Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/2CA3BB8CF83011EF8DA829B9762E951A.roa
File: 2CA3BB8CF83011EF8DA829B9762E951A.roa (raw, json)
Hash identifier: z/05hDPoIoP27630X15xa5EtLX6tHEaI8xmCJlomFE8=
Subject key identifier: 1D:FE:7C:DC:65:11:AC:B7:4D:08:BE:A4:CA:1F:11:A3:26:BB:3F:30
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0170C1
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/2CA3BB8CF83011EF8DA829B9762E951A.roa
Signing time: Mon 03 Mar 2025 13:05:26 +0000
ROA not before: Mon 03 Mar 2025 13:05:22 +0000
ROA not after: Mon 31 Mar 2025 13:05:22 +0000
asID: 44559
IP address blocks: 154.209.147.0/24 maxlen: 24
154.209.150.0/24 maxlen: 24
154.209.151.0/24 maxlen: 24
154.209.152.0/24 maxlen: 24
154.209.153.0/24 maxlen: 24
154.209.154.0/24 maxlen: 24
154.209.155.0/24 maxlen: 24
154.209.157.0/24 maxlen: 24
154.209.158.0/24 maxlen: 24
154.209.194.0/24 maxlen: 24
154.209.195.0/24 maxlen: 24
154.209.196.0/24 maxlen: 24
154.209.197.0/24 maxlen: 24
154.209.199.0/24 maxlen: 24
154.209.200.0/24 maxlen: 24
154.209.201.0/24 maxlen: 24
154.209.202.0/24 maxlen: 24
154.209.203.0/24 maxlen: 24
154.209.205.0/24 maxlen: 24
154.209.206.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 94401 (0x170c1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Mar 3 13:05:22 2025 GMT
Not After : Mar 31 13:05:22 2025 GMT
Subject: CN=67c5a916-823e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:71:5a:ed:72:80:fb:56:25:ec:02:18:a2:cf:
24:b3:23:6a:49:4f:8b:e6:c3:54:b2:76:f6:32:00:
fe:73:db:cf:3d:c0:e5:8d:56:64:4c:e7:07:41:f3:
8a:83:34:e3:55:e7:fb:64:8e:b3:d9:06:53:1c:16:
25:62:2f:22:14:11:74:f3:1c:d3:59:a0:60:a2:1a:
4c:42:ec:1d:42:2b:5e:6c:98:7f:78:6d:6a:1f:e8:
51:76:24:e4:27:90:58:22:d2:45:28:2c:8b:69:91:
4b:db:ed:0d:39:2f:bc:d7:a4:cf:18:c1:34:89:d6:
27:e8:7e:fa:49:11:cd:e3:ee:7e:97:5b:e7:f7:7a:
a7:2a:3a:d9:fd:93:48:6c:9a:c3:9c:92:dd:a8:f7:
73:04:58:89:77:43:5c:2b:d6:64:91:f9:f9:04:1a:
16:7c:33:c4:13:56:21:a7:e8:14:f3:bc:b0:39:d6:
4a:e4:53:1f:ff:5a:3f:c5:a7:78:f0:14:dd:5c:7c:
60:15:a1:29:f6:5d:e4:26:50:a5:0f:f2:2e:fa:04:
fe:26:63:e8:7b:2f:39:bd:91:00:b4:89:17:e0:2b:
9b:15:8d:29:f6:7b:d9:73:a0:ab:39:f1:6b:fc:7c:
bc:93:81:b5:7e:37:2d:47:47:d6:d9:1a:64:d1:14:
01:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:FE:7C:DC:65:11:AC:B7:4D:08:BE:A4:CA:1F:11:A3:26:BB:3F:30
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/2CA3BB8CF83011EF8DA829B9762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.209.147.0/24
