Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/5D3B745AF6B511EFA90646AE762E951A.roa
File: 5D3B745AF6B511EFA90646AE762E951A.roa (raw, json)
Hash identifier: ia+Nx3YWkWBsO98yO5mM2UBXlH5xchZ8pbILU3Xk7xk=
Subject key identifier: 3C:7E:C0:52:0A:4F:C3:CA:89:B0:D1:39:CA:B8:F4:E1:8D:15:CA:D4
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 016EC3
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/5D3B745AF6B511EFA90646AE762E951A.roa
Signing time: Sat 01 Mar 2025 15:53:49 +0000
ROA not before: Sat 01 Mar 2025 15:53:45 +0000
ROA not after: Mon 31 Mar 2025 15:53:45 +0000
asID: 202656
IP address blocks: 154.219.215.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 93891 (0x16ec3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Mar 1 15:53:45 2025 GMT
Not After : Mar 31 15:53:45 2025 GMT
Subject: CN=67c32d8c-2c47
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:0c:63:ac:76:8b:e4:2a:0b:8b:16:e8:67:36:
41:9f:06:c5:2a:6f:30:6d:01:16:65:25:d1:4c:a3:
c1:9d:c0:6e:96:87:fb:b2:df:ae:1e:76:c0:51:bf:
19:f8:8c:46:41:3c:61:d9:1b:10:6e:ce:64:f7:18:
5f:b4:0c:a1:3f:c3:ea:84:09:2b:43:ee:c9:1c:de:
96:a3:b1:36:5b:df:62:f9:10:d1:08:50:48:ad:c4:
93:07:8d:17:57:fb:75:da:97:6d:e6:5d:e6:f0:e8:
37:de:2d:dd:7d:37:3e:c3:10:6a:ba:42:ca:20:7d:
56:4d:06:a4:aa:27:8a:e9:b3:8f:f3:e9:b0:19:0b:
f4:ea:61:82:eb:77:45:bd:f3:74:70:9a:d7:22:4d:
5c:77:e1:44:ad:7d:b5:a8:c1:15:33:cd:6d:ff:89:
60:43:27:b1:e1:3e:14:1f:1a:c5:ac:6c:5d:4b:44:
9a:46:dd:0d:c0:0c:27:a0:19:29:af:be:8c:4a:25:
1e:3c:13:1e:5e:17:01:a2:b6:3f:0a:d4:c1:c9:ee:
22:8a:0b:0a:2c:2e:ce:80:69:65:3d:4d:b8:74:a3:
f2:80:38:ac:11:bf:08:47:aa:e6:3a:86:9f:f4:7b:
8c:01:b6:bf:c6:b6:15:ab:7c:e0:73:c5:e5:2c:61:
ae:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:7E:C0:52:0A:4F:C3:CA:89:B0:D1:39:CA:B8:F4:E1:8D:15:CA:D4
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/5D3B745AF6B511EFA90646AE762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.219.215.0/24
Signature Algorithm: sha256WithRSAEncryption
41:58:57:1c:0d:77:0e:9b:46:b2:7c:dd:3d:ef:dd:c0:31:e3:
8b:91:6f:3d:65:0f:7d:b2:d6:0b:9d:42:6f:2a:07:f9:a5:a0:
32:38:64:a2:2b:61:4a:c2:ca:fc:9b:79:6d:13:41:74:9d:59:
87:46:12:b0:30:79:c4:fe:eb:54:1e:1a:89:57:88:5b:a6:52:
dc:29:1a:97:76:a8:21:8a:ef:30:08:3a:e6:27:40:f4:66:91:
cf:16:11:79:8d:fc:6b:f5:05:45:74:d6:aa:9c:cd:5f:40:18:
32:f5:8a:04:4a:ae:f3:fa:f1:eb:1c:5a:db:1a:65:07:70:e3:
bf:51:0b:27:59:8c:e8:80:a2:01:37:ce:d2:7a:29:dc:d2:6b:
61:ca:e8:37:9f:d5:4c:ff:15:90:d3:af:65:63:92:aa:25:f1:
c7:84:28:ac:0f:0c:a3:04:50:25:36:98:00:d5:45:e4:3a:f1:
ef:e1:21:4e:d0:e1:35:82:0c:ca:e6:d7:d5:1f:ac:30:a0:b9:
fd:91:7a:31:e6:2f:c4:7b:82:33:6e:2c:02:2d:2d:7d:1e:6c:
a1:f3:74:08:c4:1e:57:be:e0:f9:16:47:1f:68:6c:1d:6e:3d:
43:9a:80:de:da:e2:81:f6:28:c4:ed:75:ca:35:9e:1f:79:9b:
69:59:6a:36
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAW7DMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMzAxMTU1MzQ1WhcNMjUwMzMxMTU1MzQ1WjAYMRYw
FAYDVQQDEw02N2MzMmQ4Yy0yYzQ3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAyAxjrHaL5CoLixboZzZBnwbFKm8wbQEWZSXRTKPBncBulof7st+uHnbA
Ub8Z+IxGQTxh2RsQbs5k9xhftAyhP8PqhAkrQ+7JHN6Wo7E2W99i+RDRCFBIrcST
B40XV/t12pdt5l3m8Og33i3dfTc+wxBqukLKIH1WTQakqieK6bOP8+mwGQv06mGC
63dFvfN0cJrXIk1cd+FErX21qMEVM81t/4lgQyex4T4UHxrFrGxdS0SaRt0NwAwn
oBkpr76MSiUePBMeXhcBorY/CtTBye4iigsKLC7OgGllPU24dKPygDisEb8IR6rm
Ooaf9HuMAba/xrYVq3zgc8XlLGGuBQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFDx+
wFIKT8PKibDROcq49OGNFcrUMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC81RDNCNzQ1QUY2QjUxMUVGQTkwNjQ2QUU3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmtvXMA0GCSqGSIb3DQEB
CwUAA4IBAQBBWFccDXcOm0ayfN09793AMeOLkW89ZQ99stYLnUJvKgf5paAyOGSi
K2FKwsr8m3ltE0F0nVmHRhKwMHnE/utUHhqJV4hbplLcKRqXdqghiu8wCDrmJ0D0
ZpHPFhF5jfxr9QVFdNaqnM1fQBgy9YoESq7z+vHrHFrbGmUHcOO/UQsnWYzogKIB
N87Seinc0mthyug3n9VM/xWQ069lY5KqJfHHhCisDwyjBFAlNpgA1UXkOvHv4SFO
0OE1ggzK5tfVH6wwoLn9kXox5i/Ee4IzbiwCLS19Hmyh83QIxB5XvuD5FkcfaGwd
bj1DmoDe2uKB9ijE7XXKNZ4feZtpWWo2
-----END CERTIFICATE-----
Generated at Fri May 9 06:26:44 2025 by rpki-client