Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/2B2E6BE8DA5411EFBB18E971762E951A.roa
File: 2B2E6BE8DA5411EFBB18E971762E951A.roa (raw, json)
Hash identifier: 9+mjZvkpghd6pWE+Jc0NN/KQEO6uhR9FjylpiVSwedM=
Subject key identifier: FC:69:63:A2:9D:1F:68:76:54:C0:6A:B5:6E:1B:32:E3:3B:21:BF:87
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 014740
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/2B2E6BE8DA5411EFBB18E971762E951A.roa
Signing time: Fri 24 Jan 2025 13:07:31 +0000
ROA not before: Fri 24 Jan 2025 13:07:27 +0000
ROA not after: Sat 01 Mar 2025 13:07:27 +0000
asID: 49505
IP address blocks: 154.223.205.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 83776 (0x14740)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Jan 24 13:07:27 2025 GMT
Not After : Mar 1 13:07:27 2025 GMT
Subject: CN=67939093-7413
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:a8:81:bc:70:9a:cc:a6:af:d0:ea:c1:3c:a9:
7b:fe:37:ec:ee:17:1f:06:1e:ae:bb:9e:06:e4:a5:
bd:77:5f:22:02:5d:1e:d2:7e:41:aa:aa:29:5c:97:
95:98:66:96:5a:24:f1:ea:e0:d7:27:bd:96:3c:c0:
48:8b:86:5c:f8:c0:11:53:7a:d4:3f:74:d8:72:c9:
f9:3b:90:b0:79:cb:98:9a:20:dd:06:80:d3:0c:6f:
57:17:33:9d:2c:a1:68:66:e2:52:24:a6:66:30:7a:
e7:6b:24:f9:29:c8:88:4d:d3:2a:d7:cc:e7:bc:5f:
fa:38:83:d5:4a:56:92:0e:f7:fd:89:05:46:9c:16:
62:10:45:50:0c:0f:31:bb:68:49:d3:5a:22:3d:fb:
6c:54:38:7d:d4:5f:98:c6:fe:2b:87:af:67:17:48:
c1:2c:1b:a0:1f:5e:66:ad:00:4b:28:82:77:bb:d2:
3c:cf:42:69:19:85:da:b0:50:16:95:47:68:1b:5d:
63:29:a4:f9:1d:c5:59:a2:08:83:3c:a5:4d:bb:e1:
a3:e6:11:2d:d4:b6:67:5f:9d:4f:21:b4:49:ae:d7:
96:6c:6c:af:28:36:7f:4f:af:d4:5a:d3:02:75:b3:
fc:90:ad:2d:f3:07:8f:2c:7d:5c:f7:00:24:c1:c4:
64:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:69:63:A2:9D:1F:68:76:54:C0:6A:B5:6E:1B:32:E3:3B:21:BF:87
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/2B2E6BE8DA5411EFBB18E971762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.223.205.0/24
Signature Algorithm: sha256WithRSAEncryption
af:b5:73:13:74:14:c8:05:0f:98:c2:c3:9b:36:da:12:ad:36:
16:ce:8e:8b:03:51:aa:b3:73:51:11:4a:5b:a8:fa:c6:c5:b5:
dd:c6:af:12:7e:ce:43:79:5f:2f:e0:7a:9c:31:c1:8f:b2:2d:
11:e3:72:0c:95:ed:11:ce:90:34:a2:ff:e8:e1:68:26:d6:f8:
72:ca:b6:75:27:03:ad:78:6b:ea:d0:81:26:4c:e2:e2:30:b0:
6d:f9:e7:46:ca:84:b7:a0:0c:f6:3c:93:f7:07:c5:46:5c:43:
db:78:6e:8e:77:4b:9d:b8:16:86:cc:58:09:39:88:44:22:4e:
cb:d7:bf:c8:fd:31:ce:83:7d:0d:19:a3:26:3d:ba:e5:a2:7d:
27:8d:33:f5:bb:36:2b:ea:04:f6:c7:df:15:3c:44:ad:6d:f3:
8e:7e:32:b4:0f:0a:a9:bb:84:64:3e:9f:45:7e:b2:aa:c4:7d:
77:35:16:83:e0:e4:40:40:a8:5b:69:96:d1:d2:47:55:00:84:
11:78:eb:54:a3:ad:3f:1e:a2:82:c8:7d:e6:ce:70:2c:a1:d7:
5c:22:36:67:ea:8b:15:51:7d:cf:37:db:37:08:8d:65:c2:11:
ff:bd:bd:75:49:a0:9c:31:1e:a7:68:4e:6b:67:ad:e3:9b:2f:
d3:80:d0:45
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAUdAMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTI0MTMwNzI3WhcNMjUwMzAxMTMwNzI3WjAYMRYw
FAYDVQQDEw02NzkzOTA5My03NDEzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA4qiBvHCazKav0OrBPKl7/jfs7hcfBh6uu54G5KW9d18iAl0e0n5Bqqop
XJeVmGaWWiTx6uDXJ72WPMBIi4Zc+MARU3rUP3TYcsn5O5CwecuYmiDdBoDTDG9X
FzOdLKFoZuJSJKZmMHrnayT5KciITdMq18znvF/6OIPVSlaSDvf9iQVGnBZiEEVQ
DA8xu2hJ01oiPftsVDh91F+Yxv4rh69nF0jBLBugH15mrQBLKIJ3u9I8z0JpGYXa
sFAWlUdoG11jKaT5HcVZogiDPKVNu+Gj5hEt1LZnX51PIbRJrteWbGyvKDZ/T6/U
WtMCdbP8kK0t8wePLH1c9wAkwcRk5QIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFPxp
Y6KdH2h2VMBqtW4bMuM7Ib+HMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8yQjJFNkJFOERBNTQxMUVGQkIxOEU5NzE3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmt/NMA0GCSqGSIb3DQEB
CwUAA4IBAQCvtXMTdBTIBQ+YwsObNtoSrTYWzo6LA1Gqs3NREUpbqPrGxbXdxq8S
fs5DeV8v4HqcMcGPsi0R43IMle0RzpA0ov/o4Wgm1vhyyrZ1JwOteGvq0IEmTOLi
MLBt+edGyoS3oAz2PJP3B8VGXEPbeG6Od0uduBaGzFgJOYhEIk7L17/I/THOg30N
GaMmPbrlon0njTP1uzYr6gT2x98VPEStbfOOfjK0Dwqpu4RkPp9FfrKqxH13NRaD
4ORAQKhbaZbR0kdVAIQReOtUo60/HqKCyH3mznAsoddcIjZn6osVUX3PN9s3CI1l
whH/vb11SaCcMR6naE5rZ63jmy/TgNBF
-----END CERTIFICATE-----
Generated at Thu Mar 13 17:53:24 2025 by rpki-client