Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/236C7566F80F11EF87CF975B762E951A.roa
File: 236C7566F80F11EF87CF975B762E951A.roa (raw, json)
Hash identifier: DcyR8lIyyCVmcoMVc39eaQcAuA8M3YeE9RsUy1W7dGQ=
Subject key identifier: AB:A0:93:DE:CF:61:82:36:4D:A8:A1:D2:87:FE:8B:7A:D1:B1:64:96
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 016FAA
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/236C7566F80F11EF87CF975B762E951A.roa
Signing time: Mon 03 Mar 2025 09:08:58 +0000
ROA not before: Mon 03 Mar 2025 09:08:53 +0000
ROA not after: Fri 04 Apr 2025 09:08:53 +0000
asID: 61112
IP address blocks: 154.83.98.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 94122 (0x16faa)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Mar 3 09:08:53 2025 GMT
Not After : Apr 4 09:08:53 2025 GMT
Subject: CN=67c571a9-c9c7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:9c:e9:00:e9:c6:e2:e9:c5:a9:99:03:9e:ad:
96:f9:08:ee:4c:cb:c8:08:bb:88:cb:73:04:bc:ac:
ef:b2:a3:33:9a:18:83:a1:cb:e6:50:5a:b9:fc:4a:
1f:e9:af:fb:d2:5c:f6:4e:f8:f7:f7:d9:b5:ca:c3:
e5:ce:d7:0f:11:f7:73:62:60:a4:89:58:5c:7b:8e:
8a:84:3f:f0:3d:ad:7b:58:c6:44:aa:66:77:f2:33:
04:15:41:e1:8b:0f:82:71:c4:4c:9e:1b:20:a9:8f:
d9:dd:e3:ca:d2:48:1d:e3:9a:af:3b:73:bd:98:af:
4e:1f:96:25:74:e0:20:ef:ce:1a:d4:b3:df:d5:07:
20:7f:63:3e:73:4b:12:29:d5:1a:c2:c3:b4:a0:1a:
89:ae:f1:21:f5:82:c2:93:a1:eb:51:47:c4:ae:ab:
3f:00:36:cf:e3:d1:57:14:77:21:0c:33:7d:d0:98:
bc:90:ae:74:2a:6e:c8:1d:e6:02:b4:e3:06:d9:df:
b4:a9:b8:c3:10:e6:d7:c7:d3:66:16:59:3d:d4:d1:
f6:0a:5a:9d:f6:49:cc:8b:92:14:36:69:04:90:f0:
51:c3:3f:0f:49:c0:b8:7c:78:76:e6:c2:52:30:63:
60:5e:7c:e8:a7:63:52:f7:32:e4:cd:ea:28:10:c2:
5e:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:A0:93:DE:CF:61:82:36:4D:A8:A1:D2:87:FE:8B:7A:D1:B1:64:96
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/236C7566F80F11EF87CF975B762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.83.98.0/24
Signature Algorithm: sha256WithRSAEncryption
26:d8:a3:a2:bd:81:ce:e4:18:69:24:75:77:98:9d:79:41:77:
49:56:9e:cf:a7:d2:98:aa:d2:d0:4d:7d:a3:2d:da:1b:0c:82:
08:b7:f2:47:37:9a:4e:42:4b:63:30:b5:3d:de:71:72:ec:86:
4a:61:f5:3a:b7:fd:72:52:ac:6e:77:16:c6:b3:50:fc:69:b7:
5d:b5:b3:ff:bf:48:3c:52:73:1b:b4:c3:2d:46:f6:b2:bb:c6:
6d:a3:85:cc:3f:30:b4:d0:8f:b4:51:5b:e5:d5:02:7f:08:45:
cd:7b:58:bd:c4:e9:a0:00:e4:3e:b5:07:2a:5a:ef:20:3c:97:
ee:f1:bc:7f:1c:0d:71:e7:ca:de:01:71:fd:6b:49:c8:d2:4f:
65:fd:59:c0:53:36:39:de:14:bb:84:ff:8f:b7:34:bf:2f:ff:
d8:99:75:e1:92:60:51:a6:99:d8:53:50:fd:5c:31:5b:62:b5:
a9:5e:8b:83:70:f1:97:56:15:ae:a4:ea:0c:ba:85:a4:bb:27:
68:84:20:8f:7e:de:a3:bf:cc:96:66:49:83:4e:a6:42:13:08:
df:9f:91:ee:4f:11:cf:e7:6a:6d:36:82:1f:8c:e5:8a:d0:e4:
a9:74:3e:d8:fd:d3:8e:ae:4e:75:b5:4d:58:6b:e8:42:92:d8:
42:d2:47:e1
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAW+qMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMzAzMDkwODUzWhcNMjUwNDA0MDkwODUzWjAYMRYw
FAYDVQQDEw02N2M1NzFhOS1jOWM3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEApZzpAOnG4unFqZkDnq2W+QjuTMvICLuIy3MEvKzvsqMzmhiDocvmUFq5
/Eof6a/70lz2Tvj399m1ysPlztcPEfdzYmCkiVhce46KhD/wPa17WMZEqmZ38jME
FUHhiw+CccRMnhsgqY/Z3ePK0kgd45qvO3O9mK9OH5YldOAg784a1LPf1Qcgf2M+
c0sSKdUawsO0oBqJrvEh9YLCk6HrUUfErqs/ADbP49FXFHchDDN90Ji8kK50Km7I
HeYCtOMG2d+0qbjDEObXx9NmFlk91NH2Clqd9knMi5IUNmkEkPBRwz8PScC4fHh2
5sJSMGNgXnzop2NS9zLkzeooEMJe8wIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFKug
k97PYYI2Taih0of+i3rRsWSWMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8yMzZDNzU2NkY4MEYxMUVGODdDRjk3NUI3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmlNiMA0GCSqGSIb3DQEB
CwUAA4IBAQAm2KOivYHO5BhpJHV3mJ15QXdJVp7Pp9KYqtLQTX2jLdobDIIIt/JH
N5pOQktjMLU93nFy7IZKYfU6t/1yUqxudxbGs1D8abddtbP/v0g8UnMbtMMtRvay
u8Zto4XMPzC00I+0UVvl1QJ/CEXNe1i9xOmgAOQ+tQcqWu8gPJfu8bx/HA1x58re
AXH9a0nI0k9l/VnAUzY53hS7hP+PtzS/L//YmXXhkmBRppnYU1D9XDFbYrWpXouD
cPGXVhWupOoMuoWkuydohCCPft6jv8yWZkmDTqZCEwjfn5HuTxHP52ptNoIfjOWK
0OSpdD7Y/dOOrk51tU1Ya+hCkthC0kfh
-----END CERTIFICATE-----
Generated at Fri Apr 4 20:16:58 2025 by rpki-client