Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/3529EB84F59F11EFACE32344762E951A.roa
File: 3529EB84F59F11EFACE32344762E951A.roa (raw, json)
Hash identifier: kTx27LG7I5nnYWOHGVJaPO/VVk69zjPoEMpKjxnp/lY=
Subject key identifier: AA:7A:F3:D7:78:65:D4:38:7A:D4:EC:5F:C1:5C:88:D3:F3:8F:C0:9A
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0169D7
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/3529EB84F59F11EFACE32344762E951A.roa
Signing time: Fri 28 Feb 2025 06:42:41 +0000
ROA not before: Fri 28 Feb 2025 06:42:38 +0000
ROA not after: Sat 29 Mar 2025 06:42:38 +0000
asID: 147176
IP address blocks: 154.84.153.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 92631 (0x169d7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Feb 28 06:42:38 2025 GMT
Not After : Mar 29 06:42:38 2025 GMT
Subject: CN=67c15ae1-ef86
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:b2:8e:07:56:74:db:b4:28:3d:46:38:c4:29:
f0:fc:43:24:24:38:17:27:59:92:78:6e:57:df:82:
18:ea:74:28:23:a4:13:18:24:01:f0:10:db:23:44:
b8:66:b7:0d:e9:3d:91:21:4f:66:46:7a:a0:53:64:
59:30:34:f4:7a:8c:7d:57:5d:0a:6e:bd:95:49:2f:
33:61:e4:68:0f:41:a6:6b:d1:ab:a6:91:c7:d6:82:
28:ab:6c:35:85:09:61:02:b2:a5:26:55:f1:2f:3e:
86:99:00:9d:0f:e8:fd:cb:3b:21:e8:1a:e5:52:26:
99:97:21:c0:27:0a:aa:63:44:a7:ea:5f:8a:c5:08:
2c:bb:23:fc:ca:3d:70:aa:c9:0a:63:d1:ef:a5:06:
87:77:04:f1:10:06:16:22:64:6d:1f:c4:58:12:7a:
84:e6:46:ac:a5:f1:80:59:36:05:d0:3a:31:d6:5c:
54:43:9a:6c:fc:82:ff:69:92:50:91:fe:89:72:ed:
1c:9d:d6:be:61:8b:e0:73:05:2e:0c:c5:4a:18:00:
cf:97:97:4b:d3:2b:bf:fb:0e:36:cf:71:9d:2e:56:
0f:be:db:ce:c4:76:15:7a:75:8c:b7:9e:72:78:7b:
31:a8:32:c3:ae:17:64:68:bb:4c:49:f5:d7:a5:ca:
02:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:7A:F3:D7:78:65:D4:38:7A:D4:EC:5F:C1:5C:88:D3:F3:8F:C0:9A
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/3529EB84F59F11EFACE32344762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.84.153.0/24
Signature Algorithm: sha256WithRSAEncryption
13:1c:5d:e7:82:56:f7:89:21:f6:0c:3c:3f:23:2d:12:33:9d:
f0:40:4a:61:ce:31:5a:44:04:bc:c9:d8:79:56:2f:d3:16:28:
b9:98:d2:53:31:b3:aa:e3:7c:1e:a6:bc:a1:41:06:dd:65:fc:
97:7b:0a:0a:2f:13:f4:a3:48:d2:14:07:17:a4:da:a1:5e:58:
be:dd:f7:48:25:2a:6d:9e:4a:f9:73:21:27:68:a7:8c:ca:bf:
ba:bd:12:25:22:f9:76:ce:39:6b:88:d5:ce:e2:9f:a5:46:19:
a8:ae:de:d3:73:37:87:e5:91:43:f1:04:12:76:32:5f:59:a7:
88:35:d0:66:dd:2e:81:ed:b4:c0:a4:6c:bf:8c:24:ea:4d:2d:
39:b9:3b:70:78:a9:68:21:7f:03:2b:07:53:89:8e:77:bc:dd:
cb:7a:87:e5:54:9a:f5:34:55:f0:f0:de:c8:b6:c8:ce:37:6f:
2d:18:d7:95:d2:4d:20:e6:5d:74:c2:15:cd:03:f3:64:e4:f5:
6c:99:b8:e8:d3:5b:39:72:d3:43:5b:67:ff:e1:19:7a:7f:cd:
a7:bb:71:ef:37:0f:8d:dd:a0:a9:5f:6e:ce:be:61:d9:2f:c2:
b6:bf:ab:82:9e:f9:01:76:cd:7b:4e:8f:ac:ba:dd:b2:28:0b:
2c:a0:38:42
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAWnXMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMjI4MDY0MjM4WhcNMjUwMzI5MDY0MjM4WjAYMRYw
FAYDVQQDEw02N2MxNWFlMS1lZjg2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAtrKOB1Z027QoPUY4xCnw/EMkJDgXJ1mSeG5X34IY6nQoI6QTGCQB8BDb
I0S4ZrcN6T2RIU9mRnqgU2RZMDT0eox9V10Kbr2VSS8zYeRoD0Gma9GrppHH1oIo
q2w1hQlhArKlJlXxLz6GmQCdD+j9yzsh6BrlUiaZlyHAJwqqY0Sn6l+KxQgsuyP8
yj1wqskKY9HvpQaHdwTxEAYWImRtH8RYEnqE5kaspfGAWTYF0Dox1lxUQ5ps/IL/
aZJQkf6Jcu0cnda+YYvgcwUuDMVKGADPl5dL0yu/+w42z3GdLlYPvtvOxHYVenWM
t55yeHsxqDLDrhdkaLtMSfXXpcoCOQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFKp6
89d4ZdQ4etTsX8FciNPzj8CaMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8zNTI5RUI4NEY1OUYxMUVGQUNFMzIzNDQ3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmlSZMA0GCSqGSIb3DQEB
CwUAA4IBAQATHF3nglb3iSH2DDw/Iy0SM53wQEphzjFaRAS8ydh5Vi/TFii5mNJT
MbOq43wepryhQQbdZfyXewoKLxP0o0jSFAcXpNqhXli+3fdIJSptnkr5cyEnaKeM
yr+6vRIlIvl2zjlriNXO4p+lRhmort7TczeH5ZFD8QQSdjJfWaeINdBm3S6B7bTA
pGy/jCTqTS05uTtweKloIX8DKwdTiY53vN3LeoflVJr1NFXw8N7ItsjON28tGNeV
0k0g5l10whXNA/Nk5PVsmbjo01s5ctNDW2f/4Rl6f82nu3HvNw+N3aCpX27OvmHZ
L8K2v6uCnvkBds17To+sut2yKAssoDhC
-----END CERTIFICATE-----
Generated at Sat Apr 5 21:56:04 2025 by rpki-client