Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/2AC849F6070111F09A063E88762E951A.roa
File: 2AC849F6070111F09A063E88762E951A.roa (raw, json)
Hash identifier: B2Nsy9qvduQmCAzLmMbl7tYnsvvEvmb1XZVSfMRJGws=
Subject key identifier: 25:DC:E8:C0:DE:C4:05:61:F4:AA:73:76:E0:CF:7B:CF:F2:64:AC:DB
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 017570
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/2AC849F6070111F09A063E88762E951A.roa
Signing time: Sat 22 Mar 2025 09:36:44 +0000
ROA not before: Sat 22 Mar 2025 09:36:41 +0000
ROA not after: Mon 31 Mar 2025 09:36:41 +0000
asID: 132513
IP address blocks: 154.197.44.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 95600 (0x17570)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Mar 22 09:36:41 2025 GMT
Not After : Mar 31 09:36:41 2025 GMT
Subject: CN=67de84ac-0098
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:8e:2b:67:a0:ee:01:5e:e7:be:79:6f:ea:f5:
35:01:60:6f:09:ed:17:12:98:ae:d3:c6:40:1e:58:
9d:78:19:16:e7:10:5a:4f:f9:c8:21:72:67:7a:28:
77:71:bf:4a:94:a9:b3:eb:12:60:80:75:b2:29:19:
4a:db:c3:35:5e:07:b7:4e:d6:27:b7:af:89:2e:03:
3a:01:cb:b2:b0:7b:ec:4f:c3:40:7d:16:d8:d2:df:
e4:df:3a:c9:fa:4a:f0:60:bb:33:c3:24:8c:8f:f2:
f9:8c:a7:40:7f:6b:2b:90:a6:c2:3e:d5:87:3b:6f:
ce:31:ed:7a:77:a7:05:25:cb:e7:4e:54:c1:c1:f0:
9f:f2:2f:d4:75:05:98:5c:8c:25:86:f4:a4:31:f8:
5b:11:35:0b:6d:fc:8a:c1:d2:cb:49:99:61:78:aa:
b9:ee:fc:27:da:61:b7:6c:08:0f:8a:5e:8c:59:32:
20:57:03:27:59:c7:a5:04:75:b8:b2:b0:85:2e:fa:
65:c7:c4:a8:d4:90:88:1f:df:84:1a:55:4a:35:98:
cb:cd:91:16:56:28:2d:81:92:e1:eb:81:d0:79:da:
bb:0c:56:5c:a8:f8:73:d9:c4:e3:33:d7:e5:41:8c:
4f:01:27:92:03:e9:53:da:3e:b0:62:fa:31:27:09:
0f:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:DC:E8:C0:DE:C4:05:61:F4:AA:73:76:E0:CF:7B:CF:F2:64:AC:DB
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/2AC849F6070111F09A063E88762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.197.44.0/24
Signature Algorithm: sha256WithRSAEncryption
c8:ee:ed:2b:2a:e6:26:18:2c:59:83:a0:e7:81:73:39:f5:d7:
b1:e9:0a:31:c4:58:02:36:54:8a:6c:a7:41:49:93:5a:56:70:
db:10:74:ae:ac:92:cc:ec:74:57:30:da:37:dc:25:19:c5:36:
76:d9:f4:33:46:00:e8:f0:78:41:f2:87:5f:83:ab:d2:89:78:
4f:a4:a2:29:df:20:7b:33:3f:0e:27:1e:87:7e:c5:ed:62:0a:
1b:7e:cb:df:a0:de:a9:0b:84:d5:8a:14:3b:1f:8f:4b:ae:12:
63:bd:75:97:52:3a:33:0f:95:36:37:02:f4:56:e5:03:9b:9a:
65:63:dd:36:b8:6b:00:39:a4:72:d9:65:de:52:25:9e:8e:3d:
a6:a9:5d:bb:81:b8:34:07:55:ce:c0:68:ef:93:f0:04:d6:8b:
98:3a:48:a8:43:37:8d:e4:bd:63:7f:9f:39:5f:70:d6:65:7c:
cb:31:b6:e3:5e:94:84:e6:b9:13:47:81:9c:dc:2f:6e:d6:a1:
39:26:c3:77:ae:3a:03:9c:78:9d:4a:3c:ad:cf:85:82:cf:55:
6d:f1:6e:38:a8:11:d1:a7:18:e2:cf:03:45:c6:21:81:ec:ce:
ed:9c:6b:d7:1d:cf:79:9b:e8:97:c6:03:5e:54:4e:df:48:ab:
1c:40:b0:93
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAXVwMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMzIyMDkzNjQxWhcNMjUwMzMxMDkzNjQxWjAYMRYw
FAYDVQQDEw02N2RlODRhYy0wMDk4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAr44rZ6DuAV7nvnlv6vU1AWBvCe0XEpiu08ZAHlideBkW5xBaT/nIIXJn
eih3cb9KlKmz6xJggHWyKRlK28M1Xge3TtYnt6+JLgM6AcuysHvsT8NAfRbY0t/k
3zrJ+krwYLszwySMj/L5jKdAf2srkKbCPtWHO2/OMe16d6cFJcvnTlTBwfCf8i/U
dQWYXIwlhvSkMfhbETULbfyKwdLLSZlheKq57vwn2mG3bAgPil6MWTIgVwMnWcel
BHW4srCFLvplx8So1JCIH9+EGlVKNZjLzZEWVigtgZLh64HQedq7DFZcqPhz2cTj
M9flQYxPASeSA+lT2j6wYvoxJwkPSQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFCXc
6MDexAVh9KpzduDPe8/yZKzbMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8yQUM4NDlGNjA3MDExMUYwOUEwNjNFODg3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmsUsMA0GCSqGSIb3DQEB
CwUAA4IBAQDI7u0rKuYmGCxZg6DngXM59dex6QoxxFgCNlSKbKdBSZNaVnDbEHSu
rJLM7HRXMNo33CUZxTZ22fQzRgDo8HhB8odfg6vSiXhPpKIp3yB7Mz8OJx6HfsXt
YgobfsvfoN6pC4TVihQ7H49LrhJjvXWXUjozD5U2NwL0VuUDm5plY902uGsAOaRy
2WXeUiWejj2mqV27gbg0B1XOwGjvk/AE1ouYOkioQzeN5L1jf585X3DWZXzLMbbj
XpSE5rkTR4Gc3C9u1qE5JsN3rjoDnHidSjytz4WCz1Vt8W44qBHRpxjizwNFxiGB
7M7tnGvXHc95m+iXxgNeVE7fSKscQLCT
-----END CERTIFICATE-----
Generated at Fri May 9 06:03:19 2025 by rpki-client