Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/68835AAAF6BD11EF9D024363762E951A.roa
File: 68835AAAF6BD11EF9D024363762E951A.roa (raw, json)
Hash identifier: zRG/7iWA53HQMid4Pds1yrFuniXPZ4+qaOo1X4QHHzk=
Subject key identifier: 60:02:CA:53:72:ED:A1:6C:7B:D1:DE:BE:AC:0B:7E:F5:1D:0F:55:9D
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 016EF9
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/68835AAAF6BD11EF9D024363762E951A.roa
Signing time: Sat 01 Mar 2025 16:51:23 +0000
ROA not before: Sat 01 Mar 2025 16:51:20 +0000
ROA not after: Mon 31 Mar 2025 16:51:20 +0000
asID: 202656
IP address blocks: 154.219.233.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 93945 (0x16ef9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Mar 1 16:51:20 2025 GMT
Not After : Mar 31 16:51:20 2025 GMT
Subject: CN=67c33b0b-aa4c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:97:05:f9:42:17:3d:2c:13:02:ca:1e:67:0b:
f3:4a:21:ee:06:d0:52:bc:6c:18:65:95:ff:87:80:
37:93:01:81:b8:b6:fd:08:ba:63:02:8e:c4:a8:42:
f6:1e:37:6b:d6:4f:d4:ce:c2:75:ab:f2:2d:fa:5c:
50:c4:03:ca:bb:5b:98:0f:6c:0c:c0:8b:69:85:f4:
77:bf:75:1e:d5:ab:50:1d:d4:82:c1:3e:75:8a:33:
e8:c1:7c:2d:bc:99:10:6b:9f:8f:b8:c1:34:cb:e3:
37:56:ef:aa:10:c2:5a:36:36:68:6b:76:4d:99:b3:
9f:10:b8:29:55:2a:6b:7b:d8:d3:ba:2c:5c:8d:98:
dd:3f:a7:6e:af:39:2c:9f:4c:c6:bd:75:66:6d:b4:
e6:8b:2f:b0:2c:fd:78:51:8f:b8:9c:e0:a8:e3:24:
09:d3:ce:e2:4b:fd:2b:95:eb:89:e6:9f:50:0f:96:
b9:64:b7:f2:c0:16:bc:38:8e:a4:ea:17:fc:5c:76:
0e:d2:d3:54:6f:10:9b:fc:4a:4a:dd:ef:94:43:f6:
84:ea:8c:41:a2:3d:d4:6c:49:57:54:40:f6:52:9f:
a7:33:b9:d8:48:4c:b7:91:c3:cf:36:e2:bd:90:aa:
64:85:e8:de:02:34:f0:7d:75:02:35:d8:ce:a9:70:
3f:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:02:CA:53:72:ED:A1:6C:7B:D1:DE:BE:AC:0B:7E:F5:1D:0F:55:9D
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/68835AAAF6BD11EF9D024363762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.219.233.0/24
Signature Algorithm: sha256WithRSAEncryption
9d:79:3a:b0:29:85:82:9c:01:ae:ca:60:00:27:2f:be:7b:2e:
6e:78:b2:6e:20:e2:5c:12:ff:99:00:9f:d2:a0:f0:78:c8:d2:
70:8d:73:c1:7d:1b:23:cc:3e:d5:4a:16:01:18:a2:e3:15:92:
4f:1f:f3:bb:fa:1f:b3:43:2b:99:42:f0:f2:14:a9:fe:e0:02:
19:fc:09:d8:45:36:69:0c:9a:19:7e:5c:dc:f7:8b:cb:5f:13:
6a:89:43:d4:69:a9:2f:d6:71:83:90:81:f0:ef:a0:1b:96:69:
af:86:da:93:02:1a:f2:ef:28:0b:d2:03:1b:ae:5b:fe:7f:c0:
c5:ce:16:9f:e6:8d:b3:b8:b7:21:25:64:51:fc:19:d3:82:ba:
ca:90:58:66:3c:bb:5c:f5:a1:fc:54:ff:09:e6:ec:e4:e2:c7:
44:85:a3:b6:50:7f:94:42:f8:97:76:af:2d:8c:a4:ac:21:60:
e2:2b:9b:85:54:16:9f:e4:89:46:51:93:7d:56:9f:89:04:1f:
07:98:66:be:50:37:68:90:9f:d0:5d:b4:6b:0b:14:d6:87:f4:
49:87:8f:32:90:53:c9:89:cd:a6:f7:02:a5:46:1c:66:87:68:
31:6b:a0:20:fe:18:23:16:02:9c:e7:12:9a:40:f9:74:3f:24:
fc:1f:ae:36
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAW75MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMzAxMTY1MTIwWhcNMjUwMzMxMTY1MTIwWjAYMRYw
FAYDVQQDEw02N2MzM2IwYi1hYTRjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAuZcF+UIXPSwTAsoeZwvzSiHuBtBSvGwYZZX/h4A3kwGBuLb9CLpjAo7E
qEL2Hjdr1k/UzsJ1q/It+lxQxAPKu1uYD2wMwItphfR3v3Ue1atQHdSCwT51ijPo
wXwtvJkQa5+PuME0y+M3Vu+qEMJaNjZoa3ZNmbOfELgpVSpre9jTuixcjZjdP6du
rzksn0zGvXVmbbTmiy+wLP14UY+4nOCo4yQJ087iS/0rleuJ5p9QD5a5ZLfywBa8
OI6k6hf8XHYO0tNUbxCb/EpK3e+UQ/aE6oxBoj3UbElXVED2Up+nM7nYSEy3kcPP
NuK9kKpkhejeAjTwfXUCNdjOqXA/cQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFGAC
ylNy7aFse9HevqwLfvUdD1WdMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC82ODgzNUFBQUY2QkQxMUVGOUQwMjQzNjM3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmtvpMA0GCSqGSIb3DQEB
CwUAA4IBAQCdeTqwKYWCnAGuymAAJy++ey5ueLJuIOJcEv+ZAJ/SoPB4yNJwjXPB
fRsjzD7VShYBGKLjFZJPH/O7+h+zQyuZQvDyFKn+4AIZ/AnYRTZpDJoZflzc94vL
XxNqiUPUaakv1nGDkIHw76AblmmvhtqTAhry7ygL0gMbrlv+f8DFzhaf5o2zuLch
JWRR/BnTgrrKkFhmPLtc9aH8VP8J5uzk4sdEhaO2UH+UQviXdq8tjKSsIWDiK5uF
VBaf5IlGUZN9Vp+JBB8HmGa+UDdokJ/QXbRrCxTWh/RJh48ykFPJic2m9wKlRhxm
h2gxa6Ag/hgjFgKc5xKaQPl0PyT8H642
-----END CERTIFICATE-----
Generated at Fri May 9 12:16:16 2025 by rpki-client