Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/12829C00FF1511EFA9C7C58B762E951A.roa
File: 12829C00FF1511EFA9C7C58B762E951A.roa (raw, json)
Hash identifier: Q4hujd78im2H+xORL7vUFl5Fx5F/QwfZknvZAB32eoE=
Subject key identifier: 2F:5B:1E:0B:EF:62:D1:91:59:D5:3B:03:DE:88:72:05:27:70:E6:6C
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01739B
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/12829C00FF1511EFA9C7C58B762E951A.roa
Signing time: Wed 12 Mar 2025 07:39:04 +0000
ROA not before: Wed 12 Mar 2025 07:39:00 +0000
ROA not after: Thu 24 Apr 2025 07:39:00 +0000
asID: 54600
IP address blocks: 154.199.208.0/20 maxlen: 24
154.199.224.0/19 maxlen: 24
154.202.117.0/24 maxlen: 24
154.202.118.0/23 maxlen: 24
154.202.120.0/21 maxlen: 24
154.217.234.0/23 maxlen: 24
154.217.236.0/22 maxlen: 24
154.217.240.0/20 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 95131 (0x1739b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Mar 12 07:39:00 2025 GMT
Not After : Apr 24 07:39:00 2025 GMT
Subject: CN=67d13a18-3f28
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:01:77:4b:d1:97:9a:25:02:a0:ee:b5:0e:22:
db:51:b4:4f:43:bb:0e:28:50:47:e5:76:28:79:2c:
c0:b1:98:4c:1d:d1:64:1e:af:28:d5:68:79:01:e5:
bd:95:3c:f5:5e:8a:39:d1:a8:3d:bb:6c:fc:69:e1:
26:53:80:f6:82:5a:21:55:45:6f:20:a0:e1:da:67:
05:42:96:e3:32:5d:89:be:54:06:07:b6:97:f0:07:
5f:8d:17:fb:e3:cc:5a:e8:34:67:06:36:7f:6c:b4:
a6:e4:6a:9f:23:a4:55:94:45:ae:8f:e3:1a:c7:2f:
c8:b0:fb:85:97:de:02:d5:da:5a:14:3f:80:07:c0:
b0:2e:fe:e5:9b:a7:12:6a:aa:cb:19:d6:1c:55:83:
96:eb:64:fd:19:cd:b6:11:cc:a6:a4:4b:f5:94:68:
48:ec:95:c3:bf:a8:4b:ef:aa:50:34:83:50:d7:ca:
cc:44:bb:a4:15:4c:46:59:1c:fd:cc:e4:fa:d6:e6:
b9:ae:11:cd:ba:59:0a:74:aa:0a:0d:7b:99:c5:95:
ef:8d:90:62:29:a0:50:9f:5c:6f:0e:0f:1e:a2:5c:
23:f1:58:ab:21:40:5e:1b:cb:78:d2:f8:b9:eb:f8:
80:ea:e9:4f:87:8f:9d:bf:5a:73:99:12:b7:db:75:
b8:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:5B:1E:0B:EF:62:D1:91:59:D5:3B:03:DE:88:72:05:27:70:E6:6C
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/12829C00FF1511EFA9C7C58B762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.199.208.0-154.199.255.255
154.202.117.0-154.202.127.255
154.217.234.0-154.217.255.255
Signature Algorithm: sha256WithRSAEncryption
55:28:55:ca:e3:a0:a4:de:83:e7:54:1c:8f:6d:f9:ee:15:13:
e7:bc:80:0b:24:c8:2f:83:f4:21:05:b9:82:83:45:1f:c2:cb:
be:83:30:3a:30:0a:80:31:1f:5f:34:e9:f9:2c:0d:a7:69:7f:
c5:fd:30:cb:7a:a2:80:bb:35:05:44:7f:dc:b6:de:a2:70:b9:
3a:b9:04:28:13:e0:71:be:74:76:50:32:66:a8:f5:c1:c5:8a:
0c:c9:a1:12:55:b5:42:1b:32:3c:5a:55:fa:4b:2f:c3:b9:2d:
6d:38:33:f1:8d:6e:61:e5:df:fc:02:a3:4a:a7:79:34:3a:f2:
05:a5:fb:69:f0:45:65:8c:78:88:b6:48:5e:fd:38:60:c1:d9:
74:6e:a4:5f:89:73:4f:15:c6:12:11:d2:0f:03:00:6c:7c:06:
d2:f4:71:4b:d8:d2:90:65:e0:6c:e5:9d:61:60:10:e6:0d:d2:
e5:c9:3b:31:05:48:1b:5f:98:fe:1c:45:63:de:0c:58:d8:7b:
85:13:67:e2:1b:30:d0:76:f8:2e:df:fd:9f:b4:76:f1:c0:b3:
73:16:a3:fb:b7:d9:d3:9b:bd:8b:e8:3b:1b:5d:32:ee:9e:11:
6e:e1:a6:e4:d0:fa:7e:58:b9:7d:3e:35:08:2c:e8:fe:17:9b:
d9:86:01:d4
-----BEGIN CERTIFICATE-----
MIIFpjCCBI6gAwIBAgIDAXObMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMzEyMDczOTAwWhcNMjUwNDI0MDczOTAwWjAYMRYw
FAYDVQQDEw02N2QxM2ExOC0zZjI4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAyAF3S9GXmiUCoO61DiLbUbRPQ7sOKFBH5XYoeSzAsZhMHdFkHq8o1Wh5
AeW9lTz1Xoo50ag9u2z8aeEmU4D2glohVUVvIKDh2mcFQpbjMl2JvlQGB7aX8Adf
jRf748xa6DRnBjZ/bLSm5GqfI6RVlEWuj+Maxy/IsPuFl94C1dpaFD+AB8CwLv7l
m6cSaqrLGdYcVYOW62T9Gc22EcympEv1lGhI7JXDv6hL76pQNINQ18rMRLukFUxG
WRz9zOT61ua5rhHNulkKdKoKDXuZxZXvjZBiKaBQn1xvDg8eolwj8VirIUBeG8t4
0vi56/iA6ulPh4+dv1pzmRK323W41QIDAQABo4ICxzCCAsMwHQYDVR0OBBYEFC9b
HgvvYtGRWdU7A96IcgUncOZsMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8xMjgyOUMwMEZGMTUxMUVGQTlDN0M1OEI3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMEEGCCsGAQUFBwEHAQH/BDIwMDAuBAIAATAoMAsDBASax9ADAwOawDAMAwQA
msp1AwQHmsoAMAsDBAGa2eoDAwGa2DANBgkqhkiG9w0BAQsFAAOCAQEAVShVyuOg
pN6D51Qcj2357hUT57yACyTIL4P0IQW5goNFH8LLvoMwOjAKgDEfXzTp+SwNp2l/
xf0wy3qigLs1BUR/3LbeonC5OrkEKBPgcb50dlAyZqj1wcWKDMmhElW1QhsyPFpV
+ksvw7ktbTgz8Y1uYeXf/AKjSqd5NDryBaX7afBFZYx4iLZIXv04YMHZdG6kX4lz
TxXGEhHSDwMAbHwG0vRxS9jSkGXgbOWdYWAQ5g3S5ck7MQVIG1+Y/hxFY94MWNh7
hRNn4hsw0Hb4Lt/9n7R28cCzcxaj+7fZ05u9i+g7G10y7p4RbuGm5ND6fli5fT41
CCzo/heb2YYB1A==
-----END CERTIFICATE-----
Generated at Fri May 9 09:41:47 2025 by rpki-client