Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/5A06AD64FD9411EF975C58A9762E951A.roa
File: 5A06AD64FD9411EF975C58A9762E951A.roa (raw, json)
Hash identifier: IKTLdgviGmWZlOkQPmUQhP5rV6Ix4iuRQSOBEuPdHUA=
Subject key identifier: BF:ED:F8:60:AC:4D:AA:C1:55:A9:E5:A6:DF:B3:82:16:EF:4C:A5:AA
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01733F
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/5A06AD64FD9411EF975C58A9762E951A.roa
Signing time: Mon 10 Mar 2025 09:45:08 +0000
ROA not before: Mon 10 Mar 2025 09:45:04 +0000
ROA not after: Tue 01 Apr 2025 09:45:04 +0000
asID: 212238
IP address blocks: 154.207.144.0/20 maxlen: 24
154.207.160.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 95039 (0x1733f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Mar 10 09:45:04 2025 GMT
Not After : Apr 1 09:45:04 2025 GMT
Subject: CN=67ceb4a4-c98b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:5a:d4:62:d7:0d:a4:c9:42:59:8d:fb:4c:fb:
f7:e4:0e:ba:41:6c:91:e1:a5:8f:ac:9f:2c:63:19:
32:b5:80:f1:0a:b6:34:18:5f:ab:60:59:38:89:08:
d5:28:a8:e3:5b:cb:19:9c:b2:fc:6a:e5:d5:78:b4:
44:27:44:32:ae:1e:22:2e:5b:b9:75:46:ff:f8:5a:
84:89:e1:94:f1:5a:7e:0d:1f:3b:9f:26:bd:56:c4:
41:b6:29:a7:8b:b6:6c:bb:26:cc:73:f4:38:a6:f3:
1f:4d:7e:03:16:05:1d:00:e3:2a:b1:65:77:d6:8a:
c4:68:ff:d7:49:43:3e:79:af:79:6e:5e:4f:55:dc:
da:ac:93:ba:72:08:96:26:57:91:bb:b7:7c:d6:a6:
ec:56:2b:f2:b1:f7:61:9d:7d:c7:25:ab:0f:ab:90:
23:84:ab:b4:a2:3c:03:ca:84:6e:80:32:82:13:6a:
8c:65:28:fd:52:e1:f6:cc:f9:39:f0:1b:3d:f7:a4:
02:66:db:65:04:f9:86:30:0a:84:29:de:a6:01:4e:
2d:1e:42:f6:c2:6d:2e:ef:3f:7a:da:25:ca:2f:fc:
12:87:47:be:22:21:f7:75:69:4c:b1:ce:d4:63:61:
94:83:d0:4e:35:05:93:c0:9b:ee:ff:63:ce:f4:60:
a2:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:ED:F8:60:AC:4D:AA:C1:55:A9:E5:A6:DF:B3:82:16:EF:4C:A5:AA
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/5A06AD64FD9411EF975C58A9762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.207.144.0-154.207.163.255
Signature Algorithm: sha256WithRSAEncryption
9f:eb:d0:fe:19:29:6d:37:ba:4b:b2:a1:a4:93:d0:13:0f:7f:
fe:d7:ff:de:4a:51:89:bb:af:68:db:aa:a2:52:c9:06:38:b3:
75:4e:31:b8:93:11:ee:d8:2e:ae:e9:e0:b0:3b:11:a3:09:48:
88:81:87:ac:0c:cc:37:20:4d:16:76:d0:95:98:ad:9d:38:ee:
b3:25:c7:98:58:bf:61:8f:e4:fd:e6:1e:c1:ea:e7:d2:51:ba:
8d:9a:e4:82:a2:83:43:c6:6c:03:16:bc:ff:e3:8d:56:ed:b6:
79:7c:92:da:f0:75:60:6b:89:d4:59:8f:f2:88:fe:89:e8:b0:
30:7f:20:12:11:96:f3:ba:d2:ea:0a:8a:af:eb:02:de:07:04:
ab:4e:4f:ad:96:90:c9:01:31:6e:39:fc:5e:35:a6:b2:18:51:
75:56:f6:cf:9a:99:33:2d:2b:fd:87:42:9f:ef:94:02:9d:a7:
c3:ae:13:65:ff:1e:a6:57:6b:a9:c9:54:53:d8:a3:48:28:ad:
b1:d5:1c:96:b7:19:37:6f:44:b7:d8:f2:ac:6c:a2:20:b7:0b:
63:3f:bd:31:e5:45:cc:07:f8:e9:94:f6:c1:49:01:d6:34:9e:
1a:d0:85:5b:38:14:ac:f3:5b:fd:e6:03:83:1a:a5:bd:60:fd:
bd:5f:f1:67
-----BEGIN CERTIFICATE-----
MIIFjDCCBHSgAwIBAgIDAXM/MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMzEwMDk0NTA0WhcNMjUwNDAxMDk0NTA0WjAYMRYw
FAYDVQQDEw02N2NlYjRhNC1jOThiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAxlrUYtcNpMlCWY37TPv35A66QWyR4aWPrJ8sYxkytYDxCrY0GF+rYFk4
iQjVKKjjW8sZnLL8auXVeLREJ0Qyrh4iLlu5dUb/+FqEieGU8Vp+DR87nya9VsRB
timni7ZsuybMc/Q4pvMfTX4DFgUdAOMqsWV31orEaP/XSUM+ea95bl5PVdzarJO6
cgiWJleRu7d81qbsVivysfdhnX3HJasPq5AjhKu0ojwDyoRugDKCE2qMZSj9UuH2
zPk58Bs996QCZttlBPmGMAqEKd6mAU4tHkL2wm0u7z962iXKL/wSh0e+IiH3dWlM
sc7UY2GUg9BONQWTwJvu/2PO9GCiTwIDAQABo4ICrTCCAqkwHQYDVR0OBBYEFL/t
+GCsTarBVanlpt+zghbvTKWqMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC81QTA2QUQ2NEZEOTQxMUVGOTc1QzU4QTk3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBASaz5ADBAKaz6AwDQYJ
KoZIhvcNAQELBQADggEBAJ/r0P4ZKW03ukuyoaST0BMPf/7X/95KUYm7r2jbqqJS
yQY4s3VOMbiTEe7YLq7p4LA7EaMJSIiBh6wMzDcgTRZ20JWYrZ047rMlx5hYv2GP
5P3mHsHq59JRuo2a5IKig0PGbAMWvP/jjVbttnl8ktrwdWBridRZj/KI/onosDB/
IBIRlvO60uoKiq/rAt4HBKtOT62WkMkBMW45/F41prIYUXVW9s+amTMtK/2HQp/v
lAKdp8OuE2X/HqZXa6nJVFPYo0gorbHVHJa3GTdvRLfY8qxsoiC3C2M/vTHlRcwH
+OmU9sFJAdY0nhrQhVs4FKzzW/3mA4Mapb1g/b1f8Wc=
-----END CERTIFICATE-----
Generated at Sat Apr 12 08:25:41 2025 by rpki-client