Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/394B3344F6BC11EF9A5BE25D762E951A.roa
File: 394B3344F6BC11EF9A5BE25D762E951A.roa (raw, json)
Hash identifier: g65/D7NuNMW/w+BzcOW4cz7kFFEWWzOxK5vXYfbOKLM=
Subject key identifier: AB:C4:5A:38:92:57:59:44:74:47:E7:EF:26:91:57:9A:7E:FE:3C:44
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 016EED
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/394B3344F6BC11EF9A5BE25D762E951A.roa
Signing time: Sat 01 Mar 2025 16:42:55 +0000
ROA not before: Sat 01 Mar 2025 16:42:51 +0000
ROA not after: Mon 31 Mar 2025 16:42:51 +0000
asID: 202656
IP address blocks: 154.219.228.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 93933 (0x16eed)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Mar 1 16:42:51 2025 GMT
Not After : Mar 31 16:42:51 2025 GMT
Subject: CN=67c3390f-65df
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:c2:82:1b:dc:a0:19:dc:b1:9f:b0:1c:78:29:
1c:66:df:30:ac:f2:0f:5d:a7:ae:41:78:08:9e:0c:
c4:1d:6d:1a:4c:13:0c:79:46:c3:a1:a0:59:06:8c:
24:e3:1a:35:1b:dc:91:96:71:c6:d7:e3:0c:81:62:
50:2e:8b:7f:9a:34:57:f4:df:ea:c6:33:37:bf:b5:
91:ab:ef:cb:49:66:1e:25:0d:4f:c2:53:7e:81:ba:
ee:9c:ee:3e:da:43:5e:f6:25:65:a7:b2:43:3b:62:
c8:64:7d:2c:44:0d:fa:10:0a:7c:2c:83:c9:b2:39:
85:fc:02:01:21:8d:49:31:51:ae:c2:ec:ac:34:24:
4b:92:5b:09:10:10:32:49:23:ba:ac:e7:10:e5:ec:
2f:e5:09:59:86:f2:4a:13:0d:b5:3c:69:2f:85:47:
bb:66:5b:e0:85:c3:bb:9c:4f:00:fe:6f:a5:9b:20:
5d:b4:18:7f:92:59:39:89:c1:74:25:5f:f5:a4:af:
2b:28:cb:e4:f0:18:47:0b:22:24:51:4b:f1:e8:48:
42:b1:e4:ee:bb:fd:c9:3c:23:52:17:ea:ca:d3:1a:
c4:eb:11:6e:e4:f8:b1:9c:78:cb:ed:ca:83:4a:f2:
28:01:a0:d8:f1:5b:8a:af:c2:20:bb:9a:f1:7b:29:
08:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:C4:5A:38:92:57:59:44:74:47:E7:EF:26:91:57:9A:7E:FE:3C:44
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/394B3344F6BC11EF9A5BE25D762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.219.228.0/24
Signature Algorithm: sha256WithRSAEncryption
5d:c5:7d:c2:66:d4:ed:67:56:31:7f:45:cb:56:ba:54:6c:39:
15:25:94:bc:05:0d:6c:81:08:1d:24:81:f9:96:77:0b:9e:ce:
e6:8e:04:40:66:ad:8d:ee:12:09:fc:03:d3:96:63:a5:8c:87:
6d:44:16:3b:a2:c1:6c:9c:b2:ef:a6:5f:e3:6d:a0:e0:e5:81:
d9:3b:a8:9b:f3:c0:f0:ad:84:39:36:8e:ad:3f:a5:c8:d0:d1:
53:ca:9d:b3:23:b0:37:2a:41:f3:ff:44:ac:fd:b6:0a:af:b7:
bb:a8:60:4a:c6:38:66:ee:ff:6b:ea:16:29:42:92:ba:d3:38:
95:f7:5c:dc:9d:7b:7f:74:e4:bc:fd:28:7e:5b:57:e8:a6:ba:
91:c6:7f:ce:d6:11:64:7e:dc:5d:d0:58:57:e2:99:eb:90:c1:
01:a8:c9:cb:6a:c8:2b:32:45:fe:ac:cd:32:2b:1a:95:e8:f9:
b6:a3:b3:27:3b:76:17:a1:01:bf:8a:98:85:f1:28:74:eb:18:
04:f6:1f:d5:73:43:52:b7:a2:c8:26:dc:4e:6a:54:30:78:1b:
58:42:37:8c:19:11:9d:57:43:97:f1:e6:cd:83:bb:54:38:a4:
30:57:6a:a3:ed:3c:7e:df:7b:0d:93:38:94:fb:8b:79:68:d7:
a1:26:2b:26
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAW7tMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMzAxMTY0MjUxWhcNMjUwMzMxMTY0MjUxWjAYMRYw
FAYDVQQDEw02N2MzMzkwZi02NWRmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAwsKCG9ygGdyxn7AceCkcZt8wrPIPXaeuQXgIngzEHW0aTBMMeUbDoaBZ
Bowk4xo1G9yRlnHG1+MMgWJQLot/mjRX9N/qxjM3v7WRq+/LSWYeJQ1PwlN+gbru
nO4+2kNe9iVlp7JDO2LIZH0sRA36EAp8LIPJsjmF/AIBIY1JMVGuwuysNCRLklsJ
EBAySSO6rOcQ5ewv5QlZhvJKEw21PGkvhUe7ZlvghcO7nE8A/m+lmyBdtBh/klk5
icF0JV/1pK8rKMvk8BhHCyIkUUvx6EhCseTuu/3JPCNSF+rK0xrE6xFu5PixnHjL
7cqDSvIoAaDY8VuKr8Igu5rxeykIzQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFKvE
WjiSV1lEdEfn7yaRV5p+/jxEMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8zOTRCMzM0NEY2QkMxMUVGOUE1QkUyNUQ3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmtvkMA0GCSqGSIb3DQEB
CwUAA4IBAQBdxX3CZtTtZ1Yxf0XLVrpUbDkVJZS8BQ1sgQgdJIH5lncLns7mjgRA
Zq2N7hIJ/APTlmOljIdtRBY7osFsnLLvpl/jbaDg5YHZO6ib88DwrYQ5No6tP6XI
0NFTyp2zI7A3KkHz/0Ss/bYKr7e7qGBKxjhm7v9r6hYpQpK60ziV91zcnXt/dOS8
/Sh+W1foprqRxn/O1hFkftxd0FhX4pnrkMEBqMnLasgrMkX+rM0yKxqV6Pm2o7Mn
O3YXoQG/ipiF8Sh06xgE9h/Vc0NSt6LIJtxOalQweBtYQjeMGRGdV0OX8ebNg7tU
OKQwV2qj7Tx+33sNkziU+4t5aNehJism
-----END CERTIFICATE-----
Generated at Fri May 9 07:12:04 2025 by rpki-client