Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/325BD054D9FF11EFB21881B0762E951A.roa
File: 325BD054D9FF11EFB21881B0762E951A.roa (raw, json)
Hash identifier: rNgkzot4PHhFDAQpXbyEbMibtKAcvgAWufpg+xxwoyw=
Subject key identifier: FE:1F:02:18:AB:02:1F:89:42:6C:EB:90:7F:8A:FF:C9:87:41:2C:E1
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 014378
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/325BD054D9FF11EFB21881B0762E951A.roa
Signing time: Fri 24 Jan 2025 02:59:16 +0000
ROA not before: Fri 24 Jan 2025 02:59:12 +0000
ROA not after: Sat 01 Mar 2025 02:59:12 +0000
asID: 49505
IP address blocks: 154.223.203.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 82808 (0x14378)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Jan 24 02:59:12 2025 GMT
Not After : Mar 1 02:59:12 2025 GMT
Subject: CN=67930204-37be
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:24:a5:c3:88:f5:2c:9a:b4:ff:30:ae:ae:c8:
a6:04:13:03:1b:6f:77:df:c1:ae:c0:26:de:9e:5e:
a8:4d:d4:e6:0f:64:47:65:29:20:cb:48:b1:87:b1:
be:63:9b:ba:5b:c2:18:50:53:4a:03:2f:f0:88:96:
cf:ba:27:db:94:ee:6c:08:4b:b5:23:65:13:0d:04:
7d:8c:c1:c5:3d:26:54:71:f9:ea:51:d2:12:ab:44:
e0:5a:8d:cb:df:7b:49:21:47:a4:93:b5:f0:90:e0:
79:0a:95:9b:1a:78:08:81:1e:5a:36:65:96:89:7a:
de:85:87:fa:62:a2:52:65:da:41:80:3c:e7:98:47:
19:44:22:e0:32:0b:2c:4e:96:9a:48:1b:b7:6e:7f:
86:4a:bb:36:6f:0f:f6:ef:17:fa:59:37:bc:dc:47:
61:81:5b:34:4f:3c:e8:82:9b:50:a9:6a:a0:d7:78:
b3:cc:6a:1b:68:9c:27:4d:b7:41:96:ac:89:ac:68:
05:de:e4:2a:39:6d:a3:8b:66:c8:be:18:9d:4d:04:
27:80:b7:65:eb:82:fe:69:42:83:a8:41:85:ea:ee:
a7:04:43:e4:05:e4:48:91:bb:7e:a5:1f:64:96:0e:
39:50:bb:9b:8d:52:d4:34:a3:e8:f5:ec:1a:70:bf:
f0:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:1F:02:18:AB:02:1F:89:42:6C:EB:90:7F:8A:FF:C9:87:41:2C:E1
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/325BD054D9FF11EFB21881B0762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.223.203.0/24
Signature Algorithm: sha256WithRSAEncryption
1c:7f:39:a9:23:01:de:d9:dc:bd:e1:e4:5c:3e:27:70:3e:b6:
2f:87:fc:af:0e:f0:f3:fe:43:f4:43:76:b3:67:0d:9f:6d:9f:
c5:fc:32:f6:aa:b2:97:25:73:7a:e9:b8:e4:94:67:9c:8c:eb:
1d:07:38:62:0c:92:0e:a3:d3:0c:d1:0c:c7:08:f9:b0:ec:d2:
b4:a8:5e:18:11:ed:84:ab:04:b6:b3:ef:f6:42:e1:28:6d:15:
ec:62:9e:d3:46:e3:ec:aa:5c:73:79:cd:a1:bf:3a:db:68:48:
f3:97:16:8f:16:86:9c:4a:29:99:14:c0:7f:46:7c:95:44:6d:
ab:18:b6:e5:30:00:5a:e8:bb:bb:17:1d:51:32:24:1b:c4:dc:
52:dd:61:8c:96:d5:1f:51:68:64:c6:f9:04:02:c9:3d:4d:e8:
8e:b3:a2:ce:17:d9:6e:b9:41:66:b2:ba:a7:75:ae:9a:de:5f:
16:cd:98:4d:2d:e8:7b:22:b4:e3:ed:13:e7:4d:a4:2e:73:ce:
5d:b1:e0:31:48:e9:6c:72:47:e9:df:a2:1e:eb:d3:2e:a4:7c:
0a:32:7d:b6:61:1e:fa:4a:3d:f4:02:d5:06:18:37:b7:00:47:
fa:7a:06:1e:f4:dd:84:d8:33:e7:b5:30:6c:45:fb:a0:71:e1:
08:db:ac:04
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAUN4MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTI0MDI1OTEyWhcNMjUwMzAxMDI1OTEyWjAYMRYw
FAYDVQQDEw02NzkzMDIwNC0zN2JlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA0ySlw4j1LJq0/zCursimBBMDG29338GuwCbenl6oTdTmD2RHZSkgy0ix
h7G+Y5u6W8IYUFNKAy/wiJbPuifblO5sCEu1I2UTDQR9jMHFPSZUcfnqUdISq0Tg
Wo3L33tJIUekk7XwkOB5CpWbGngIgR5aNmWWiXrehYf6YqJSZdpBgDznmEcZRCLg
MgssTpaaSBu3bn+GSrs2bw/27xf6WTe83EdhgVs0TzzogptQqWqg13izzGobaJwn
TbdBlqyJrGgF3uQqOW2ji2bIvhidTQQngLdl64L+aUKDqEGF6u6nBEPkBeRIkbt+
pR9klg45ULubjVLUNKPo9ewacL/wRQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFP4f
AhirAh+JQmzrkH+K/8mHQSzhMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8zMjVCRDA1NEQ5RkYxMUVGQjIxODgxQjA3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmt/LMA0GCSqGSIb3DQEB
CwUAA4IBAQAcfzmpIwHe2dy94eRcPidwPrYvh/yvDvDz/kP0Q3azZw2fbZ/F/DL2
qrKXJXN66bjklGecjOsdBzhiDJIOo9MM0QzHCPmw7NK0qF4YEe2EqwS2s+/2QuEo
bRXsYp7TRuPsqlxzec2hvzrbaEjzlxaPFoacSimZFMB/RnyVRG2rGLblMABa6Lu7
Fx1RMiQbxNxS3WGMltUfUWhkxvkEAsk9TeiOs6LOF9luuUFmsrqnda6a3l8WzZhN
Leh7IrTj7RPnTaQuc85dseAxSOlsckfp36Ie69MupHwKMn22YR76Sj30AtUGGDe3
AEf6egYe9N2E2DPntTBsRfugceEI26wE
-----END CERTIFICATE-----
Generated at Thu Mar 13 17:50:59 2025 by rpki-client