Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/09AE0798F6B111EF91BF8191762E951A.roa
File: 09AE0798F6B111EF91BF8191762E951A.roa (raw, json)
Hash identifier: 8acSmg55wcP6Pm28ixEGfDDkA6waAs7mmGngXWn5Tdo=
Subject key identifier: 5D:6C:3D:29:A7:4F:C0:A7:E6:9A:5C:82:EE:83:97:4C:4A:F7:8C:57
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 016EA2
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/09AE0798F6B111EF91BF8191762E951A.roa
Signing time: Sat 01 Mar 2025 15:22:50 +0000
ROA not before: Sat 01 Mar 2025 15:22:47 +0000
ROA not after: Mon 31 Mar 2025 15:22:47 +0000
asID: 202656
IP address blocks: 154.219.208.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 93858 (0x16ea2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Mar 1 15:22:47 2025 GMT
Not After : Mar 31 15:22:47 2025 GMT
Subject: CN=67c3264a-37d0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:a4:8d:c3:09:44:c7:14:fd:c9:5c:3d:a1:ea:
99:0d:06:71:bb:07:7f:fe:76:13:eb:de:d8:59:92:
e8:72:78:d3:4a:40:3d:76:1f:5c:88:2e:2c:c0:17:
d0:b5:94:ec:70:08:be:23:f3:26:a2:c0:58:ea:ce:
5c:98:81:b3:2d:a1:b4:c7:ad:15:1c:98:c1:b8:03:
d1:a2:50:b6:7b:dc:ba:15:e0:08:2f:7f:56:de:77:
34:4c:ad:c3:34:03:ca:d9:34:e4:25:b9:e6:d4:77:
38:52:0f:62:fc:cc:f4:f4:a3:39:76:79:49:28:7a:
b9:79:d4:6e:c6:aa:47:7a:68:e8:45:2d:be:ad:bc:
30:ff:aa:05:f7:4c:7b:d0:be:8b:60:8f:bf:23:de:
bb:96:8e:b6:72:57:bf:c6:10:9e:be:a2:f2:6d:1a:
85:02:78:2d:a7:ec:78:c5:50:8f:74:17:d5:74:07:
f0:0b:0b:d7:7a:0f:22:2a:a1:d8:46:38:d4:2c:db:
02:89:41:38:26:ed:6e:cf:d0:46:07:ed:45:3c:18:
32:5b:29:26:8f:23:97:6b:05:ed:64:ed:d8:5a:43:
44:4b:92:68:fb:b0:e7:64:33:44:01:ef:4f:b0:80:
33:2f:61:9f:56:a1:dc:91:83:3d:be:fb:c1:de:ec:
f2:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:6C:3D:29:A7:4F:C0:A7:E6:9A:5C:82:EE:83:97:4C:4A:F7:8C:57
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/09AE0798F6B111EF91BF8191762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.219.208.0/24
Signature Algorithm: sha256WithRSAEncryption
2a:5d:d3:07:0a:ae:62:2d:41:4d:a9:41:41:38:96:0d:ab:f3:
cb:9a:4c:2e:28:d3:e7:09:e3:1b:68:9a:44:26:3e:d5:c4:e3:
2f:35:a8:c7:81:05:12:77:2c:67:39:76:87:b8:4a:12:06:7c:
e6:07:30:07:bf:82:14:b3:56:ba:2b:bd:54:ef:52:6a:c8:b1:
95:97:6d:29:17:97:a8:1b:77:e9:c2:35:a1:3d:6f:c8:bd:b2:
ea:5b:47:e3:b2:0a:71:f4:b4:fa:f5:3c:8c:34:e9:fe:40:63:
94:a2:05:90:23:19:2c:8a:df:ed:6f:ae:ed:e6:9e:32:83:ac:
f7:af:f4:0c:ea:a0:b3:a2:03:fe:c7:03:69:40:4c:be:fa:89:
db:99:d4:83:c8:24:ac:9f:b9:1a:dd:44:b8:41:42:d5:05:72:
bf:0b:bc:5d:8e:b2:ec:f9:61:6e:4c:02:5a:b4:b7:81:42:e8:
73:a5:8f:58:f8:e1:d4:e7:d7:d1:11:80:b4:14:dc:17:eb:a8:
27:86:fd:b2:6c:15:b9:99:37:2b:df:3a:29:61:75:51:c9:64:
89:19:d6:9e:a8:61:ab:2e:ec:18:76:0f:04:52:23:4d:a9:d6:
8d:51:c2:f8:9d:70:c2:07:e7:de:0b:1a:d5:8e:ac:44:db:55:
3b:b1:79:04
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAW6iMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMzAxMTUyMjQ3WhcNMjUwMzMxMTUyMjQ3WjAYMRYw
FAYDVQQDEw02N2MzMjY0YS0zN2QwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEApaSNwwlExxT9yVw9oeqZDQZxuwd//nYT697YWZLocnjTSkA9dh9ciC4s
wBfQtZTscAi+I/MmosBY6s5cmIGzLaG0x60VHJjBuAPRolC2e9y6FeAIL39W3nc0
TK3DNAPK2TTkJbnm1Hc4Ug9i/Mz09KM5dnlJKHq5edRuxqpHemjoRS2+rbww/6oF
90x70L6LYI+/I967lo62cle/xhCevqLybRqFAngtp+x4xVCPdBfVdAfwCwvXeg8i
KqHYRjjULNsCiUE4Ju1uz9BGB+1FPBgyWykmjyOXawXtZO3YWkNES5Jo+7DnZDNE
Ae9PsIAzL2GfVqHckYM9vvvB3uzyMQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFF1s
PSmnT8Cn5ppcgu6Dl0xK94xXMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8wOUFFMDc5OEY2QjExMUVGOTFCRjgxOTE3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmtvQMA0GCSqGSIb3DQEB
CwUAA4IBAQAqXdMHCq5iLUFNqUFBOJYNq/PLmkwuKNPnCeMbaJpEJj7VxOMvNajH
gQUSdyxnOXaHuEoSBnzmBzAHv4IUs1a6K71U71JqyLGVl20pF5eoG3fpwjWhPW/I
vbLqW0fjsgpx9LT69TyMNOn+QGOUogWQIxksit/tb67t5p4yg6z3r/QM6qCzogP+
xwNpQEy++onbmdSDyCSsn7ka3US4QULVBXK/C7xdjrLs+WFuTAJatLeBQuhzpY9Y
+OHU59fREYC0FNwX66gnhv2ybBW5mTcr3zopYXVRyWSJGdaeqGGrLuwYdg8EUiNN
qdaNUcL4nXDCB+feCxrVjqxE21U7sXkE
-----END CERTIFICATE-----
Generated at Fri May 9 06:40:20 2025 by rpki-client