Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/3241583EF2D011EF9FBA926E762E951A.roa
File: 3241583EF2D011EF9FBA926E762E951A.roa (raw, json)
Hash identifier: lQh8JCLUTJzJx1phhvb3+QzSE+P5vIXk9a7NLaofENY=
Subject key identifier: 74:9D:45:16:6C:A9:C2:2E:EF:32:FD:68:41:F3:43:12:8A:31:98:52
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 015C88
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/3241583EF2D011EF9FBA926E762E951A.roa
Signing time: Mon 24 Feb 2025 16:55:48 +0000
ROA not before: Mon 24 Feb 2025 16:55:45 +0000
ROA not after: Sat 29 Mar 2025 16:55:45 +0000
asID: 203020
IP address blocks: 154.223.184.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 89224 (0x15c88)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Feb 24 16:55:45 2025 GMT
Not After : Mar 29 16:55:45 2025 GMT
Subject: CN=67bca494-13c1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:29:9b:b2:33:09:8d:58:ab:08:7a:90:24:44:
a7:ce:bd:40:e6:b0:74:c1:a6:00:63:dc:d7:c1:47:
ae:b9:42:5e:08:a2:c1:96:67:e2:c0:99:06:22:7b:
4b:54:30:95:f5:85:85:6e:c1:eb:af:9c:76:01:0f:
1e:d5:20:a6:f3:47:a9:82:b5:01:30:00:0b:6b:b2:
9f:a2:01:4e:44:14:f9:ed:7e:9d:5b:b0:8b:e6:7c:
22:ff:f0:c2:26:ed:03:53:a2:c5:e6:e0:ea:9a:1d:
89:70:e9:f1:1f:27:aa:fe:c1:f8:5b:c0:8c:26:71:
42:fd:80:8f:12:52:ae:fc:57:dd:87:7f:5f:f5:42:
8c:e4:1f:de:7c:49:0c:14:65:50:9b:29:e5:9d:4d:
f3:c0:22:e4:ec:43:b0:a0:04:d6:f9:22:eb:fc:a5:
a1:d9:28:4c:06:ee:96:63:9a:11:34:d2:1d:09:ad:
51:22:84:86:6f:7f:6d:1a:aa:51:c2:ba:bc:b0:7f:
2a:8e:4d:80:f4:f6:54:0a:de:d9:73:3c:4c:ed:1b:
36:28:a3:a5:d1:5d:5d:62:1f:3b:3d:5e:fd:69:cc:
8c:6f:24:f9:0d:dd:aa:37:68:b2:69:4c:1f:d9:d4:
f6:0f:69:d9:71:f4:c8:a4:3a:5f:64:e3:b1:13:29:
d3:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:9D:45:16:6C:A9:C2:2E:EF:32:FD:68:41:F3:43:12:8A:31:98:52
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/3241583EF2D011EF9FBA926E762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.223.184.0/24
Signature Algorithm: sha256WithRSAEncryption
39:73:83:60:1f:ac:b8:ea:a8:d3:b2:38:f2:b4:19:47:be:14:
64:de:41:47:a0:2e:54:0c:4c:1a:82:7b:d1:c4:a8:19:3a:b2:
6f:58:65:8f:c9:19:34:90:f8:22:85:8a:3f:85:f4:d6:06:8f:
68:39:f7:14:25:ee:fc:79:fa:90:8f:1b:1a:d8:de:46:38:bf:
06:1a:36:d0:e0:69:c3:8a:62:e9:b8:51:11:09:43:25:be:32:
f5:9e:c4:f0:0c:85:f4:06:b8:fe:df:3c:72:5c:36:f2:bf:71:
44:df:0c:7d:d6:e4:c9:df:46:21:3e:25:53:8a:5c:77:76:54:
e5:3c:66:bd:ee:af:66:5a:c1:f8:47:a5:82:4c:87:c2:a9:6a:
b7:5c:77:62:d4:47:19:ce:ef:15:87:9c:55:ac:1f:7c:c7:e0:
15:8b:bc:3c:0c:aa:b1:47:d9:95:54:45:ab:86:a4:c4:bc:de:
e8:ee:92:87:5f:23:1e:74:db:b8:bc:2d:57:d7:4b:6c:da:db:
44:5c:23:99:82:08:01:39:59:ca:d6:ae:b7:40:4d:8e:bc:41:
93:5d:64:0c:49:b1:36:1c:c3:be:e6:1d:98:e6:50:05:ca:f0:
2c:e3:83:67:e1:ea:a8:f0:74:b2:61:67:c1:0a:a3:5b:b0:87:
91:0d:40:66
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAVyIMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMjI0MTY1NTQ1WhcNMjUwMzI5MTY1NTQ1WjAYMRYw
FAYDVQQDEw02N2JjYTQ5NC0xM2MxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEApSmbsjMJjVirCHqQJESnzr1A5rB0waYAY9zXwUeuuUJeCKLBlmfiwJkG
IntLVDCV9YWFbsHrr5x2AQ8e1SCm80epgrUBMAALa7KfogFORBT57X6dW7CL5nwi
//DCJu0DU6LF5uDqmh2JcOnxHyeq/sH4W8CMJnFC/YCPElKu/Ffdh39f9UKM5B/e
fEkMFGVQmynlnU3zwCLk7EOwoATW+SLr/KWh2ShMBu6WY5oRNNIdCa1RIoSGb39t
GqpRwrq8sH8qjk2A9PZUCt7ZczxM7Rs2KKOl0V1dYh87PV79acyMbyT5Dd2qN2iy
aUwf2dT2D2nZcfTIpDpfZOOxEynTzQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFHSd
RRZsqcIu7zL9aEHzQxKKMZhSMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8zMjQxNTgzRUYyRDAxMUVGOUZCQTkyNkU3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmt+4MA0GCSqGSIb3DQEB
CwUAA4IBAQA5c4NgH6y46qjTsjjytBlHvhRk3kFHoC5UDEwagnvRxKgZOrJvWGWP
yRk0kPgihYo/hfTWBo9oOfcUJe78efqQjxsa2N5GOL8GGjbQ4GnDimLpuFERCUMl
vjL1nsTwDIX0Brj+3zxyXDbyv3FE3wx91uTJ30YhPiVTilx3dlTlPGa97q9mWsH4
R6WCTIfCqWq3XHdi1EcZzu8Vh5xVrB98x+AVi7w8DKqxR9mVVEWrhqTEvN7o7pKH
XyMedNu4vC1X10ts2ttEXCOZgggBOVnK1q63QE2OvEGTXWQMSbE2HMO+5h2Y5lAF
yvAs44Nn4eqo8HSyYWfBCqNbsIeRDUBm
-----END CERTIFICATE-----
Generated at Sat Apr 12 05:00:31 2025 by rpki-client