Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/5655E5DADA6311EFAB0E7756762E951A.roa
File: 5655E5DADA6311EFAB0E7756762E951A.roa (raw, json)
Hash identifier: OUUWEmAymfMkmRLpepsgFG+PIHNDxT1lbwyANUvpwmY=
Subject key identifier: 99:BD:A2:E7:C2:EC:63:25:37:FE:4A:58:5C:6A:A8:13:3B:72:03:72
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01487D
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/5655E5DADA6311EFAB0E7756762E951A.roa
Signing time: Fri 24 Jan 2025 14:56:06 +0000
ROA not before: Fri 24 Jan 2025 14:56:02 +0000
ROA not after: Wed 05 Mar 2025 14:56:02 +0000
asID: 49505
IP address blocks: 154.209.215.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 84093 (0x1487d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Jan 24 14:56:02 2025 GMT
Not After : Mar 5 14:56:02 2025 GMT
Subject: CN=6793aa06-a0b3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:27:02:a1:6a:90:6c:ae:24:7c:17:b7:58:36:
97:f4:48:b8:8f:ea:e5:00:0c:13:2e:3c:07:ef:75:
63:d0:d1:c5:18:04:36:02:36:82:65:0d:31:37:89:
b7:1b:08:e1:89:28:1e:58:51:e1:40:d4:3c:ad:36:
06:37:d7:49:c1:26:f0:1e:0b:ce:18:13:a1:a7:81:
fa:b3:46:c1:b3:a3:68:f9:d3:31:b0:49:fb:e8:82:
6d:5e:21:fb:16:53:07:9d:d9:fd:ea:17:5e:6c:4c:
89:df:77:38:df:1c:1f:92:87:6d:95:cd:d5:4e:af:
ce:db:17:be:cc:e6:80:01:5a:a0:b8:2f:9e:dd:74:
41:6b:ab:0a:5f:1b:79:f3:d5:25:25:7c:4d:3f:46:
2a:6a:61:69:1a:16:46:5e:7c:58:0c:54:78:93:50:
3d:f7:f1:ca:5c:f1:da:d7:eb:63:c6:d9:98:71:64:
01:1e:d2:3a:4c:7e:c6:bf:a3:fd:79:67:7a:0c:d5:
b2:cc:f4:c5:48:5c:a3:b6:d6:c7:a1:1f:33:e6:c7:
cb:2b:50:ff:6e:3a:0f:d8:3b:1f:81:3c:34:4b:b9:
55:6f:64:78:be:83:99:a3:d3:53:e2:8a:fc:bd:c0:
7a:44:00:09:64:db:5c:b6:45:dc:f5:32:57:03:d6:
f0:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:BD:A2:E7:C2:EC:63:25:37:FE:4A:58:5C:6A:A8:13:3B:72:03:72
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/5655E5DADA6311EFAB0E7756762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.209.215.0/24
Signature Algorithm: sha256WithRSAEncryption
ab:91:8b:a1:aa:7d:fb:27:a6:09:03:a9:b0:14:b1:5e:fe:ae:
4f:e8:16:d2:d6:fa:e2:b3:91:d6:de:27:a3:43:ee:fa:8c:a9:
15:4f:4e:bc:1a:07:0a:cc:dd:25:f5:e2:50:e7:a1:07:9c:16:
23:9b:46:a6:45:e8:28:c0:a4:98:ab:6a:3c:3d:ce:33:83:e4:
e0:27:25:3e:cd:65:1b:a3:46:1e:35:95:63:cb:d7:e4:29:22:
88:72:c0:6c:47:2c:6f:d4:21:82:9e:b3:86:df:6c:22:13:11:
8a:de:8e:bb:fd:c6:20:ba:01:db:f0:5c:a6:48:cf:f7:cf:2c:
07:b8:d0:d6:ef:e0:97:fc:e9:36:72:20:66:a3:cf:6f:8f:6d:
b7:a9:ff:41:ea:e3:63:13:66:5d:76:66:86:86:22:ec:a9:c5:
13:4d:eb:6a:b5:2d:b0:90:86:be:0c:81:ee:9b:4c:71:f7:b0:
ba:e8:74:14:a5:e0:28:91:59:a2:2a:68:a1:06:32:af:73:36:
e4:20:b2:33:37:46:89:fa:72:ef:02:eb:dc:1b:cd:c1:3b:7b:
fb:55:29:d4:29:d6:9d:43:c2:18:69:f6:de:70:13:2c:d2:fa:
7e:0f:47:f4:ce:1c:0c:72:09:75:b8:84:f7:70:29:9d:ae:71:
f1:4a:a3:73
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAUh9MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTI0MTQ1NjAyWhcNMjUwMzA1MTQ1NjAyWjAYMRYw
FAYDVQQDEw02NzkzYWEwNi1hMGIzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAvCcCoWqQbK4kfBe3WDaX9Ei4j+rlAAwTLjwH73Vj0NHFGAQ2AjaCZQ0x
N4m3GwjhiSgeWFHhQNQ8rTYGN9dJwSbwHgvOGBOhp4H6s0bBs6No+dMxsEn76IJt
XiH7FlMHndn96hdebEyJ33c43xwfkodtlc3VTq/O2xe+zOaAAVqguC+e3XRBa6sK
Xxt589UlJXxNP0YqamFpGhZGXnxYDFR4k1A99/HKXPHa1+tjxtmYcWQBHtI6TH7G
v6P9eWd6DNWyzPTFSFyjttbHoR8z5sfLK1D/bjoP2DsfgTw0S7lVb2R4voOZo9NT
4or8vcB6RAAJZNtctkXc9TJXA9bwlwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFJm9
oufC7GMlN/5KWFxqqBM7cgNyMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC81NjU1RTVEQURBNjMxMUVGQUIwRTc3NTY3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmtHXMA0GCSqGSIb3DQEB
CwUAA4IBAQCrkYuhqn37J6YJA6mwFLFe/q5P6BbS1vris5HW3iejQ+76jKkVT068
GgcKzN0l9eJQ56EHnBYjm0amRegowKSYq2o8Pc4zg+TgJyU+zWUbo0YeNZVjy9fk
KSKIcsBsRyxv1CGCnrOG32wiExGK3o67/cYgugHb8FymSM/3zywHuNDW7+CX/Ok2
ciBmo89vj223qf9B6uNjE2ZddmaGhiLsqcUTTetqtS2wkIa+DIHum0xx97C66HQU
peAokVmiKmihBjKvczbkILIzN0aJ+nLvAuvcG83BO3v7VSnUKdadQ8IYafbecBMs
0vp+D0f0zhwMcgl1uIT3cCmdrnHxSqNz
-----END CERTIFICATE-----
Generated at Thu Mar 13 17:42:13 2025 by rpki-client