:86:
de:0e:00:1e:f0:85:48:ff:35:e5:66:d9:95:d5:a4:92:dc:f4:
10:26:91:4f:3f:21:7f:5e:13:3a:71:2a:8b:32:6c:c6:42:9f:
6f:e1:48:e9:5b:59:1c:56:fb:c1:bc:a7:29:37:a3:b5:bb:c8:
63:46:93:41:28:c3:de:ab:fb:bc:84:79:cf:56:db:b6:81:2f:
ff:29:63:42:78:8c:53:7a:d1:42:78:5d:1c:64:9d:f4:fe:9a:
ef:10:38:38:69:ec:48:29:d1:d7:2b:e8:8a:66:c0:2c:fb:42:
af:02:ad:09:35:9f:df:ce:9d:7a:1e:45:0b:91:7b:5c:50:39:
54:8d:9b:73:d3:b3:d7:e0:78:a0:a8:f1:1f:68:5b:36:48:56:
28:9e:f1:18:26:ae:e8:99:89:49:4c:d3:4d:6f:94:5e:2e:c3:
41:5e:53:60:a5:e1:36:55:fa:3d:56:64:7d:cf:e6:7b:bd:39:
71:6e:1e:5a:ee:b2:26:6f:c4:51:6b:73:2f:eb:8d:19:72:31:
26:20:3e:8c
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAW8NMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMzAxMTcwMjU5WhcNMjUwMzMxMTcwMjU5WjAYMRYw
FAYDVQQDEw02N2MzM2RjNi1iZDlhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAzaF+2t3++0wAUq4tyOvi9fgwjV3F/3sMS75+B4cm8plRWDTSNt8Vb8nY
ph0/jPpz3YiUzIzdpLe615IG95jUWq87p/7xpjbpRbMMD+jCGUGE0xJC0Mdq2vlt
tXGvHCDNd6WCyL0I25CnmRc/bDWsHUuSxzuW1Ebl8PqiiQ6wLofiQhC9m7LR3rBd
W9VcG1M2xd3TywJlR9KZYD1eSGS61KJeYnG9sDCb2hGTyM5VCcaA63HiYeAmKB8v
n9uDT48U1XdO0ncQRof8Lm1XwNj1TSWSfohmeY4ngd1zJS04QusMLgOm7Tna0MaO
F0ktjde4r/VS1M3cS0SgB7jlGzPc9wIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFIG6
wHpoAl7Fzwc0lEXtnW2ZrchGMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8wOTI0N0ZCMEY2QkYxMUVGOTQwNjdBNzA3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmtvsMA0GCSqGSIb3DQEB
CwUAA4IBAQDAF6zQ4zDPjUYLEsYmBLUk59BbCZwoD0+bgXZMISkJlMGwMJkS3+AJ
yEj0I3vyuj7HnQZ4b4beDgAe8IVI/zXlZtmV1aSS3PQQJpFPPyF/XhM6cSqLMmzG
Qp9v4UjpW1kcVvvBvKcpN6O1u8hjRpNBKMPeq/u8hHnPVtu2gS//KWNCeIxTetFC
eF0cZJ30/prvEDg4aexIKdHXK+iKZsAs+0KvAq0JNZ/fzp16HkULkXtcUDlUjZtz
07PX4HigqPEfaFs2SFYonvEYJq7omYlJTNNNb5ReLsNBXlNgpeE2Vfo9VmR9z+Z7
vTlxbh5a7rImb8RRa3Mv640ZcjEmID6M
-----END CERTIFICATE-----
Generated at Fri May 9 07:03:30 2025 by rpki-client