Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/431F2616FCDC11EF8F346B51762E951A.roa
File: 431F2616FCDC11EF8F346B51762E951A.roa (raw, json)
Hash identifier: SE4SUh9DDcdB9d9SmmHebW1YdV4dhvcPEuZUW4u07jc=
Subject key identifier: A9:8C:3A:96:3C:BE:78:40:7D:C6:06:F1:45:0C:7B:15:2C:80:1A:E5
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 017326
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/431F2616FCDC11EF8F346B51762E951A.roa
Signing time: Sun 09 Mar 2025 11:47:22 +0000
ROA not before: Sun 09 Mar 2025 11:47:16 +0000
ROA not after: Wed 19 Mar 2025 11:47:16 +0000
asID: 54600
IP address blocks: 154.202.160.0/19 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 95014 (0x17326)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Mar 9 11:47:16 2025 GMT
Not After : Mar 19 11:47:16 2025 GMT
Subject: CN=67cd7fca-70b4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:3a:31:03:86:a5:d8:1f:68:82:cc:05:cc:15:
09:e0:be:f3:7a:19:55:27:01:37:a1:e2:88:4b:d8:
a4:68:fb:0b:7a:fe:fb:63:c6:3f:c7:88:46:32:1a:
d0:e5:40:90:cd:0b:ff:22:9b:50:ff:84:5a:6b:4c:
dd:b3:5d:99:24:a8:f2:58:a1:4f:9a:b6:14:9c:bd:
d3:5a:34:af:05:ad:a3:4f:7d:13:25:e3:1e:73:26:
19:26:2e:8f:96:f3:18:43:8e:f5:f4:97:9a:8f:cd:
4e:ce:fa:82:51:45:71:49:e3:0a:5e:b6:f7:21:c0:
99:df:57:35:4e:12:2c:23:7c:5f:27:55:2b:6e:7e:
06:66:38:4b:7c:39:23:80:fe:80:fa:8b:4e:7b:33:
63:b1:34:da:e4:fb:a8:90:25:cd:6c:89:b9:87:b4:
46:11:e2:ab:c8:48:24:06:e8:96:aa:f5:cb:0e:d3:
a0:d8:bc:f3:3f:c9:78:a5:1e:0a:b0:d6:ec:00:89:
31:c4:ed:b9:ef:da:4e:28:cb:f3:57:9c:2b:90:6c:
ac:03:79:4f:c5:0d:53:fc:ee:75:a8:33:d3:78:95:
ac:d6:4b:41:be:a9:ec:5c:7f:b2:0b:2a:b4:b7:cc:
42:69:d3:45:b6:8e:01:8b:8e:80:70:e9:91:bc:df:
3e:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:8C:3A:96:3C:BE:78:40:7D:C6:06:F1:45:0C:7B:15:2C:80:1A:E5
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/431F2616FCDC11EF8F346B51762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.202.160.0/19
Signature Algorithm: sha256WithRSAEncryption
28:50:ee:2d:8a:6c:f9:d4:be:66:d1:83:e9:33:e7:6f:86:24:
3c:9d:00:18:af:dc:2f:e6:91:99:d8:ba:b6:4d:41:06:cf:68:
1c:6d:16:d9:eb:ae:7f:a0:de:02:d0:84:5b:e6:7a:b3:83:df:
43:c0:6d:65:c1:b9:e4:16:2e:19:9b:94:95:94:7c:de:5b:1e:
4d:f4:3f:c0:26:6b:6a:47:37:6d:c2:52:41:46:c1:41:a7:e3:
ee:4a:44:85:67:9e:f9:79:f6:8e:59:89:19:46:20:8f:2b:83:
97:16:32:af:14:1b:77:a8:b3:08:72:6b:bf:ad:7e:6e:8d:b7:
1f:69:17:6d:41:d9:11:30:7c:fa:cc:8c:a7:7a:8c:64:3d:5d:
14:ec:db:5c:54:52:9b:23:ed:c8:a1:94:58:86:05:a9:08:b8:
d8:36:65:b1:02:a8:8c:85:23:8c:e8:0d:d7:74:e1:46:9f:ea:
df:5f:a7:cc:7b:1e:40:5a:48:5f:f3:de:ef:9e:9c:1e:73:0a:
ce:45:c2:fc:9c:ea:54:8e:e6:7f:14:8e:a9:7f:39:67:49:d5:
a4:ea:85:3a:ca:16:e3:ad:39:62:5b:90:1b:42:85:8b:9c:0c:
24:32:7d:69:44:27:cc:59:32:c2:bc:33:9c:4d:b0:e4:2b:32:
67:d9:6d:83
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAXMmMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMzA5MTE0NzE2WhcNMjUwMzE5MTE0NzE2WjAYMRYw
FAYDVQQDEw02N2NkN2ZjYS03MGI0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA7ToxA4al2B9ogswFzBUJ4L7zehlVJwE3oeKIS9ikaPsLev77Y8Y/x4hG
MhrQ5UCQzQv/IptQ/4Raa0zds12ZJKjyWKFPmrYUnL3TWjSvBa2jT30TJeMecyYZ
Ji6PlvMYQ4719Jeaj81OzvqCUUVxSeMKXrb3IcCZ31c1ThIsI3xfJ1Urbn4GZjhL
fDkjgP6A+otOezNjsTTa5PuokCXNbIm5h7RGEeKryEgkBuiWqvXLDtOg2LzzP8l4
pR4KsNbsAIkxxO2579pOKMvzV5wrkGysA3lPxQ1T/O51qDPTeJWs1ktBvqnsXH+y
Cyq0t8xCadNFto4Bi46AcOmRvN8+EQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFKmM
OpY8vnhAfcYG8UUMexUsgBrlMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC80MzFGMjYxNkZDREMxMUVGOEYzNDZCNTE3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQFmsqgMA0GCSqGSIb3DQEB
CwUAA4IBAQAoUO4timz51L5m0YPpM+dvhiQ8nQAYr9wv5pGZ2Lq2TUEGz2gcbRbZ
665/oN4C0IRb5nqzg99DwG1lwbnkFi4Zm5SVlHzeWx5N9D/AJmtqRzdtwlJBRsFB
p+PuSkSFZ575efaOWYkZRiCPK4OXFjKvFBt3qLMIcmu/rX5ujbcfaRdtQdkRMHz6
zIyneoxkPV0U7NtcVFKbI+3IoZRYhgWpCLjYNmWxAqiMhSOM6A3XdOFGn+rfX6fM
ex5AWkhf897vnpwecwrORcL8nOpUjuZ/FI6pfzlnSdWk6oU6yhbjrTliW5AbQoWL
nAwkMn1pRCfMWTLCvDOcTbDkKzJn2W2D
-----END CERTIFICATE-----
Generated at Fri May 9 09:39:56 2025 by rpki-client