Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/2B5255F4F6B411EF9A079CA4762E951A.roa
File: 2B5255F4F6B411EF9A079CA4762E951A.roa (raw, json)
Hash identifier: sjjTsc+76nf9F4V+qtV3bb9sUSgpHi0CDE9WSpDg1dg=
Subject key identifier: 65:30:B5:5F:2C:07:CA:D0:86:A5:B6:AE:AA:01:33:0D:61:63:BE:DC
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 016EB9
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/2B5255F4F6B411EF9A079CA4762E951A.roa
Signing time: Sat 01 Mar 2025 15:45:15 +0000
ROA not before: Sat 01 Mar 2025 15:45:12 +0000
ROA not after: Mon 31 Mar 2025 15:45:12 +0000
asID: 202656
IP address blocks: 154.219.213.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 93881 (0x16eb9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Mar 1 15:45:12 2025 GMT
Not After : Mar 31 15:45:12 2025 GMT
Subject: CN=67c32b8b-7852
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:e3:ae:62:a3:8b:b6:03:40:3e:5e:e0:02:fa:
2f:00:9d:a5:44:47:d2:88:30:1a:6e:f8:a1:6a:81:
d9:1c:5b:b8:3d:fd:3e:9d:29:7a:51:2c:1d:a5:3f:
cf:ea:46:43:88:f0:9b:ff:07:b3:9e:d9:1c:4a:12:
45:dc:12:0d:cc:bb:a3:03:7e:58:b3:53:a3:7d:2c:
3a:cc:8b:f3:bf:ee:78:1b:8b:8d:33:3d:1b:a3:e1:
ba:6b:d6:a9:da:2a:7d:cb:c7:2f:00:90:78:ab:2d:
c8:0c:b0:6b:84:73:d1:e5:2e:fc:ef:c8:2a:b0:ac:
15:fb:ed:2a:e0:42:cd:8c:a2:dc:44:4d:14:3d:34:
67:35:04:7b:ff:e0:0c:f4:a8:d7:de:e9:b3:8e:93:
78:37:1f:19:74:14:e2:c7:99:e8:a6:91:c2:52:62:
79:08:95:48:95:f0:52:95:32:d7:dd:68:af:8a:a7:
78:4e:3c:cc:20:88:da:eb:0b:e0:90:fe:d9:14:ed:
50:09:a0:7b:14:e5:50:38:47:a8:2a:d3:85:c5:34:
be:b2:42:e9:45:ae:df:62:fc:af:cf:27:6c:d7:50:
94:0e:ff:17:2e:52:60:e2:05:06:1c:e2:d1:48:49:
9d:ef:04:a1:54:1e:48:51:00:44:fa:c0:a4:89:a2:
a3:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:30:B5:5F:2C:07:CA:D0:86:A5:B6:AE:AA:01:33:0D:61:63:BE:DC
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/2B5255F4F6B411EF9A079CA4762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.219.213.0/24
Signature Algorithm: sha256WithRSAEncryption
64:6f:84:c9:73:7b:1a:21:c7:c8:98:b5:59:fb:db:1d:0c:76:
92:c2:69:65:4b:c9:d4:0b:01:6f:7a:7f:56:b1:c7:06:9e:a3:
73:e8:96:ba:be:49:cb:ec:6b:ce:d7:13:f0:d0:ae:21:01:4a:
c9:c5:03:02:01:6c:a2:64:83:00:77:8e:ba:96:b0:4a:14:6c:
b8:61:e5:ec:e0:93:ff:ab:c6:a5:45:22:3b:ac:f6:0a:55:9a:
ff:b9:5e:07:11:b2:94:a8:60:6b:19:16:bc:2f:1b:73:74:a5:
be:04:cc:24:4a:bb:b0:65:9d:e0:46:da:d6:2b:e0:42:ac:82:
7e:72:3c:6a:d2:df:d2:c1:7c:91:45:db:ad:69:31:53:12:e1:
21:7b:fe:89:71:80:cf:84:75:c7:1e:a0:15:11:6b:30:d3:b6:
ed:fe:8d:b9:87:db:ae:1b:1d:45:b5:95:ae:76:41:9c:aa:79:
5b:ce:4b:e0:34:cc:c9:a1:b0:a9:97:24:01:c2:f0:98:68:4f:
fe:95:29:43:5e:ee:47:cf:44:be:bd:ea:7b:3d:24:90:84:05:
c2:37:0d:7b:21:4b:ed:3f:8b:00:86:e2:25:d2:fd:b8:41:a3:
29:fd:0c:37:14:fb:1c:3b:69:fa:55:3e:88:8f:3e:0b:cb:fe:
44:b8:14:2f
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAW65MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMzAxMTU0NTEyWhcNMjUwMzMxMTU0NTEyWjAYMRYw
FAYDVQQDEw02N2MzMmI4Yi03ODUyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAzOOuYqOLtgNAPl7gAvovAJ2lREfSiDAabvihaoHZHFu4Pf0+nSl6USwd
pT/P6kZDiPCb/wezntkcShJF3BINzLujA35Ys1OjfSw6zIvzv+54G4uNMz0bo+G6
a9ap2ip9y8cvAJB4qy3IDLBrhHPR5S7878gqsKwV++0q4ELNjKLcRE0UPTRnNQR7
/+AM9KjX3umzjpN4Nx8ZdBTix5noppHCUmJ5CJVIlfBSlTLX3Wiviqd4TjzMIIja
6wvgkP7ZFO1QCaB7FOVQOEeoKtOFxTS+skLpRa7fYvyvzyds11CUDv8XLlJg4gUG
HOLRSEmd7wShVB5IUQBE+sCkiaKj1QIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFGUw
tV8sB8rQhqW2rqoBMw1hY77cMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8yQjUyNTVGNEY2QjQxMUVGOUEwNzlDQTQ3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmtvVMA0GCSqGSIb3DQEB
CwUAA4IBAQBkb4TJc3saIcfImLVZ+9sdDHaSwmllS8nUCwFven9WsccGnqNz6Ja6
vknL7GvO1xPw0K4hAUrJxQMCAWyiZIMAd466lrBKFGy4YeXs4JP/q8alRSI7rPYK
VZr/uV4HEbKUqGBrGRa8LxtzdKW+BMwkSruwZZ3gRtrWK+BCrIJ+cjxq0t/SwXyR
RdutaTFTEuEhe/6JcYDPhHXHHqAVEWsw07bt/o25h9uuGx1FtZWudkGcqnlbzkvg
NMzJobCplyQBwvCYaE/+lSlDXu5Hz0S+vep7PSSQhAXCNw17IUvtP4sAhuIl0v24
QaMp/Qw3FPscO2n6VT6Ijz4Ly/5EuBQv
-----END CERTIFICATE-----
Generated at Fri May 9 11:43:20 2025 by rpki-client