Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/41539E6EDA6011EF980A0543762E951A.roa
File: 41539E6EDA6011EF980A0543762E951A.roa (raw, json)
Hash identifier: rh8tF0ywEDbGhEcXIO4htNBJQsfySBh+e9UiyQS1NMc=
Subject key identifier: EE:E8:5B:A4:34:F0:0F:97:5A:53:DF:EE:99:D0:64:DA:F8:B6:F7:A1
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01483C
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/41539E6EDA6011EF980A0543762E951A.roa
Signing time: Fri 24 Jan 2025 14:34:02 +0000
ROA not before: Fri 24 Jan 2025 14:33:58 +0000
ROA not after: Sat 01 Mar 2025 14:33:58 +0000
asID: 49505
IP address blocks: 154.205.247.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 84028 (0x1483c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Jan 24 14:33:58 2025 GMT
Not After : Mar 1 14:33:58 2025 GMT
Subject: CN=6793a4da-d7c6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:c8:78:a3:4d:a0:c1:03:e9:78:e8:ca:97:71:
7d:cc:9a:ad:06:7c:90:4e:10:51:1a:a1:56:c0:2f:
2a:b2:f9:75:42:8c:40:fc:8e:dc:a4:8b:e5:4d:56:
74:1e:dd:43:bb:fc:4f:f9:6e:61:69:94:f9:0e:d7:
76:d5:0b:73:74:b9:de:6d:f7:e3:67:f9:71:d2:dd:
9e:0c:a2:39:9e:ce:fa:31:7c:12:70:0a:23:60:eb:
82:37:db:dc:ab:92:6d:d8:67:7f:a6:d1:ab:67:04:
9e:35:0d:1b:b9:a4:18:fb:2d:aa:b5:1c:d4:4e:8f:
79:97:69:ad:db:df:97:c5:41:77:4e:b4:21:63:ba:
d2:9e:2d:fb:f4:bd:18:78:66:8e:98:42:89:8d:23:
bc:76:d0:08:78:69:25:7a:7c:27:90:9f:96:ea:cc:
1e:c8:c8:ab:83:1e:b8:d8:86:1d:bd:87:e7:3a:08:
bd:93:b7:9f:e7:c8:ae:e2:74:22:3f:08:52:cf:28:
95:68:6f:ff:1d:ee:2c:8a:46:fd:28:5a:fc:42:bf:
50:77:41:f1:28:6e:26:f4:20:5d:aa:ff:f1:30:07:
a6:e3:9e:51:c7:9a:66:47:8a:62:7c:62:2e:57:37:
2c:fd:17:e1:27:fb:1c:cb:44:3e:1c:00:6b:c8:e1:
0a:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:E8:5B:A4:34:F0:0F:97:5A:53:DF:EE:99:D0:64:DA:F8:B6:F7:A1
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/41539E6EDA6011EF980A0543762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.205.247.0/24
Signature Algorithm: sha256WithRSAEncryption
57:a1:de:44:1d:ce:4c:6a:38:bf:c6:25:40:64:9f:cf:fa:94:
fc:fd:14:1d:08:fc:7a:8c:d6:ce:72:2e:e7:c4:6b:f0:31:33:
63:c0:25:ef:66:7f:5a:d1:b5:08:b6:2c:dd:f9:b5:14:b8:ba:
ee:a1:b6:a8:a1:9b:da:3d:a2:cb:da:cf:b1:55:19:2e:c1:13:
06:59:0b:be:03:d5:ae:1d:be:41:cf:8e:8a:74:e6:fe:af:83:
33:ac:03:9d:57:3f:43:9c:58:96:28:6d:24:bc:1d:94:2f:fc:
91:b7:9a:64:76:de:d4:59:4a:0f:f2:5b:9e:08:a1:b0:83:75:
9b:9d:fa:16:92:bf:80:ca:68:c0:68:8b:f7:e6:56:fe:6e:a3:
79:6e:d1:a5:46:97:34:81:b6:54:71:7a:ed:21:a3:f8:71:f8:
6b:47:b9:8c:57:44:33:e9:a2:a0:29:79:c1:fa:3b:b7:30:b7:
47:50:c1:90:bc:e2:93:d6:76:36:60:51:ef:0e:ed:02:2c:ae:
c2:ea:0a:d1:6d:d4:53:86:36:db:93:5d:fa:a4:44:80:ca:04:
4d:76:85:8a:0b:c3:22:f8:32:92:ee:80:3c:07:55:53:44:e5:
9e:c0:2b:2e:32:c4:be:ac:ed:f2:1d:20:fa:28:53:db:7e:58:
d3:bf:57:64
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAUg8MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTI0MTQzMzU4WhcNMjUwMzAxMTQzMzU4WjAYMRYw
FAYDVQQDEw02NzkzYTRkYS1kN2M2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAqsh4o02gwQPpeOjKl3F9zJqtBnyQThBRGqFWwC8qsvl1QoxA/I7cpIvl
TVZ0Ht1Du/xP+W5haZT5Dtd21QtzdLnebffjZ/lx0t2eDKI5ns76MXwScAojYOuC
N9vcq5Jt2Gd/ptGrZwSeNQ0buaQY+y2qtRzUTo95l2mt29+XxUF3TrQhY7rSni37
9L0YeGaOmEKJjSO8dtAIeGklenwnkJ+W6sweyMirgx642IYdvYfnOgi9k7ef58iu
4nQiPwhSzyiVaG//He4sikb9KFr8Qr9Qd0HxKG4m9CBdqv/xMAem455Rx5pmR4pi
fGIuVzcs/RfhJ/scy0Q+HABryOEKaQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFO7o
W6Q08A+XWlPf7pnQZNr4tvehMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC80MTUzOUU2RURBNjAxMUVGOTgwQTA1NDM3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAms33MA0GCSqGSIb3DQEB
CwUAA4IBAQBXod5EHc5Maji/xiVAZJ/P+pT8/RQdCPx6jNbOci7nxGvwMTNjwCXv
Zn9a0bUItizd+bUUuLruobaooZvaPaLL2s+xVRkuwRMGWQu+A9WuHb5Bz46KdOb+
r4MzrAOdVz9DnFiWKG0kvB2UL/yRt5pkdt7UWUoP8lueCKGwg3WbnfoWkr+AymjA
aIv35lb+bqN5btGlRpc0gbZUcXrtIaP4cfhrR7mMV0Qz6aKgKXnB+ju3MLdHUMGQ
vOKT1nY2YFHvDu0CLK7C6grRbdRThjbbk136pESAygRNdoWKC8Mi+DKS7oA8B1VT
ROWewCsuMsS+rO3yHSD6KFPbfljTv1dk
-----END CERTIFICATE-----
Generated at Thu Mar 13 17:40:17 2025 by rpki-client