Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/41C4D380F6B811EF9C483F42762E951A.roa
File: 41C4D380F6B811EF9C483F42762E951A.roa (raw, json)
Hash identifier: WPoUpDzDp/L1ADfu8eYJtpHwvYjZcXMyVJTm10lLfaI=
Subject key identifier: 31:4A:66:86:80:91:97:CE:C1:17:3D:A2:41:EF:75:E3:35:5E:3C:0A
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 016ED9
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/41C4D380F6B811EF9C483F42762E951A.roa
Signing time: Sat 01 Mar 2025 16:14:31 +0000
ROA not before: Sat 01 Mar 2025 16:14:26 +0000
ROA not after: Mon 31 Mar 2025 16:14:26 +0000
asID: 202656
IP address blocks: 154.219.218.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 93913 (0x16ed9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Mar 1 16:14:26 2025 GMT
Not After : Mar 31 16:14:26 2025 GMT
Subject: CN=67c33267-6275
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:e3:17:34:8b:52:b6:1d:1c:fb:66:56:79:8a:
0a:f0:5b:f7:48:03:66:7f:70:c8:86:8e:42:97:eb:
75:2b:27:81:6c:29:d1:91:da:8f:61:af:91:42:0e:
4d:bc:26:f8:13:40:1b:a7:af:15:b4:ff:3a:24:3a:
ba:e5:43:6f:55:e8:2f:36:4a:a1:fd:50:6e:49:14:
78:9c:15:c4:f6:80:4e:d3:57:de:eb:30:b7:38:8b:
9e:81:44:26:88:ae:93:5e:1c:93:42:92:ed:2d:85:
4b:ab:88:17:06:05:3d:98:84:8b:ad:c5:79:83:1f:
c7:d3:e1:31:b2:df:06:50:b8:f6:7f:89:b1:d8:5c:
73:f6:66:76:b3:e1:19:22:5a:3d:48:76:4a:68:fb:
81:40:f5:d5:55:a2:bf:22:a8:5c:9c:1c:77:db:c8:
e0:6a:ae:62:66:ff:7e:4f:42:bb:d7:4f:1c:99:76:
03:c4:2a:de:26:8a:27:fc:56:1c:c3:45:4c:d7:15:
e0:7e:67:54:d9:a1:38:c1:58:d9:9a:d1:ea:ea:0c:
e8:0d:c6:b1:5f:91:1f:50:50:1a:b1:08:25:61:dd:
ba:9b:4e:96:30:c8:31:07:dd:a5:21:ec:2f:7d:88:
1b:62:fc:66:c1:86:94:3b:84:0f:4d:b5:43:88:ba:
e2:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:4A:66:86:80:91:97:CE:C1:17:3D:A2:41:EF:75:E3:35:5E:3C:0A
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/41C4D380F6B811EF9C483F42762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.219.218.0/24
Signature Algorithm: sha256WithRSAEncryption
3b:26:f4:75:1e:97:33:0a:b5:0e:c5:e1:a4:6b:56:3a:7d:6e:
10:d8:81:22:5f:fe:ca:ad:5f:42:7d:f3:39:b3:cd:82:b1:f7:
37:a6:3c:8e:cb:f4:1c:fa:5e:18:21:19:85:81:41:1f:3b:78:
c8:ba:73:d2:d1:be:1b:99:db:55:2d:3f:3d:c1:ef:2b:43:b9:
71:22:a2:6f:58:04:27:9e:9c:52:05:ea:ff:be:66:40:33:e6:
bc:a7:99:89:ab:0e:3d:8e:b7:67:8a:a5:49:a1:95:17:1c:80:
0e:ec:9e:01:12:c4:02:78:2b:17:37:ca:f2:cd:e9:18:7e:ed:
c1:96:80:e6:21:3e:5a:5e:10:f6:e7:81:93:86:ca:e5:5c:45:
63:dd:d2:db:c6:5d:84:e7:fd:1a:56:59:d7:0a:3b:de:1a:64:
3a:c8:7a:31:60:d1:54:16:dc:30:41:4e:28:42:43:a1:b7:b7:
2b:e4:60:54:56:0d:90:ca:d8:d9:c5:8c:47:8c:8a:7d:57:5a:
a7:f4:c2:94:44:69:b9:32:be:6a:02:54:da:ff:f7:cb:ab:8c:
cd:0f:b8:ea:60:26:05:36:33:b4:f1:c6:e2:b7:95:2c:9c:32:
05:4a:ff:12:e2:53:75:15:0b:3c:a3:bf:75:c3:e4:f5:28:6b:
22:d1:fe:03
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAW7ZMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMzAxMTYxNDI2WhcNMjUwMzMxMTYxNDI2WjAYMRYw
FAYDVQQDEw02N2MzMzI2Ny02Mjc1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAsuMXNItSth0c+2ZWeYoK8Fv3SANmf3DIho5Cl+t1KyeBbCnRkdqPYa+R
Qg5NvCb4E0Abp68VtP86JDq65UNvVegvNkqh/VBuSRR4nBXE9oBO01fe6zC3OIue
gUQmiK6TXhyTQpLtLYVLq4gXBgU9mISLrcV5gx/H0+Exst8GULj2f4mx2Fxz9mZ2
s+EZIlo9SHZKaPuBQPXVVaK/IqhcnBx328jgaq5iZv9+T0K7108cmXYDxCreJoon
/FYcw0VM1xXgfmdU2aE4wVjZmtHq6gzoDcaxX5EfUFAasQglYd26m06WMMgxB92l
IewvfYgbYvxmwYaUO4QPTbVDiLriPwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFDFK
ZoaAkZfOwRc9okHvdeM1XjwKMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC80MUM0RDM4MEY2QjgxMUVGOUM0ODNGNDI3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmtvaMA0GCSqGSIb3DQEB
CwUAA4IBAQA7JvR1HpczCrUOxeGka1Y6fW4Q2IEiX/7KrV9CffM5s82Csfc3pjyO
y/Qc+l4YIRmFgUEfO3jIunPS0b4bmdtVLT89we8rQ7lxIqJvWAQnnpxSBer/vmZA
M+a8p5mJqw49jrdniqVJoZUXHIAO7J4BEsQCeCsXN8ryzekYfu3BloDmIT5aXhD2
54GThsrlXEVj3dLbxl2E5/0aVlnXCjveGmQ6yHoxYNFUFtwwQU4oQkOht7cr5GBU
Vg2QytjZxYxHjIp9V1qn9MKURGm5Mr5qAlTa//fLq4zND7jqYCYFNjO08cbit5Us
nDIFSv8S4lN1FQs8o791w+T1KGsi0f4D
-----END CERTIFICATE-----
Generated at Fri May 9 06:26:43 2025 by rpki-client