Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/43F77D94DA1411EFA5EDB541762E951A.roa
File: 43F77D94DA1411EFA5EDB541762E951A.roa (raw, json)
Hash identifier: wvXYpBMi8iYLcpNWNdYAPt+BTT+OVVorprd+IGyUSXU=
Subject key identifier: 26:B4:DA:EE:20:3C:15:CD:31:1E:80:8E:A5:0F:3F:48:1E:67:61:28
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0143D8
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/43F77D94DA1411EFA5EDB541762E951A.roa
Signing time: Fri 24 Jan 2025 05:30:05 +0000
ROA not before: Fri 24 Jan 2025 05:30:01 +0000
ROA not after: Sat 01 Mar 2025 05:30:01 +0000
asID: 49505
IP address blocks: 154.205.247.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 82904 (0x143d8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Jan 24 05:30:01 2025 GMT
Not After : Mar 1 05:30:01 2025 GMT
Subject: CN=6793255d-be02
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:45:ba:5e:93:96:10:9d:8f:56:c0:8a:97:56:
c8:6e:68:8c:08:40:eb:cd:78:d1:71:08:a7:29:89:
fe:f1:a3:99:81:f9:1b:44:b2:bf:a9:d8:18:b6:90:
e0:88:37:e8:00:df:44:ff:16:ad:f2:fd:0d:8f:24:
62:1d:9c:fe:b2:90:94:d6:f3:9d:f9:2a:ac:69:cd:
1b:68:2d:63:f9:3f:b8:cc:10:f4:82:38:51:f2:6d:
a8:65:b8:df:87:43:0f:e8:4f:91:73:4a:68:d8:bb:
3a:30:a9:0e:ab:08:e3:b4:cd:81:c2:b5:d8:6d:c0:
05:68:91:8a:32:e8:d1:d9:76:ac:7a:8a:6b:72:c9:
df:d6:3b:6a:6f:cd:ad:aa:2a:e5:0e:ba:e1:32:c6:
f0:d8:6c:aa:46:b1:4e:32:c1:ee:de:7c:24:f3:bc:
39:3f:30:0b:5d:0c:a1:3d:da:55:d9:79:9d:a1:08:
b9:e3:64:46:22:6d:27:8c:61:6d:a8:ee:93:0e:dd:
8a:76:7e:da:01:73:8e:2d:2b:2c:bd:39:7e:55:95:
c0:b7:8a:19:24:da:f7:bb:99:6b:af:63:dc:ab:fa:
ad:e4:3b:ce:14:3e:0b:42:fe:73:f3:6f:cd:19:4b:
25:22:5e:81:37:fa:0d:0d:15:9f:4f:bc:8e:f8:6d:
57:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
26:B4:DA:EE:20:3C:15:CD:31:1E:80:8E:A5:0F:3F:48:1E:67:61:28
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/43F77D94DA1411EFA5EDB541762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.205.247.0/24
Signature Algorithm: sha256WithRSAEncryption
16:1c:d4:3c:3c:d0:52:72:fb:f0:4d:2e:6b:6d:f9:a8:ce:bb:
1d:1f:3e:95:66:2a:ba:1b:97:93:91:d4:dd:d2:77:e9:a7:d9:
8e:8d:96:c8:b8:4a:36:43:40:41:93:04:26:6d:40:16:00:4c:
8d:54:2e:56:6b:0f:a8:57:4f:61:8b:b6:9f:3f:1a:b7:c2:28:
45:e2:5f:58:cf:a0:ac:03:19:d6:59:80:35:de:da:ed:01:f9:
80:ab:1d:1a:34:dc:d2:c9:ac:4f:89:a2:33:3a:1d:7c:9c:af:
63:bb:98:6e:0c:57:e9:c6:fb:a4:50:ab:10:d3:36:53:5b:b2:
82:28:f8:99:06:b8:88:26:82:32:53:b5:61:53:57:e2:6e:16:
36:37:e7:1b:49:ed:4f:3f:dc:07:a1:0f:30:67:b5:ae:08:41:
dc:a8:e4:af:29:d8:30:27:d0:42:e2:91:72:6d:d6:aa:97:e0:
44:6b:8b:c3:c5:4f:d6:75:a0:83:22:a7:ba:83:3f:9a:c1:f3:
12:c2:9f:db:16:9d:81:07:8c:da:9b:b3:b1:cb:68:73:80:c7:
88:ea:4f:33:05:50:fd:69:1b:86:25:0b:ba:b2:6f:82:7d:ef:
c3:59:46:44:7f:ae:03:dc:55:77:58:95:41:6e:a0:14:7d:03:
83:03:bc:72
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAUPYMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTI0MDUzMDAxWhcNMjUwMzAxMDUzMDAxWjAYMRYw
FAYDVQQDEw02NzkzMjU1ZC1iZTAyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAxEW6XpOWEJ2PVsCKl1bIbmiMCEDrzXjRcQinKYn+8aOZgfkbRLK/qdgY
tpDgiDfoAN9E/xat8v0NjyRiHZz+spCU1vOd+Sqsac0baC1j+T+4zBD0gjhR8m2o
Zbjfh0MP6E+Rc0po2Ls6MKkOqwjjtM2BwrXYbcAFaJGKMujR2Xaseoprcsnf1jtq
b82tqirlDrrhMsbw2GyqRrFOMsHu3nwk87w5PzALXQyhPdpV2XmdoQi542RGIm0n
jGFtqO6TDt2Kdn7aAXOOLSssvTl+VZXAt4oZJNr3u5lrr2Pcq/qt5DvOFD4LQv5z
82/NGUslIl6BN/oNDRWfT7yO+G1X+wIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFCa0
2u4gPBXNMR6AjqUPP0geZ2EoMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC80M0Y3N0Q5NERBMTQxMUVGQTVFREI1NDE3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAms33MA0GCSqGSIb3DQEB
CwUAA4IBAQAWHNQ8PNBScvvwTS5rbfmozrsdHz6VZiq6G5eTkdTd0nfpp9mOjZbI
uEo2Q0BBkwQmbUAWAEyNVC5Waw+oV09hi7afPxq3wihF4l9Yz6CsAxnWWYA13trt
AfmAqx0aNNzSyaxPiaIzOh18nK9ju5huDFfpxvukUKsQ0zZTW7KCKPiZBriIJoIy
U7VhU1fibhY2N+cbSe1PP9wHoQ8wZ7WuCEHcqOSvKdgwJ9BC4pFybdaql+BEa4vD
xU/WdaCDIqe6gz+awfMSwp/bFp2BB4zam7Oxy2hzgMeI6k8zBVD9aRuGJQu6sm+C
fe/DWUZEf64D3FV3WJVBbqAUfQODA7xy
-----END CERTIFICATE-----
Generated at Thu Mar 13 17:55:29 2025 by rpki-client