Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/38242E76DA4C11EF84DCF6B7762E951A.roa
File: 38242E76DA4C11EF84DCF6B7762E951A.roa (raw, json)
Hash identifier: pXzP/80RnjkE8ulK8hxWnmBNtiuTpHBFPll45gWlE6I=
Subject key identifier: BD:9B:3A:2D:2D:40:E5:21:DD:51:AE:D5:C4:3B:77:E5:95:65:79:6B
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01468C
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/38242E76DA4C11EF84DCF6B7762E951A.roa
Signing time: Fri 24 Jan 2025 12:10:37 +0000
ROA not before: Fri 24 Jan 2025 12:10:33 +0000
ROA not after: Wed 05 Mar 2025 12:10:33 +0000
asID: 49505
IP address blocks: 154.211.11.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 83596 (0x1468c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Jan 24 12:10:33 2025 GMT
Not After : Mar 5 12:10:33 2025 GMT
Subject: CN=6793833c-6b79
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:20:8a:d6:64:2f:11:9f:a1:e7:74:f1:83:a0:
8c:ae:54:37:ad:85:84:53:70:47:aa:9d:43:46:50:
14:c1:53:c8:e8:de:e4:b0:9f:f5:56:6e:58:6f:20:
41:12:77:e8:80:c1:92:04:a9:14:54:8f:37:66:ab:
c3:5b:eb:15:0d:31:57:8b:fb:dc:f8:ab:47:09:96:
98:c3:b0:eb:f5:2f:54:61:b3:73:50:85:8a:b7:9a:
74:12:81:56:71:8a:de:9f:a6:6b:1b:56:2e:db:fc:
a0:8d:ee:62:22:ee:3b:0a:ad:a1:de:32:bc:92:48:
17:93:fe:0a:79:df:65:0f:a6:88:0a:9b:91:0b:e6:
b4:35:37:15:e4:cf:23:8f:96:10:04:fa:ab:54:fa:
ae:ad:b4:23:c3:3d:72:36:ec:46:0a:58:98:35:8a:
04:c1:65:f7:51:0d:d5:5d:91:d5:93:30:58:4c:50:
50:86:e0:71:3f:38:b3:7a:1a:64:e5:1d:2e:66:4c:
fd:f4:6f:1f:63:f2:02:ea:3f:57:cb:13:db:71:a0:
b0:af:25:13:cd:c0:71:ae:04:08:9e:f1:c2:77:96:
8c:fc:19:c5:1d:00:cd:50:17:66:7b:ec:1a:b8:aa:
a2:58:88:09:be:87:d5:3c:c8:0d:6a:89:90:22:c7:
45:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:9B:3A:2D:2D:40:E5:21:DD:51:AE:D5:C4:3B:77:E5:95:65:79:6B
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/38242E76DA4C11EF84DCF6B7762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.211.11.0/24
Signature Algorithm: sha256WithRSAEncryption
01:0b:34:22:09:5c:40:fa:49:92:fa:ed:b4:0d:d7:c3:91:3d:
6c:48:b7:27:e4:d5:1f:43:c5:22:7d:3b:c3:a0:bf:1e:cb:46:
e8:27:0f:a1:0b:d1:56:06:35:55:29:67:11:48:a4:08:cc:33:
2d:40:cb:34:a5:0a:d0:f4:fc:8a:38:c8:1e:31:53:4f:8f:da:
fc:00:5d:81:be:eb:d0:ed:b9:37:06:80:41:37:3b:78:1d:ac:
3e:a2:47:cf:11:1c:d3:04:be:95:3c:16:19:50:b0:dd:7d:38:
ca:51:4b:f6:18:3d:94:25:47:f4:9e:4e:f7:ff:c0:50:30:93:
e7:10:c0:2e:75:90:4b:d7:6a:1a:e8:5b:c6:bc:3c:7c:17:fd:
2d:43:55:d0:f3:22:9f:a5:ac:6f:4e:1c:90:0c:9e:71:83:e1:
2e:3c:28:13:cb:e6:70:67:17:1f:1f:a4:e2:88:e6:61:96:e9:
97:49:a0:db:cd:4f:74:ef:5d:0e:d4:e5:cb:c6:ce:a6:b0:1f:
94:b1:bb:8b:31:ef:16:4a:85:84:73:75:cb:92:d2:74:4c:4e:
29:bd:ed:a0:42:57:e7:51:1e:ae:74:bd:0a:9d:cf:b6:f9:f3:
8c:12:1d:97:b2:e3:a9:0f:5d:8a:b8:07:a1:c7:70:f7:16:3b:
67:fd:ba:55
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAUaMMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTI0MTIxMDMzWhcNMjUwMzA1MTIxMDMzWjAYMRYw
FAYDVQQDEw02NzkzODMzYy02Yjc5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAviCK1mQvEZ+h53Txg6CMrlQ3rYWEU3BHqp1DRlAUwVPI6N7ksJ/1Vm5Y
byBBEnfogMGSBKkUVI83ZqvDW+sVDTFXi/vc+KtHCZaYw7Dr9S9UYbNzUIWKt5p0
EoFWcYren6ZrG1Yu2/ygje5iIu47Cq2h3jK8kkgXk/4Ked9lD6aICpuRC+a0NTcV
5M8jj5YQBPqrVPqurbQjwz1yNuxGCliYNYoEwWX3UQ3VXZHVkzBYTFBQhuBxPziz
ehpk5R0uZkz99G8fY/IC6j9XyxPbcaCwryUTzcBxrgQInvHCd5aM/BnFHQDNUBdm
e+wauKqiWIgJvofVPMgNaomQIsdFpwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFL2b
Oi0tQOUh3VGu1cQ7d+WVZXlrMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8zODI0MkU3NkRBNEMxMUVGODREQ0Y2Qjc3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmtMLMA0GCSqGSIb3DQEB
CwUAA4IBAQABCzQiCVxA+kmS+u20DdfDkT1sSLcn5NUfQ8UifTvDoL8ey0boJw+h
C9FWBjVVKWcRSKQIzDMtQMs0pQrQ9PyKOMgeMVNPj9r8AF2BvuvQ7bk3BoBBNzt4
Haw+okfPERzTBL6VPBYZULDdfTjKUUv2GD2UJUf0nk73/8BQMJPnEMAudZBL12oa
6FvGvDx8F/0tQ1XQ8yKfpaxvThyQDJ5xg+EuPCgTy+ZwZxcfH6TiiOZhlumXSaDb
zU90710O1OXLxs6msB+UsbuLMe8WSoWEc3XLktJ0TE4pve2gQlfnUR6udL0Knc+2
+fOMEh2XsuOpD12KuAehx3D3Fjtn/bpV
-----END CERTIFICATE-----
Generated at Thu Mar 13 17:53:08 2025 by rpki-client