Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/2A1ABD1A328311F0A26A07E2DAE4EC9C.roa
File: 2A1ABD1A328311F0A26A07E2DAE4EC9C.roa (raw, json)
Hash identifier: 2CA8j91etrovwRoLgXUG+j3btMXosiRMXh9pQPJ0Cv0=
Subject key identifier: 66:3F:BB:BA:2A:34:76:66:9B:D3:BF:10:1F:7C:75:CE:78:BF:B6:97
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0180FC
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/2A1ABD1A328311F0A26A07E2DAE4EC9C.roa
Signing time: Fri 16 May 2025 18:25:38 +0000
ROA not before: Fri 16 May 2025 18:25:33 +0000
ROA not after: Wed 04 Jun 2025 18:25:33 +0000
asID: 213448
IP address blocks: 154.81.173.0/24 maxlen: 24
154.81.189.0/24 maxlen: 24
154.83.100.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 98556 (0x180fc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: May 16 18:25:33 2025 GMT
Not After : Jun 4 18:25:33 2025 GMT
Subject: CN=68278322-89a8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:49:f9:96:61:13:db:4e:61:f4:9a:7d:ef:a0:
c4:1c:00:e0:39:a7:94:02:45:01:ed:cd:fb:3d:89:
0d:22:b5:20:28:36:53:02:97:6e:90:95:bc:41:01:
47:ba:d8:40:07:ee:fc:e0:72:d8:3a:f1:4e:ae:25:
0a:e5:98:8d:b4:da:fd:0e:8a:d3:a9:69:92:14:30:
f3:c8:20:7c:eb:2d:39:46:74:94:09:33:f7:67:c9:
43:e6:bd:8e:7d:fc:2b:a5:a0:b3:0e:57:14:6a:db:
c7:a0:25:95:be:9e:7b:16:49:6c:6a:68:4f:f7:46:
0d:69:2d:0b:66:00:56:e3:e8:97:e7:81:1a:c8:9c:
51:89:8c:76:2f:c9:3b:4b:5e:c0:ae:f4:1a:fa:c3:
67:ea:b7:fa:b1:4c:3d:a8:34:b4:1e:17:e4:04:21:
31:e1:20:45:73:ca:56:e9:2e:69:f9:3c:09:a4:d4:
c1:d1:32:61:98:37:4b:56:25:ae:25:a5:13:dd:17:
02:d7:fc:2a:12:d0:44:12:30:b3:33:46:a9:f7:0a:
e4:ba:89:9a:f2:1c:65:7f:99:54:42:73:00:2c:c1:
ab:f3:70:74:43:6e:24:d1:74:bc:b0:81:b3:b2:99:
59:34:f5:71:0a:ae:03:81:7d:f4:11:33:ad:94:fc:
5e:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:3F:BB:BA:2A:34:76:66:9B:D3:BF:10:1F:7C:75:CE:78:BF:B6:97
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/2A1ABD1A328311F0A26A07E2DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.81.173.0/24
154.81.189.0/24
154.83.100.0/24
Signature Algorithm: sha256WithRSAEncryption
02:52:3d:65:d6:ff:ea:50:56:e3:fc:d7:0e:5a:d6:45:ac:e4:
e8:38:85:fe:37:b7:fd:60:17:1b:95:84:d0:dd:97:96:21:d0:
2d:17:9a:f1:82:26:b1:d5:f9:e3:52:41:80:0e:fa:cf:79:60:
61:32:bb:62:63:2f:ea:c2:0c:9a:d5:13:7a:fb:05:b6:27:53:
48:bc:2b:64:b6:14:6a:47:22:cb:34:ae:85:6f:ca:45:fb:95:
fc:fc:c5:9c:b2:24:70:a7:3c:58:54:91:ac:07:e7:20:fb:6d:
9c:c0:ee:df:97:b7:c9:3e:8b:f7:26:fd:94:89:77:73:8d:ea:
41:8e:4f:04:c1:e9:ce:33:24:c3:ff:1a:ac:4e:6c:e5:c6:2b:
07:63:65:d7:51:34:6d:a2:c2:de:b1:3c:1f:51:63:f6:59:f8:
80:a4:d1:fc:4a:26:05:8a:68:04:d8:fa:ff:07:37:bb:62:f7:
c4:dd:d5:38:49:51:e9:bf:43:5a:ea:70:a6:d6:2f:ca:31:83:
79:5c:98:c5:d1:53:9b:4d:f3:e4:f8:e6:36:43:90:a9:66:7d:
fa:0f:6e:f7:fb:8b:45:d1:e7:6f:de:18:f5:ce:b0:f9:5b:f5:
1b:f3:4f:a8:96:5b:e9:f6:a5:cd:82:d7:40:0a:c2:2d:0c:ed:
e6:db:db:81
-----BEGIN CERTIFICATE-----
MIIFkDCCBHigAwIBAgIDAYD8MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNTE2MTgyNTMzWhcNMjUwNjA0MTgyNTMzWjAYMRYw
FAYDVQQDEw02ODI3ODMyMi04OWE4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA3Un5lmET205h9Jp976DEHADgOaeUAkUB7c37PYkNIrUgKDZTApdukJW8
QQFHuthAB+784HLYOvFOriUK5ZiNtNr9DorTqWmSFDDzyCB86y05RnSUCTP3Z8lD
5r2OffwrpaCzDlcUatvHoCWVvp57FklsamhP90YNaS0LZgBW4+iX54EayJxRiYx2
L8k7S17ArvQa+sNn6rf6sUw9qDS0HhfkBCEx4SBFc8pW6S5p+TwJpNTB0TJhmDdL
ViWuJaUT3RcC1/wqEtBEEjCzM0ap9wrkuoma8hxlf5lUQnMALMGr83B0Q24k0XS8
sIGzsplZNPVxCq4DgX30ETOtlPxegQIDAQABo4ICsTCCAq0wHQYDVR0OBBYEFGY/
u7oqNHZmm9O/EB98dc54v7aXMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8yQTFBQkQxQTMyODMxMUYwQTI2QTA3RTJEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAmlGtAwQAmlG9AwQAmlNk
MA0GCSqGSIb3DQEBCwUAA4IBAQACUj1l1v/qUFbj/NcOWtZFrOToOIX+N7f9YBcb
lYTQ3ZeWIdAtF5rxgiax1fnjUkGADvrPeWBhMrtiYy/qwgya1RN6+wW2J1NIvCtk
thRqRyLLNK6Fb8pF+5X8/MWcsiRwpzxYVJGsB+cg+22cwO7fl7fJPov3Jv2UiXdz
jepBjk8EwenOMyTD/xqsTmzlxisHY2XXUTRtosLesTwfUWP2WfiApNH8SiYFimgE
2Pr/Bze7YvfE3dU4SVHpv0Na6nCm1i/KMYN5XJjF0VObTfPk+OY2Q5CpZn36D273
+4tF0edv3hj1zrD5W/Ub80+ollvp9qXNgtdACsItDO3m29uB
-----END CERTIFICATE-----
Generated at Fri Jun 6 14:16:22 2025 by rpki-client