Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/5E6DA40CDA6211EF8B0E5951762E951A.roa
File: 5E6DA40CDA6211EF8B0E5951762E951A.roa (raw, json)
Hash identifier: EIE3Xh3bHzv6QDg7FexZGEbZpUDkdDJBdQTVHQB4AKA=
Subject key identifier: 5E:21:9E:40:6C:88:BE:DD:91:A5:01:8C:6A:BF:B6:9D:16:DD:F2:62
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 014868
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/5E6DA40CDA6211EF8B0E5951762E951A.roa
Signing time: Fri 24 Jan 2025 14:49:10 +0000
ROA not before: Fri 24 Jan 2025 14:49:06 +0000
ROA not after: Wed 05 Mar 2025 14:49:06 +0000
asID: 49505
IP address blocks: 154.209.211.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 84072 (0x14868)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Jan 24 14:49:06 2025 GMT
Not After : Mar 5 14:49:06 2025 GMT
Subject: CN=6793a866-af29
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:54:ee:51:a8:33:09:f7:c7:a5:db:d2:71:98:
8f:10:47:5d:f5:1d:e0:12:d1:a9:16:94:2d:6c:d0:
36:4c:e2:0c:df:81:cd:d8:0d:76:b9:fd:68:be:ef:
ae:23:81:be:7f:07:61:ac:48:e8:fa:c7:a1:50:d2:
72:aa:6a:88:6a:3e:16:ed:ac:5f:cd:94:3a:ef:6f:
a0:29:b5:aa:2c:01:8c:63:1d:59:85:53:53:fa:50:
fb:c5:25:4f:10:87:0e:f5:99:21:29:65:ed:eb:19:
0b:67:a8:a0:87:ed:fd:67:39:1e:f4:b2:df:d3:30:
1b:dc:2a:b9:f4:19:9b:9d:81:64:a7:cd:37:ee:99:
a8:0e:a6:63:f5:22:4b:98:89:65:17:7c:b1:69:4e:
4f:a4:bd:2b:b1:a8:2c:9f:53:0b:90:2a:c3:ce:ff:
99:db:19:3e:65:ae:dc:cf:cb:33:45:76:a0:26:ca:
9a:7b:98:24:86:c0:d7:57:de:a7:30:45:53:93:62:
f5:2f:b4:a8:f3:cb:e2:45:21:52:90:38:f0:a2:fa:
ae:13:61:45:e1:29:6c:7c:71:a2:13:35:4c:94:13:
35:0c:67:3a:ae:dc:52:5e:0a:54:ee:bd:4e:14:57:
fc:71:a0:c9:73:56:b2:9c:51:4f:3c:7a:bb:f4:cd:
b5:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:21:9E:40:6C:88:BE:DD:91:A5:01:8C:6A:BF:B6:9D:16:DD:F2:62
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/5E6DA40CDA6211EF8B0E5951762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.209.211.0/24
Signature Algorithm: sha256WithRSAEncryption
b8:be:f9:7d:50:1e:40:33:f3:71:90:74:5e:48:dd:bb:05:dd:
a1:6a:86:07:b8:c9:ee:87:1c:25:01:73:61:15:09:51:b0:c2:
28:7a:e5:48:2c:af:0c:70:55:c3:c0:46:95:e3:0b:3d:c0:57:
ab:ea:42:4f:6b:4e:b4:8d:52:84:af:e2:a5:75:bc:7c:51:3b:
a1:d4:44:b3:d1:d3:44:bf:76:77:6e:00:18:3b:f4:d4:3e:db:
43:fb:ae:5a:b3:96:59:ce:ea:23:f5:b7:c1:22:3f:74:40:34:
15:ba:ec:60:c2:80:22:e3:9c:cf:55:73:55:34:3d:45:3b:7b:
6a:59:48:ba:a3:c0:03:3c:1a:af:f9:c9:e7:bc:7f:6c:53:97:
2a:5b:67:90:e8:e7:d3:23:84:6b:c1:bf:4f:25:04:7c:4d:22:
30:7d:72:d4:6a:83:33:3a:3f:89:06:6b:b9:72:6e:18:57:83:
93:4d:a2:41:dc:8c:92:e0:fa:04:a7:7a:8f:18:b4:38:89:e6:
ea:d2:aa:6f:18:fd:b8:2a:0d:ea:be:4f:86:a2:e3:a5:06:c7:
5d:b2:d6:0c:9c:38:ce:01:a9:aa:40:9f:e9:8b:8e:7e:2d:59:
09:b3:e6:96:bf:de:e3:5d:31:04:69:8f:1e:52:49:39:b3:04:
95:68:b6:0a
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAUhoMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTI0MTQ0OTA2WhcNMjUwMzA1MTQ0OTA2WjAYMRYw
FAYDVQQDEw02NzkzYTg2Ni1hZjI5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAvlTuUagzCffHpdvScZiPEEdd9R3gEtGpFpQtbNA2TOIM34HN2A12uf1o
vu+uI4G+fwdhrEjo+sehUNJyqmqIaj4W7axfzZQ672+gKbWqLAGMYx1ZhVNT+lD7
xSVPEIcO9ZkhKWXt6xkLZ6igh+39Zzke9LLf0zAb3Cq59BmbnYFkp8037pmoDqZj
9SJLmIllF3yxaU5PpL0rsagsn1MLkCrDzv+Z2xk+Za7cz8szRXagJsqae5gkhsDX
V96nMEVTk2L1L7So88viRSFSkDjwovquE2FF4SlsfHGiEzVMlBM1DGc6rtxSXgpU
7r1OFFf8caDJc1aynFFPPHq79M217QIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFF4h
nkBsiL7dkaUBjGq/tp0W3fJiMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC81RTZEQTQwQ0RBNjIxMUVGOEIwRTU5NTE3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmtHTMA0GCSqGSIb3DQEB
CwUAA4IBAQC4vvl9UB5AM/NxkHReSN27Bd2haoYHuMnuhxwlAXNhFQlRsMIoeuVI
LK8McFXDwEaV4ws9wFer6kJPa060jVKEr+Kldbx8UTuh1ESz0dNEv3Z3bgAYO/TU
PttD+65as5ZZzuoj9bfBIj90QDQVuuxgwoAi45zPVXNVND1FO3tqWUi6o8ADPBqv
+cnnvH9sU5cqW2eQ6OfTI4Rrwb9PJQR8TSIwfXLUaoMzOj+JBmu5cm4YV4OTTaJB
3IyS4PoEp3qPGLQ4iebq0qpvGP24Kg3qvk+GouOlBsddstYMnDjOAamqQJ/pi45+
LVkJs+aWv97jXTEEaY8eUkk5swSVaLYK
-----END CERTIFICATE-----
Generated at Thu Mar 13 17:52:14 2025 by rpki-client