Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/533AFB5EF67B11EFB7DACBA6762E951A.roa
File: 533AFB5EF67B11EFB7DACBA6762E951A.roa (raw, json)
Hash identifier: QWbYFnOofwcYogL/CR+FAuNxHoE7U+KSr/YF60yAihE=
Subject key identifier: E0:35:4A:4E:BA:0D:D5:4B:35:DC:26:2C:D1:F9:38:C8:F7:A7:34:4F
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 016D79
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/533AFB5EF67B11EFB7DACBA6762E951A.roa
Signing time: Sat 01 Mar 2025 08:58:21 +0000
ROA not before: Sat 01 Mar 2025 08:58:17 +0000
ROA not after: Mon 31 Mar 2025 08:58:17 +0000
asID: 44559
IP address blocks: 154.209.192.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 93561 (0x16d79)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Mar 1 08:58:17 2025 GMT
Not After : Mar 31 08:58:17 2025 GMT
Subject: CN=67c2cc2d-8676
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:33:b3:d7:fc:fc:e1:2c:8c:3d:6a:35:15:b4:
c7:a9:ba:21:45:4b:e4:e0:94:e0:0c:64:2e:c1:a9:
49:50:66:fb:54:9b:ce:40:8d:2f:21:1d:60:42:73:
26:56:f4:aa:be:8b:17:dc:38:8a:8b:2b:3f:fa:11:
d3:ba:83:43:89:25:d9:d4:c7:c2:22:07:0d:ef:40:
b0:a9:92:ba:01:04:26:df:74:e5:59:cc:30:b5:ce:
08:b9:e9:91:da:2b:c8:0b:95:8a:de:3c:fe:35:8d:
00:5b:23:4a:06:d2:0b:c5:ef:5e:9d:0d:ea:b7:ed:
5f:b3:4d:ff:64:34:61:72:53:90:5c:0f:a6:a8:ba:
d6:fa:9e:13:07:df:8c:37:74:fd:05:b1:8f:75:a7:
1c:7c:f1:5b:66:a5:20:e7:7f:07:8f:2e:41:cf:c6:
11:3a:94:61:cb:cc:ab:20:a2:95:99:a1:45:ce:b7:
81:a4:b3:d3:6e:16:a1:93:98:7f:79:8c:0d:56:57:
5a:d9:5b:18:18:7c:ae:7e:12:b2:61:47:fd:32:12:
5a:0a:53:cc:38:5d:01:45:a5:3d:13:ad:a3:ae:79:
32:f1:c6:41:c8:06:e9:29:39:f9:08:53:03:da:77:
ff:bf:e2:0e:c1:55:37:bb:0c:2b:4e:70:16:35:41:
4e:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:35:4A:4E:BA:0D:D5:4B:35:DC:26:2C:D1:F9:38:C8:F7:A7:34:4F
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/533AFB5EF67B11EFB7DACBA6762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.209.192.0/24
Signature Algorithm: sha256WithRSAEncryption
27:c0:0b:20:99:ca:b0:52:74:26:93:bf:f4:92:c9:f0:c3:98:
a8:75:24:30:44:0d:83:a1:38:3e:6f:e2:b9:6c:50:64:19:c6:
87:20:98:2e:3f:79:57:91:21:25:53:4f:ac:bd:aa:43:80:ce:
f3:c9:5f:64:df:ea:32:e2:81:33:2c:7a:d9:29:b0:70:48:78:
44:20:16:62:82:86:58:e8:bc:64:24:0c:0f:49:14:27:4c:fe:
64:42:a6:39:86:52:58:67:be:0b:8e:f8:07:26:0b:1e:7d:b5:
f4:fe:68:cf:dc:ee:42:cd:91:61:d7:5d:51:9c:cc:ab:4a:1d:
cb:cf:07:59:0a:c7:ab:07:61:60:ab:60:47:d2:c2:2b:f4:cf:
a4:fb:f7:aa:4e:82:d5:27:8a:6e:fe:52:5a:49:95:e8:f1:6c:
38:23:52:83:aa:d0:d8:65:e9:f2:5c:0c:ca:41:94:46:72:c3:
69:b7:44:31:9a:ee:5f:cc:79:54:0b:8a:c3:04:13:97:52:2c:
d2:eb:dd:ac:0d:fd:65:09:f3:df:13:d6:1b:6a:cb:a3:5b:c4:
9d:7c:d0:65:ff:2e:b9:92:75:6a:01:07:1e:ef:f2:15:fa:19:
6b:aa:69:d1:db:6d:16:ea:58:82:6d:49:38:f0:bc:77:70:ea:
45:2f:50:6e
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAW15MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMzAxMDg1ODE3WhcNMjUwMzMxMDg1ODE3WjAYMRYw
FAYDVQQDEw02N2MyY2MyZC04Njc2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAwDOz1/z84SyMPWo1FbTHqbohRUvk4JTgDGQuwalJUGb7VJvOQI0vIR1g
QnMmVvSqvosX3DiKiys/+hHTuoNDiSXZ1MfCIgcN70CwqZK6AQQm33TlWcwwtc4I
uemR2ivIC5WK3jz+NY0AWyNKBtILxe9enQ3qt+1fs03/ZDRhclOQXA+mqLrW+p4T
B9+MN3T9BbGPdaccfPFbZqUg538Hjy5Bz8YROpRhy8yrIKKVmaFFzreBpLPTbhah
k5h/eYwNVlda2VsYGHyufhKyYUf9MhJaClPMOF0BRaU9E62jrnky8cZByAbpKTn5
CFMD2nf/v+IOwVU3uwwrTnAWNUFO5wIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFOA1
Sk66DdVLNdwmLNH5OMj3pzRPMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC81MzNBRkI1RUY2N0IxMUVGQjdEQUNCQTY3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmtHAMA0GCSqGSIb3DQEB
CwUAA4IBAQAnwAsgmcqwUnQmk7/0ksnww5iodSQwRA2DoTg+b+K5bFBkGcaHIJgu
P3lXkSElU0+svapDgM7zyV9k3+oy4oEzLHrZKbBwSHhEIBZigoZY6LxkJAwPSRQn
TP5kQqY5hlJYZ74LjvgHJgsefbX0/mjP3O5CzZFh111RnMyrSh3LzwdZCserB2Fg
q2BH0sIr9M+k+/eqToLVJ4pu/lJaSZXo8Ww4I1KDqtDYZenyXAzKQZRGcsNpt0Qx
mu5fzHlUC4rDBBOXUizS692sDf1lCfPfE9YbasujW8SdfNBl/y65knVqAQce7/IV
+hlrqmnR220W6liCbUk48Lx3cOpFL1Bu
-----END CERTIFICATE-----
Generated at Fri May 9 06:19:50 2025 by rpki-client