Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/35BA20FAEF7D11EFBB84E946762E951A.roa
File: 35BA20FAEF7D11EFBB84E946762E951A.roa (raw, json)
Hash identifier: ynESusqmYhnLoENCt0OclNc1t0RNvbs0ZdlBbpIwkBU=
Subject key identifier: C0:81:DD:F2:3E:FC:43:36:06:20:8E:08:8D:A3:F4:49:7D:A0:C4:5D
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0158C4
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/35BA20FAEF7D11EFBB84E946762E951A.roa
Signing time: Thu 20 Feb 2025 11:24:13 +0000
ROA not before: Thu 20 Feb 2025 11:24:07 +0000
ROA not after: Thu 20 Mar 2025 11:24:07 +0000
asID: 54600
IP address blocks: 154.202.117.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 88260 (0x158c4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Feb 20 11:24:07 2025 GMT
Not After : Mar 20 11:24:07 2025 GMT
Subject: CN=67b710dd-7eeb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:67:b5:30:8c:3b:ca:45:91:53:57:ae:c7:37:
13:f0:e8:ef:81:b6:06:73:0e:0f:a0:80:f9:52:e5:
82:a6:84:bf:64:cb:7a:28:9d:fe:8f:36:00:a0:e4:
0d:39:a6:10:96:9a:98:5f:b4:21:0d:ba:11:91:0b:
13:f6:11:af:70:eb:e4:ab:12:f2:7d:89:cd:2b:9a:
40:bd:fd:39:1f:e5:29:95:37:9a:2e:c1:80:be:d0:
d5:db:ef:3b:32:15:db:de:98:f7:fa:d9:93:5c:7d:
6a:bd:61:a9:79:37:c2:04:83:ec:e5:5d:33:21:f6:
b5:d4:1a:7e:ec:aa:d5:a1:5a:76:85:df:cc:4f:7d:
27:9c:97:16:80:7c:eb:8b:d9:38:d5:9a:ad:17:38:
6e:34:97:10:12:b8:6c:69:4b:e5:1d:d8:38:77:82:
d1:da:21:48:fd:ce:c9:c0:00:29:54:54:bd:0c:7a:
39:63:3e:ac:12:8a:fd:4f:b4:89:03:1a:03:fe:b5:
5c:bb:f0:b8:53:36:67:a4:21:e6:3d:17:60:a3:f9:
16:ee:09:ac:d9:ed:b6:a5:ee:c7:93:7e:38:f0:23:
68:e6:6c:8c:cc:27:08:30:bf:a4:f0:d2:ce:92:9b:
1f:22:23:03:a1:d0:32:06:74:35:f0:28:36:de:79:
e2:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:81:DD:F2:3E:FC:43:36:06:20:8E:08:8D:A3:F4:49:7D:A0:C4:5D
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/35BA20FAEF7D11EFBB84E946762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.202.117.0/24
Signature Algorithm: sha256WithRSAEncryption
38:5b:f9:72:2b:27:35:3f:0e:54:f0:39:d8:83:9e:e9:7e:2b:
fa:95:7b:cd:a3:b2:4e:c2:19:6b:1d:2b:2b:4a:76:17:7c:23:
8c:cd:3c:9c:8c:0c:04:95:30:31:46:89:42:e9:46:18:b3:ec:
85:0b:74:d9:f8:32:ec:45:55:0a:ef:55:9a:c5:f3:bf:41:22:
98:cd:73:4d:65:3b:70:68:8e:97:35:85:46:43:c4:36:7e:8f:
88:81:7c:50:b1:02:9d:c3:34:4f:2a:ed:0a:e2:4b:7f:50:03:
a0:d0:32:eb:e2:24:79:5f:e2:2a:a8:0c:d5:6e:49:9d:81:69:
49:3c:41:c9:28:e9:b5:db:46:54:85:19:29:cb:4d:59:e4:f2:
2f:09:07:ae:64:82:97:c6:55:89:1e:19:bf:26:59:1e:95:2b:
ec:f0:80:6d:20:87:f2:12:ed:14:a1:03:e2:09:f0:3a:46:2c:
e4:9a:92:d9:8e:23:98:e3:ae:be:a7:8b:3e:33:c9:22:5a:47:
a9:f4:47:96:ac:2d:a5:1c:16:3e:fd:6d:2a:f1:d2:2f:74:eb:
8a:82:b3:0b:8c:9e:91:8b:ae:47:07:0f:14:e8:20:41:4a:86:
c0:4a:62:fd:fb:25:3e:c3:b1:6b:83:bb:28:4f:b0:d9:29:24:
76:55:68:c5
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAVjEMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMjIwMTEyNDA3WhcNMjUwMzIwMTEyNDA3WjAYMRYw
FAYDVQQDEw02N2I3MTBkZC03ZWViMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA2Ge1MIw7ykWRU1euxzcT8OjvgbYGcw4PoID5UuWCpoS/ZMt6KJ3+jzYA
oOQNOaYQlpqYX7QhDboRkQsT9hGvcOvkqxLyfYnNK5pAvf05H+UplTeaLsGAvtDV
2+87MhXb3pj3+tmTXH1qvWGpeTfCBIPs5V0zIfa11Bp+7KrVoVp2hd/MT30nnJcW
gHzri9k41ZqtFzhuNJcQErhsaUvlHdg4d4LR2iFI/c7JwAApVFS9DHo5Yz6sEor9
T7SJAxoD/rVcu/C4UzZnpCHmPRdgo/kW7gms2e22pe7Hk3448CNo5myMzCcIML+k
8NLOkpsfIiMDodAyBnQ18Cg23nnijQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFMCB
3fI+/EM2BiCOCI2j9El9oMRdMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8zNUJBMjBGQUVGN0QxMUVGQkI4NEU5NDY3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmsp1MA0GCSqGSIb3DQEB
CwUAA4IBAQA4W/lyKyc1Pw5U8DnYg57pfiv6lXvNo7JOwhlrHSsrSnYXfCOMzTyc
jAwElTAxRolC6UYYs+yFC3TZ+DLsRVUK71WaxfO/QSKYzXNNZTtwaI6XNYVGQ8Q2
fo+IgXxQsQKdwzRPKu0K4kt/UAOg0DLr4iR5X+IqqAzVbkmdgWlJPEHJKOm120ZU
hRkpy01Z5PIvCQeuZIKXxlWJHhm/JlkelSvs8IBtIIfyEu0UoQPiCfA6RizkmpLZ
jiOY466+p4s+M8kiWkep9EeWrC2lHBY+/W0q8dIvdOuKgrMLjJ6Ri65HBw8U6CBB
SobASmL9+yU+w7Frg7soT7DZKSR2VWjF
-----END CERTIFICATE-----
Generated at Fri May 9 09:54:41 2025 by rpki-client