Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/69BFAC2EF5BA11EF9BFF917C762E951A.roa
File: 69BFAC2EF5BA11EF9BFF917C762E951A.roa (raw, json)
Hash identifier: dg9f76VDyMzpoI8Yp8OagzUbSf7HdZHFLoMRZGHR78s=
Subject key identifier: CD:14:14:B8:E2:04:21:60:BE:DA:9B:5B:96:18:6E:29:E6:55:B6:FF
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 016A71
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/69BFAC2EF5BA11EF9BFF917C762E951A.roa
Signing time: Fri 28 Feb 2025 09:57:26 +0000
ROA not before: Fri 28 Feb 2025 09:57:22 +0000
ROA not after: Mon 31 Mar 2025 09:57:22 +0000
asID: 54600
IP address blocks: 154.207.208.0/21 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 92785 (0x16a71)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Feb 28 09:57:22 2025 GMT
Not After : Mar 31 09:57:22 2025 GMT
Subject: CN=67c18886-1c1f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:83:10:b0:a8:0c:9b:4d:0c:7d:5d:af:4d:0f:
ee:e6:9f:4f:34:95:3e:79:ab:3b:4f:d7:d6:19:cb:
80:9a:8f:32:5e:42:40:d8:a3:0a:3b:3c:85:2c:a6:
42:e3:83:ac:99:23:5c:06:51:3b:e1:98:fd:4d:c9:
6c:c9:96:a4:42:8b:4c:7b:0a:02:ed:f0:bd:46:72:
95:87:97:dd:b2:3c:9e:f9:e9:2b:cd:bd:10:b9:83:
7d:16:59:fe:19:99:8e:0c:e5:3f:ec:03:3c:fa:f0:
78:66:fd:10:4c:c6:ac:18:cf:89:c5:23:ad:5a:d2:
21:b1:ca:f0:94:ab:20:ff:10:7a:7b:ca:e0:8c:39:
58:66:50:8a:68:53:73:4b:2d:f0:19:33:ac:2b:85:
b7:99:0c:05:0f:7b:98:2b:d6:e0:d2:de:7e:70:06:
d8:0f:7c:b7:e1:b2:70:e9:80:15:9b:8f:aa:b4:6f:
14:40:9e:84:cf:1a:38:58:18:e6:38:11:9f:63:11:
a6:5c:68:bc:a5:dd:36:05:8e:e3:da:d3:05:18:4f:
b7:ce:52:5f:2a:ac:42:e6:50:62:9b:b5:91:80:14:
6b:0e:69:e5:42:a3:34:b9:a2:c8:78:47:34:26:5c:
99:92:a0:e3:4b:6b:d8:e4:8d:da:23:e0:3b:19:ba:
b1:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:14:14:B8:E2:04:21:60:BE:DA:9B:5B:96:18:6E:29:E6:55:B6:FF
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/69BFAC2EF5BA11EF9BFF917C762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.207.208.0/21
Signature Algorithm: sha256WithRSAEncryption
3a:ba:70:10:6a:68:5d:0b:f9:7a:b7:01:1a:4f:8f:0e:cd:88:
5e:cf:fe:79:83:d1:eb:d7:7c:6e:b7:81:b3:b6:34:30:69:7a:
06:e8:c9:d5:a2:76:34:37:89:06:42:f3:68:f7:d4:78:c3:35:
30:e2:d2:8a:9b:25:bd:5c:e9:4a:f0:e2:4d:37:b0:a0:a5:e5:
d9:db:37:9f:f4:f5:51:71:9c:f0:be:06:21:9f:87:9f:2d:e0:
41:bd:d9:7d:6f:d1:bf:d4:d7:22:ad:6f:50:28:10:de:d2:45:
1b:37:13:a7:91:ef:97:87:b4:bf:65:85:97:11:88:79:8c:f0:
e2:20:0b:0c:58:94:14:ca:83:e6:c2:5d:a6:03:fd:ef:5f:e6:
5d:2a:02:b7:0b:cf:e8:4e:c2:95:f8:bc:c1:af:07:ac:d5:44:
33:9e:7e:08:b1:47:6d:c2:2d:5d:13:5a:54:07:0c:61:4f:f2:
5f:dc:44:8a:72:f7:64:81:b8:26:6a:82:8f:d5:3c:fe:dc:51:
74:b7:80:ad:d6:59:1b:23:d5:e8:ca:5c:3f:c7:c7:96:7d:3c:
f0:d6:8b:a1:70:8f:8b:e0:91:78:5c:b1:02:0c:eb:90:02:f5:
e3:a3:91:1e:6d:48:15:97:82:41:0d:41:b1:fa:26:d8:83:45:
8a:38:3d:b8
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAWpxMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMjI4MDk1NzIyWhcNMjUwMzMxMDk1NzIyWjAYMRYw
FAYDVQQDEw02N2MxODg4Ni0xYzFmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAyoMQsKgMm00MfV2vTQ/u5p9PNJU+eas7T9fWGcuAmo8yXkJA2KMKOzyF
LKZC44OsmSNcBlE74Zj9TclsyZakQotMewoC7fC9RnKVh5fdsjye+ekrzb0QuYN9
Fln+GZmODOU/7AM8+vB4Zv0QTMasGM+JxSOtWtIhscrwlKsg/xB6e8rgjDlYZlCK
aFNzSy3wGTOsK4W3mQwFD3uYK9bg0t5+cAbYD3y34bJw6YAVm4+qtG8UQJ6Ezxo4
WBjmOBGfYxGmXGi8pd02BY7j2tMFGE+3zlJfKqxC5lBim7WRgBRrDmnlQqM0uaLI
eEc0JlyZkqDjS2vY5I3aI+A7GbqxowIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFM0U
FLjiBCFgvtqbW5YYbinmVbb/MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC82OUJGQUMyRUY1QkExMUVGOUJGRjkxN0M3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDms/QMA0GCSqGSIb3DQEB
CwUAA4IBAQA6unAQamhdC/l6twEaT48OzYhez/55g9Hr13xut4GztjQwaXoG6MnV
onY0N4kGQvNo99R4wzUw4tKKmyW9XOlK8OJNN7CgpeXZ2zef9PVRcZzwvgYhn4ef
LeBBvdl9b9G/1NcirW9QKBDe0kUbNxOnke+Xh7S/ZYWXEYh5jPDiIAsMWJQUyoPm
wl2mA/3vX+ZdKgK3C8/oTsKV+LzBrwes1UQznn4IsUdtwi1dE1pUBwxhT/Jf3ESK
cvdkgbgmaoKP1Tz+3FF0t4Ct1lkbI9Xoylw/x8eWfTzw1ouhcI+L4JF4XLECDOuQ
AvXjo5EebUgVl4JBDUGx+ibYg0WKOD24
-----END CERTIFICATE-----
Generated at Fri May 9 06:34:47 2025 by rpki-client