Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/3A2A43AEDA0111EF9CB8B641762E951A.roa
File: 3A2A43AEDA0111EF9CB8B641762E951A.roa (raw, json)
Hash identifier: a3zXDS8+v5uqO10RSEd4Ypwp2EuW6c+ghY8BuK35NTA=
Subject key identifier: 97:3B:AC:1D:5E:CA:D0:C9:C9:93:C8:4C:71:37:E3:18:D4:31:68:2E
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 014380
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/3A2A43AEDA0111EF9CB8B641762E951A.roa
Signing time: Fri 24 Jan 2025 03:13:48 +0000
ROA not before: Fri 24 Jan 2025 03:13:44 +0000
ROA not after: Sat 01 Mar 2025 03:13:44 +0000
asID: 49505
IP address blocks: 154.223.207.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 82816 (0x14380)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Jan 24 03:13:44 2025 GMT
Not After : Mar 1 03:13:44 2025 GMT
Subject: CN=6793056c-deac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:35:28:c0:1a:d9:15:b5:7c:b4:07:aa:3e:3a:
3e:d6:fe:78:1c:a5:c7:4f:76:ee:bc:7f:32:e9:6b:
8f:b9:cb:47:5b:39:e1:0f:df:93:ef:51:ac:61:93:
f1:42:36:93:0e:8d:6a:0a:3b:c8:be:ad:a8:2b:96:
9f:4c:63:37:c7:e8:76:67:f1:db:cd:43:a5:39:43:
87:62:ce:7d:03:3f:33:72:07:59:85:0b:c7:6f:3f:
1c:d5:e0:b1:fe:0c:b9:62:35:7e:85:1e:d6:cb:a7:
59:f0:32:74:c2:28:75:20:87:6c:d6:42:37:ad:bf:
38:14:64:a6:6a:49:1f:95:95:a2:a9:3d:2d:ae:7b:
ea:1f:cc:8e:fd:8d:cd:16:f0:2c:6a:5b:35:66:e7:
fc:2a:58:0c:33:e7:0d:45:be:a8:21:c6:fc:5b:6c:
cf:1b:c3:03:1c:c3:d5:e4:08:9f:92:fb:c4:be:02:
f2:20:7f:f8:7b:11:6b:a9:57:4a:e6:dd:e8:ca:ca:
a4:ef:dc:e4:fe:ee:e2:02:0b:2c:d1:28:dd:94:62:
f4:44:d5:f5:7c:c9:09:b2:39:15:37:1a:87:15:53:
ef:d0:c8:cf:bc:ad:ae:4c:43:28:dc:43:75:de:e9:
93:02:37:db:59:2c:59:1a:ab:38:e5:fb:74:b6:09:
27:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:3B:AC:1D:5E:CA:D0:C9:C9:93:C8:4C:71:37:E3:18:D4:31:68:2E
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/3A2A43AEDA0111EF9CB8B641762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.223.207.0/24
Signature Algorithm: sha256WithRSAEncryption
aa:b5:74:38:88:95:55:45:b5:8b:36:4d:4c:cc:89:19:21:76:
1a:4f:4b:dd:5f:b2:d7:b0:4f:f6:de:3e:f5:08:e2:6f:66:10:
18:7d:ce:c9:fe:c9:d4:d2:79:8f:be:87:8f:12:da:42:90:fb:
83:3b:bd:b4:51:0b:fe:43:83:8a:14:96:9c:e8:77:56:34:09:
5b:83:c5:31:4f:fc:93:42:1f:32:79:a9:36:4e:59:d9:4a:6f:
25:10:f9:27:1d:16:f4:a4:f7:1f:b2:89:5f:c0:20:f3:ed:ea:
a9:20:a4:78:3a:52:1d:6d:f7:98:61:09:ef:81:27:5f:38:4a:
84:4a:11:cd:97:77:79:d8:14:a4:ae:23:29:58:16:3e:2e:7f:
e7:3b:65:c0:f4:e9:08:69:d1:24:3c:ea:98:a3:c2:58:7a:de:
1b:c2:54:2b:59:28:37:1e:12:bf:bd:6b:a8:78:a8:b7:12:59:
bd:d4:5d:a4:1d:78:8f:dc:a5:58:b2:26:bf:8d:a9:65:98:b8:
b8:95:be:41:cd:44:07:1e:8a:18:c4:4e:a9:a3:1f:e9:b8:df:
99:07:56:fa:c8:af:b0:37:15:ac:17:33:61:79:19:0b:ff:d1:
b2:0a:37:7a:80:0c:ab:e1:6f:f5:e1:3a:6c:ef:fe:8b:eb:de:
7c:b9:68:db
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAUOAMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTI0MDMxMzQ0WhcNMjUwMzAxMDMxMzQ0WjAYMRYw
FAYDVQQDEw02NzkzMDU2Yy1kZWFjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAzzUowBrZFbV8tAeqPjo+1v54HKXHT3buvH8y6WuPuctHWznhD9+T71Gs
YZPxQjaTDo1qCjvIvq2oK5afTGM3x+h2Z/HbzUOlOUOHYs59Az8zcgdZhQvHbz8c
1eCx/gy5YjV+hR7Wy6dZ8DJ0wih1IIds1kI3rb84FGSmakkflZWiqT0trnvqH8yO
/Y3NFvAsals1Zuf8KlgMM+cNRb6oIcb8W2zPG8MDHMPV5AifkvvEvgLyIH/4exFr
qVdK5t3oysqk79zk/u7iAgss0SjdlGL0RNX1fMkJsjkVNxqHFVPv0MjPvK2uTEMo
3EN13umTAjfbWSxZGqs45ft0tgkn7QIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFJc7
rB1eytDJyZPITHE34xjUMWguMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8zQTJBNDNBRURBMDExMUVGOUNCOEI2NDE3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmt/PMA0GCSqGSIb3DQEB
CwUAA4IBAQCqtXQ4iJVVRbWLNk1MzIkZIXYaT0vdX7LXsE/23j71COJvZhAYfc7J
/snU0nmPvoePEtpCkPuDO720UQv+Q4OKFJac6HdWNAlbg8UxT/yTQh8yeak2TlnZ
Sm8lEPknHRb0pPcfsolfwCDz7eqpIKR4OlIdbfeYYQnvgSdfOEqEShHNl3d52BSk
riMpWBY+Ln/nO2XA9OkIadEkPOqYo8JYet4bwlQrWSg3HhK/vWuoeKi3Elm91F2k
HXiP3KVYsia/jallmLi4lb5BzUQHHooYxE6pox/puN+ZB1b6yK+wNxWsFzNheRkL
/9GyCjd6gAyr4W/14Tps7/6L6958uWjb
-----END CERTIFICATE-----
Generated at Thu Mar 13 17:51:00 2025 by rpki-client