Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/61B6ABB6FBE311EF9C503C47762E951A.roa
File: 61B6ABB6FBE311EF9C503C47762E951A.roa (raw, json)
Hash identifier: whhr7x+eNhM0wlW4IM63d6xHOC7pqc6ileIt6KIqW+o=
Subject key identifier: 3C:DF:23:A6:8C:42:21:F6:93:F2:55:61:A2:90:B2:D4:03:FD:F5:72
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0172FE
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/61B6ABB6FBE311EF9C503C47762E951A.roa
Signing time: Sat 08 Mar 2025 06:05:49 +0000
ROA not before: Sat 08 Mar 2025 06:05:43 +0000
ROA not after: Fri 28 Mar 2025 06:05:43 +0000
asID: 57043
IP address blocks: 154.199.70.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 94974 (0x172fe)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Mar 8 06:05:43 2025 GMT
Not After : Mar 28 06:05:43 2025 GMT
Subject: CN=67cbde3d-7de4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:ed:b6:b2:1b:17:ed:44:bd:e8:f8:4a:60:4e:
d6:82:e7:7f:61:2b:e7:d1:03:f5:6f:11:4a:74:ab:
1a:1c:3b:96:f2:26:fe:df:cc:38:fb:50:ae:49:0d:
d9:b0:3f:2d:bf:b8:f2:f3:e5:eb:e3:b7:19:9a:b4:
4c:f5:64:f3:96:1c:55:d7:0c:d5:c0:9f:1e:f4:90:
7d:d3:e9:76:01:1a:25:3c:45:1e:a4:a1:2e:dc:aa:
8f:9b:8d:28:0b:82:97:3e:0a:2b:6f:5a:d0:6c:20:
c0:a3:e5:d0:9f:90:f2:dc:a8:5c:67:f3:76:56:8f:
ae:19:21:2c:fc:90:cf:6a:4e:f4:15:72:8c:55:dc:
37:94:bf:3a:63:69:91:60:3c:b8:8a:92:f7:45:0a:
1c:79:73:69:8f:8d:92:93:24:dc:f0:5c:90:d9:84:
ee:58:5d:3b:d5:b8:7d:fb:d8:b5:eb:c1:ff:ae:cb:
24:91:d4:f1:6a:57:5f:36:d9:4a:1d:4a:81:df:ea:
a6:9b:90:13:97:09:e5:35:46:f5:5c:a2:38:5f:df:
21:f7:b0:0a:f9:a7:03:58:55:a0:a2:e5:7b:36:01:
58:aa:5e:ea:ba:69:49:9e:10:1d:e4:0a:f7:46:9c:
c3:b4:f7:f7:05:6c:24:01:1f:80:1c:c3:2b:ef:78:
06:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:DF:23:A6:8C:42:21:F6:93:F2:55:61:A2:90:B2:D4:03:FD:F5:72
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/61B6ABB6FBE311EF9C503C47762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.199.70.0/23
Signature Algorithm: sha256WithRSAEncryption
12:03:51:31:6c:f7:09:a1:d7:7d:9b:07:4b:c7:31:a2:98:69:
f5:83:96:13:e1:76:30:65:7d:a7:7e:ec:84:0f:1b:c9:f6:62:
e7:79:02:c8:29:82:ad:cf:12:a4:f4:39:cf:96:50:40:ce:cc:
17:28:7a:3a:90:58:e5:12:e0:4c:b5:47:02:13:dd:ea:d4:f5:
e2:d6:3f:48:2a:a8:c0:40:1b:fc:e4:ba:56:6a:b9:55:a6:f8:
a5:5a:63:a7:fd:96:83:92:6c:2b:34:bc:b2:ff:99:26:cd:37:
73:90:e9:d9:4b:c5:85:38:78:c2:b4:74:97:86:0e:3b:c3:4d:
6d:27:9a:61:08:2a:3d:ed:21:b2:d4:3d:ce:8f:84:54:b1:26:
3d:42:11:9e:fd:d9:7c:3b:5f:61:cb:aa:6e:69:f4:59:e8:74:
6a:66:64:61:ef:86:ea:71:e9:35:dc:a8:bc:b5:10:16:a9:88:
51:29:cb:e3:f6:0e:1a:df:63:ee:75:16:7b:3e:ee:0e:46:e7:
47:e1:0c:8d:45:c4:c4:f7:b8:f7:e5:3a:c8:0a:4b:38:14:30:
ec:d8:43:bf:d0:1f:c0:ef:36:bd:df:2c:de:8d:3e:16:c4:29:
fd:10:8e:6d:d3:4a:6a:84:70:07:ce:c5:44:bf:7a:b7:52:fa:
ea:e8:d6:f8
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAXL+MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMzA4MDYwNTQzWhcNMjUwMzI4MDYwNTQzWjAYMRYw
FAYDVQQDEw02N2NiZGUzZC03ZGU0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAw+22shsX7US96PhKYE7Wgud/YSvn0QP1bxFKdKsaHDuW8ib+38w4+1Cu
SQ3ZsD8tv7jy8+Xr47cZmrRM9WTzlhxV1wzVwJ8e9JB90+l2ARolPEUepKEu3KqP
m40oC4KXPgorb1rQbCDAo+XQn5Dy3KhcZ/N2Vo+uGSEs/JDPak70FXKMVdw3lL86
Y2mRYDy4ipL3RQoceXNpj42SkyTc8FyQ2YTuWF071bh9+9i168H/rsskkdTxaldf
NtlKHUqB3+qmm5ATlwnlNUb1XKI4X98h97AK+acDWFWgouV7NgFYql7qumlJnhAd
5Ar3RpzDtPf3BWwkAR+AHMMr73gGPwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFDzf
I6aMQiH2k/JVYaKQstQD/fVyMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC82MUI2QUJCNkZCRTMxMUVGOUM1MDNDNDc3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBmsdGMA0GCSqGSIb3DQEB
CwUAA4IBAQASA1ExbPcJodd9mwdLxzGimGn1g5YT4XYwZX2nfuyEDxvJ9mLneQLI
KYKtzxKk9DnPllBAzswXKHo6kFjlEuBMtUcCE93q1PXi1j9IKqjAQBv85LpWarlV
pvilWmOn/ZaDkmwrNLyy/5kmzTdzkOnZS8WFOHjCtHSXhg47w01tJ5phCCo97SGy
1D3Oj4RUsSY9QhGe/dl8O19hy6puafRZ6HRqZmRh74bqcek13Ki8tRAWqYhRKcvj
9g4a32PudRZ7Pu4ORudH4QyNRcTE97j35TrICks4FDDs2EO/0B/A7za93yzejT4W
xCn9EI5t00pqhHAHzsVEv3q3Uvrq6Nb4
-----END CERTIFICATE-----
Generated at Fri May 9 11:23:18 2025 by rpki-client