Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/68BAFB968A9811EE99A41F274AD9E6FC.roa
File: 68BAFB968A9811EE99A41F274AD9E6FC.roa (raw, json)
Hash identifier: Ahnf6Q8dJRK/stnryOp21mJVgnc+5PLikqx9S1e3JFk=
Subject key identifier: 3D:45:6D:19:9B:2B:0B:F0:D4:BD:F0:FF:2D:A7:6F:82:A0:AE:6F:57
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 5434
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/68BAFB968A9811EE99A41F274AD9E6FC.roa
Signing time: Fri 24 Nov 2023 07:09:29 +0000
ROA not before: Fri 24 Nov 2023 07:09:26 +0000
ROA not after: Tue 26 Dec 2023 07:09:26 +0000
asID: 62240
IP address blocks: 154.195.17.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 21556 (0x5434)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Nov 24 07:09:26 2023 GMT
Not After : Dec 26 07:09:26 2023 GMT
Subject: CN=65604c29-fc71
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:fe:ef:4a:c4:db:9d:74:17:35:b2:41:f2:84:
ea:16:bf:55:82:40:40:9f:74:bc:bf:c3:b3:34:07:
fe:04:43:b2:32:08:36:53:db:7f:6c:6e:a5:98:8c:
72:da:7d:98:fb:a7:c5:6c:2f:44:00:d8:08:00:51:
7a:c3:21:5d:7b:a0:e6:4f:45:df:8b:19:02:2f:c1:
59:eb:5a:6f:31:53:88:5e:e8:cd:7c:33:fb:55:67:
91:d4:bb:5a:5a:3e:e6:eb:cb:b8:3c:57:09:d8:b8:
fa:79:06:eb:1b:99:da:77:e8:8f:12:25:7c:be:f3:
e8:a4:71:b8:b9:d1:f3:9d:d4:25:c0:ed:3f:74:6b:
07:14:e9:96:6a:f8:0d:2c:70:66:31:c9:c1:04:d9:
39:1f:dc:a3:97:b1:20:d5:55:d5:7c:92:80:6e:0a:
4d:b5:e6:7b:92:0a:84:42:8f:3a:8d:d6:ee:01:a8:
e1:71:fb:aa:20:01:2b:7a:2b:c7:bf:03:84:82:d7:
6f:77:dc:59:ed:c8:e7:e1:c4:64:6b:ae:5a:af:97:
de:d4:e8:c1:89:75:f3:84:ae:ed:90:35:d7:b0:5d:
37:f9:90:28:f8:7d:70:4a:1b:82:45:ce:e7:d6:7c:
9a:c9:71:c5:39:13:84:b4:d8:3d:b6:5c:45:fa:27:
95:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:45:6D:19:9B:2B:0B:F0:D4:BD:F0:FF:2D:A7:6F:82:A0:AE:6F:57
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/68BAFB968A9811EE99A41F274AD9E6FC.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.195.17.0/24
Signature Algorithm: sha256WithRSAEncryption
32:2d:d4:a4:59:80:64:db:4d:45:86:64:37:d4:12:37:41:8b:
16:26:0c:42:05:fb:a2:26:80:c7:3f:3e:ae:89:1a:8e:be:df:
cb:e4:ad:30:fb:bc:a2:7e:7c:12:df:1f:df:ee:78:cf:56:51:
99:d9:1b:8c:74:b1:dc:d4:b3:66:50:28:c7:45:de:43:70:e4:
41:62:d5:ee:ae:2e:57:52:e4:eb:e9:99:df:ec:6b:71:2e:9a:
40:11:f6:79:0a:87:ef:ff:f9:67:8e:52:5c:55:be:3f:9b:ff:
db:a9:64:e7:57:c5:20:6c:a6:a4:4e:66:93:ab:10:9a:e3:b9:
04:c2:68:ee:f4:88:9d:3f:ea:21:b9:47:9f:91:5d:fa:96:08:
ea:1a:d9:85:11:9a:da:75:47:74:2f:18:a9:e0:4f:f4:9f:d3:
95:ca:b1:47:3b:70:2c:0e:e0:b5:c2:b6:2f:f3:76:85:7e:aa:
c0:86:c2:6b:b5:82:08:43:55:13:ab:ca:cb:21:8c:ad:82:99:
85:08:57:60:51:83:5b:cf:9c:ca:83:8e:a7:7a:4d:24:82:27:
8b:e9:4e:ec:85:8d:ab:d2:34:e3:40:fa:e7:55:90:e1:f4:dd:
f5:d9:18:57:77:30:7a:f5:1c:a2:af:53:a4:1f:37:93:56:d3:
07:d0:da:4a
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICVDQwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
OEYyRDBBRjExMC8GA1UEBRMoMjVENjNFMDhFQUJFN0NGQTY3ODVENEMxRDZEMzQx
MTZERTE1QjNEQzAeFw0yMzExMjQwNzA5MjZaFw0yMzEyMjYwNzA5MjZaMBgxFjAU
BgNVBAMTDTY1NjA0YzI5LWZjNzEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQCu/u9KxNuddBc1skHyhOoWv1WCQECfdLy/w7M0B/4EQ7IyCDZT239sbqWY
jHLafZj7p8VsL0QA2AgAUXrDIV17oOZPRd+LGQIvwVnrWm8xU4he6M18M/tVZ5HU
u1paPubry7g8VwnYuPp5Busbmdp36I8SJXy+8+ikcbi50fOd1CXA7T90awcU6ZZq
+A0scGYxycEE2Tkf3KOXsSDVVdV8koBuCk215nuSCoRCjzqN1u4BqOFx+6ogASt6
K8e/A4SC12933FntyOfhxGRrrlqvl97U6MGJdfOEru2QNdewXTf5kCj4fXBKG4JF
zufWfJrJccU5E4S02D22XEX6J5XJAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUPUVt
GZsrC/DUvfD/LadvgqCub1cwHwYDVR0jBBgwFoAUJdY+COq+fPpnhdTB1tNBFt4V
s9wwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjhGMkQwLzdGNEE5OEVBNkUwNTExRTg5QzBENkU0QkY4QUVBMjI4L0pkWS1D
T3EtZlBwbmhkVEIxdE5CRnQ0VnM5dy5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0pkWS1DT3EtZlBwbmhkVEIxdE5CRnQ0VnM5dy5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjhGMkQwLzdGNEE5OEVBNkUwNTExRTg5QzBENkU0QkY4
QUVBMjI4LzY4QkFGQjk2OEE5ODExRUU5OUE0MUYyNzRBRDlFNkZDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACawxEwDQYJKoZIhvcNAQEL
BQADggEBADIt1KRZgGTbTUWGZDfUEjdBixYmDEIF+6ImgMc/Pq6JGo6+38vkrTD7
vKJ+fBLfH9/ueM9WUZnZG4x0sdzUs2ZQKMdF3kNw5EFi1e6uLldS5Ovpmd/sa3Eu
mkAR9nkKh+//+WeOUlxVvj+b/9upZOdXxSBspqROZpOrEJrjuQTCaO70iJ0/6iG5
R5+RXfqWCOoa2YURmtp1R3QvGKngT/Sf05XKsUc7cCwO4LXCti/zdoV+qsCGwmu1
gghDVROrysshjK2CmYUIV2BRg1vPnMqDjqd6TSSCJ4vpTuyFjavSNONA+udVkOH0
3fXZGFd3MHr1HKKvU6QfN5NW0wfQ2ko=
-----END CERTIFICATE-----
Generated at Fri May 9 11:01:56 2025 by rpki-client