Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/224FB4C0F67C11EF8BF1A8AC762E951A.roa
File: 224FB4C0F67C11EF8BF1A8AC762E951A.roa (raw, json)
Hash identifier: CbHEj6l7ApWTt2z6xg8ixkOy177G+snu4FmfmJoJFtc=
Subject key identifier: 92:A2:1E:AB:A9:DA:6E:EC:25:10:6E:0C:3F:56:F5:8B:3E:EC:66:ED
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 016D7D
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/224FB4C0F67C11EF8BF1A8AC762E951A.roa
Signing time: Sat 01 Mar 2025 09:04:08 +0000
ROA not before: Sat 01 Mar 2025 09:04:05 +0000
ROA not after: Mon 31 Mar 2025 09:04:05 +0000
asID: 44559
IP address blocks: 154.209.198.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 93565 (0x16d7d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Mar 1 09:04:05 2025 GMT
Not After : Mar 31 09:04:05 2025 GMT
Subject: CN=67c2cd88-9005
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:ba:37:b0:a3:de:24:5f:dd:c6:40:c2:22:9b:
c6:89:b0:47:d6:2b:cf:bf:4f:58:ea:fd:73:2b:1d:
43:51:1e:77:6f:4d:da:55:c9:b4:2c:84:65:d9:f2:
8e:67:eb:e3:84:7b:7b:f1:2c:cf:06:e0:12:db:e1:
7b:9f:93:19:f0:7d:23:ff:ee:50:c5:a5:b2:ad:be:
c6:6d:e7:63:08:ae:24:6d:66:3c:a4:53:8c:9e:c0:
43:4d:81:0d:5d:90:ab:59:f9:2c:a0:bb:e3:8f:c4:
4f:06:b8:65:28:2b:4e:a7:f0:a9:dc:25:72:6c:58:
84:31:24:91:ef:66:b4:1e:0e:ef:ea:90:d0:48:2e:
60:1d:bd:23:bd:3f:89:b2:da:95:ca:b2:5e:07:37:
d3:44:01:b4:16:6e:bb:14:6b:4a:d2:93:dc:2c:f9:
d4:42:60:d4:68:ea:69:82:85:86:06:b1:9d:be:f4:
b7:ee:7b:d7:71:d1:e7:58:69:5d:22:64:ef:5b:75:
86:75:28:bd:bd:0e:db:dc:c9:ce:f7:db:bc:af:27:
0c:e9:69:2b:2c:a3:24:05:6d:dd:49:59:ae:f5:1d:
23:ce:8e:24:89:0f:25:40:a3:6a:d7:a2:ec:1b:a8:
68:53:a5:d8:65:10:bf:ec:95:8a:d3:1a:24:03:58:
13:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:A2:1E:AB:A9:DA:6E:EC:25:10:6E:0C:3F:56:F5:8B:3E:EC:66:ED
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/224FB4C0F67C11EF8BF1A8AC762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.209.198.0/24
Signature Algorithm: sha256WithRSAEncryption
45:f6:e1:5a:a9:7e:ec:5e:22:3c:c8:b5:dc:7a:d8:5f:eb:b3:
57:f5:a8:dc:ab:85:52:50:ea:1d:aa:6c:19:27:09:03:32:95:
e5:4f:c6:af:f7:b1:79:f0:c5:61:a4:5a:d8:d3:94:85:a6:35:
f4:52:66:9a:85:c0:9e:b0:5d:12:96:0d:07:cf:a9:87:a5:d3:
e6:da:be:62:f0:63:b9:01:81:d5:33:72:c9:a8:02:8e:07:77:
6b:47:9d:ee:16:e1:a7:02:4a:b1:7b:85:7d:f5:45:34:92:1e:
2a:5f:c2:36:ba:05:8f:27:fa:22:ee:55:af:d4:21:6d:7e:7e:
43:64:01:85:92:90:fc:8c:a6:20:4b:61:7d:f9:d6:a0:7a:fd:
8d:0a:66:dd:50:f3:27:04:8d:64:96:76:5a:26:de:20:52:cb:
c3:b6:66:b6:7c:24:b9:34:2a:6a:8d:4b:37:8b:ba:96:f5:8e:
65:25:51:2b:d6:e0:9b:24:11:b2:03:e8:91:b0:bf:cb:78:1c:
62:c5:03:cb:96:e0:ab:0b:e8:9b:47:00:0c:dd:3f:42:7b:46:
50:82:18:de:82:49:c4:56:eb:35:3b:53:4d:eb:9b:90:4e:f1:
b5:60:3c:2a:79:80:91:66:84:e9:49:84:fe:82:b3:d0:cc:2d:
4c:fe:c7:92
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAW19MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMzAxMDkwNDA1WhcNMjUwMzMxMDkwNDA1WjAYMRYw
FAYDVQQDEw02N2MyY2Q4OC05MDA1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAtLo3sKPeJF/dxkDCIpvGibBH1ivPv09Y6v1zKx1DUR53b03aVcm0LIRl
2fKOZ+vjhHt78SzPBuAS2+F7n5MZ8H0j/+5QxaWyrb7GbedjCK4kbWY8pFOMnsBD
TYENXZCrWfksoLvjj8RPBrhlKCtOp/Cp3CVybFiEMSSR72a0Hg7v6pDQSC5gHb0j
vT+JstqVyrJeBzfTRAG0Fm67FGtK0pPcLPnUQmDUaOppgoWGBrGdvvS37nvXcdHn
WGldImTvW3WGdSi9vQ7b3MnO99u8rycM6WkrLKMkBW3dSVmu9R0jzo4kiQ8lQKNq
16LsG6hoU6XYZRC/7JWK0xokA1gT4QIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFJKi
Hqup2m7sJRBuDD9W9Ys+7GbtMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8yMjRGQjRDMEY2N0MxMUVGOEJGMUE4QUM3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmtHGMA0GCSqGSIb3DQEB
CwUAA4IBAQBF9uFaqX7sXiI8yLXcethf67NX9ajcq4VSUOodqmwZJwkDMpXlT8av
97F58MVhpFrY05SFpjX0UmaahcCesF0Slg0Hz6mHpdPm2r5i8GO5AYHVM3LJqAKO
B3drR53uFuGnAkqxe4V99UU0kh4qX8I2ugWPJ/oi7lWv1CFtfn5DZAGFkpD8jKYg
S2F9+dagev2NCmbdUPMnBI1klnZaJt4gUsvDtma2fCS5NCpqjUs3i7qW9Y5lJVEr
1uCbJBGyA+iRsL/LeBxixQPLluCrC+ibRwAM3T9Ce0ZQghjegknEVus1O1NN65uQ
TvG1YDwqeYCRZoTpSYT+grPQzC1M/seS
-----END CERTIFICATE-----
Generated at Fri May 9 06:05:44 2025 by rpki-client