154.209.150.0-154.209.155.255
154.209.157.0-154.209.158.255
154.209.194.0-154.209.197.255
154.209.199.0-154.209.203.255
154.209.205.0-154.209.206.255
Signature Algorithm: sha256WithRSAEncryption
4b:cb:11:27:73:d8:b9:2b:ac:21:25:2c:a7:78:a3:f1:81:d1:
0e:04:31:5c:2e:e6:e9:af:88:ca:14:66:0b:1d:52:c7:e3:84:
db:a2:03:f3:10:d8:8e:c2:83:df:bd:91:aa:3a:5e:6e:3d:80:
ba:7e:9d:e4:34:69:ad:7b:4c:c9:79:a1:b7:2e:14:b0:b8:ca:
12:a3:e4:a7:fc:f9:4f:42:4f:44:8f:d7:04:cf:99:89:5d:79:
75:c5:b7:90:de:4a:18:41:a0:9a:43:3d:a4:76:f5:a6:62:e3:
93:19:4e:a6:8b:d3:f1:41:3f:11:55:e4:3f:91:d8:85:72:9c:
08:05:46:cb:3c:a6:de:2d:a1:54:d8:dd:ec:c7:c1:12:9f:ac:
5a:0b:5a:bf:1e:3a:80:e1:fc:07:d3:71:02:08:3c:f3:ad:c5:
83:73:d7:b5:91:c1:50:bf:c6:60:26:d2:40:06:12:9f:e2:2f:
aa:56:cb:ca:fd:8c:1e:4d:ae:e9:07:3b:1b:ff:6b:2e:f5:e0:
86:04:7a:89:71:75:78:30:31:4e:49:11:f6:c4:96:68:5d:38:
a5:e4:4b:d9:65:75:ea:9c:a1:fd:f8:40:aa:6d:b7:f9:2d:6b:
ce:8c:9e:05:ba:0f:94:7b:0d:d5:83:23:07:89:59:e2:e8:c8:
c0:8a:58:af
-----BEGIN CERTIFICATE-----
MIIFyjCCBLKgAwIBAgIDAXDBMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMzAzMTMwNTIyWhcNMjUwMzMxMTMwNTIyWjAYMRYw
FAYDVQQDEw02N2M1YTkxNi04MjNlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAuXFa7XKA+1Yl7AIYos8ksyNqSU+L5sNUsnb2MgD+c9vPPcDljVZkTOcH
QfOKgzTjVef7ZI6z2QZTHBYlYi8iFBF08xzTWaBgohpMQuwdQitebJh/eG1qH+hR
diTkJ5BYItJFKCyLaZFL2+0NOS+816TPGME0idYn6H76SRHN4+5+l1vn93qnKjrZ
/ZNIbJrDnJLdqPdzBFiJd0NcK9Zkkfn5BBoWfDPEE1Yhp+gU87ywOdZK5FMf/1o/
xad48BTdXHxgFaEp9l3kJlClD/Iu+gT+JmPoey85vZEAtIkX4CubFY0p9nvZc6Cr
OfFr/Hy8k4G1fjctR0fW2Rpk0RQB8wIDAQABo4IC6zCCAucwHQYDVR0OBBYEFB3+
fNxlEay3TQi+pMofEaMmuz8wMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8yQ0EzQkI4Q0Y4MzAxMUVGOERBODI5Qjk3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMGUGCCsGAQUFBwEHAQH/BFYwVDBSBAIAATBMAwQAmtGTMAwDBAGa0ZYDBAKa
0ZgwDAMEAJrRnQMEAJrRnjAMAwQBmtHCAwQBmtHEMAwDBACa0ccDBAKa0cgwDAME
AJrRzQMEAJrRzjANBgkqhkiG9w0BAQsFAAOCAQEAS8sRJ3PYuSusISUsp3ij8YHR
DgQxXC7m6a+IyhRmCx1Sx+OE26ID8xDYjsKD372Rqjpebj2Aun6d5DRprXtMyXmh
ty4UsLjKEqPkp/z5T0JPRI/XBM+ZiV15dcW3kN5KGEGgmkM9pHb1pmLjkxlOpovT
8UE/EVXkP5HYhXKcCAVGyzym3i2hVNjd7MfBEp+sWgtavx46gOH8B9NxAgg8863F
g3PXtZHBUL/GYCbSQAYSn+IvqlbLyv2MHk2u6Qc7G/9rLvXghgR6iXF1eDAxTkkR
9sSWaF04peRL2WV16pyh/fhAqm23+S1rzoyeBboPlHsN1YMjB4lZ4ujIwIpYrw==
-----END CERTIFICATE-----
Generated at Fri May 9 06:40:16 2025 by rpki-client