Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/6E396F16F1E011EFA71F96A9762E951A.roa
File: 6E396F16F1E011EFA71F96A9762E951A.roa (raw, json)
Hash identifier: FotIKXSmXktF/OU/3JIITR+3d1ABS7zhjWRTVNLu9nI=
Subject key identifier: B1:F6:C4:E8:C5:C5:BF:D4:1C:AC:1A:29:2E:22:69:D6:D2:11:C7:E5
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 015B6D
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/6E396F16F1E011EFA71F96A9762E951A.roa
Signing time: Sun 23 Feb 2025 12:19:30 +0000
ROA not before: Sun 23 Feb 2025 12:19:26 +0000
ROA not after: Sat 29 Mar 2025 12:19:26 +0000
asID: 203020
IP address blocks: 154.205.186.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 88941 (0x15b6d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Feb 23 12:19:26 2025 GMT
Not After : Mar 29 12:19:26 2025 GMT
Subject: CN=67bb1251-0347
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:9a:5a:58:9c:7a:c7:47:ee:bf:31:28:b2:8e:
3e:e2:44:cb:00:70:76:43:46:47:54:ff:0b:a2:6f:
22:6d:c2:92:e8:6b:26:c1:6d:ef:ea:b3:ed:e7:2c:
5b:2f:40:d3:20:2e:38:c7:68:9c:fb:e2:7a:15:ea:
1a:ae:df:ab:cc:21:a1:b0:2a:1c:6b:d5:55:f6:81:
0f:70:0a:31:d0:4e:65:b8:f2:c6:31:63:99:fc:ed:
6a:fa:f7:f4:3e:4e:ba:6f:8e:30:34:8c:a3:72:f6:
13:85:1b:86:a7:84:79:3d:cd:49:75:bc:2d:be:fe:
18:64:2d:09:b6:27:d2:9f:2c:ae:1b:ae:91:11:8a:
69:2c:64:b6:de:17:5b:a9:e8:ca:23:e9:ef:37:0e:
d5:cf:b1:b3:6b:cb:ab:17:6d:f8:c1:9c:a9:dc:8c:
a9:f7:5d:25:f9:c8:25:69:0f:d7:ce:37:aa:eb:da:
70:2c:ea:80:bd:5f:df:d3:7c:7b:d0:c0:c6:7c:94:
0e:30:1d:4f:d9:e4:0d:f6:74:b8:7d:1b:68:06:09:
5d:f1:8c:ef:04:89:aa:e7:fd:56:f7:84:fb:ea:34:
d5:fc:c1:95:33:e0:f8:c2:95:ee:9e:da:0b:52:f0:
71:df:87:19:6c:e3:10:48:e7:41:22:f9:27:14:cc:
6e:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:F6:C4:E8:C5:C5:BF:D4:1C:AC:1A:29:2E:22:69:D6:D2:11:C7:E5
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/6E396F16F1E011EFA71F96A9762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.205.186.0/24
Signature Algorithm: sha256WithRSAEncryption
9e:3f:a4:30:48:81:a8:4e:9e:cf:7f:6a:d2:92:fb:56:06:fe:
b7:23:70:b5:31:68:72:92:73:62:9c:5b:fd:45:2e:45:05:0e:
06:c4:9e:54:83:62:e3:69:a2:da:8c:ee:9a:26:a6:8a:f1:af:
3d:0f:43:e1:bd:d8:28:98:43:52:0a:18:2e:71:7c:f9:c6:06:
53:f5:e7:e2:1a:f4:e0:d6:34:da:cc:88:de:36:2e:5b:46:1f:
8b:c5:97:3c:e6:ac:36:40:35:c3:25:cb:6d:fb:45:3e:8a:d9:
a8:54:e4:c1:78:9b:4b:e4:03:49:31:64:67:9b:24:0f:04:70:
0f:83:b3:cf:07:4f:85:18:18:b5:2b:45:0e:38:5e:d4:bc:08:
47:50:3f:82:8d:64:47:87:f6:bc:b5:8d:34:56:aa:f0:ef:5c:
51:ce:d9:c4:c4:87:64:5f:91:b8:a9:9f:87:4a:95:8b:e2:cc:
87:5c:f6:b3:07:77:6f:b5:9a:5e:dd:9b:e9:76:ad:0c:bc:98:
43:13:f2:d4:70:4d:f7:bf:85:bc:6d:62:27:7a:71:0c:31:37:
e9:8a:23:95:cb:d4:5b:de:a2:ef:9c:2f:df:b2:02:11:36:74:
97:8d:a0:38:80:2b:02:28:1f:b2:50:ef:0c:95:82:37:47:4a:
a1:dc:7b:d7
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAVttMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMjIzMTIxOTI2WhcNMjUwMzI5MTIxOTI2WjAYMRYw
FAYDVQQDEw02N2JiMTI1MS0wMzQ3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAq5paWJx6x0fuvzEoso4+4kTLAHB2Q0ZHVP8Lom8ibcKS6GsmwW3v6rPt
5yxbL0DTIC44x2ic++J6Feoart+rzCGhsCoca9VV9oEPcAox0E5luPLGMWOZ/O1q
+vf0Pk66b44wNIyjcvYThRuGp4R5Pc1Jdbwtvv4YZC0JtifSnyyuG66REYppLGS2
3hdbqejKI+nvNw7Vz7Gza8urF234wZyp3Iyp910l+cglaQ/Xzjeq69pwLOqAvV/f
03x70MDGfJQOMB1P2eQN9nS4fRtoBgld8YzvBImq5/1W94T76jTV/MGVM+D4wpXu
ntoLUvBx34cZbOMQSOdBIvknFMxuyQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFLH2
xOjFxb/UHKwaKS4iadbSEcflMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC82RTM5NkYxNkYxRTAxMUVGQTcxRjk2QTk3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAms26MA0GCSqGSIb3DQEB
CwUAA4IBAQCeP6QwSIGoTp7Pf2rSkvtWBv63I3C1MWhyknNinFv9RS5FBQ4GxJ5U
g2LjaaLajO6aJqaK8a89D0PhvdgomENSChgucXz5xgZT9efiGvTg1jTazIjeNi5b
Rh+LxZc85qw2QDXDJctt+0U+itmoVOTBeJtL5ANJMWRnmyQPBHAPg7PPB0+FGBi1
K0UOOF7UvAhHUD+CjWRHh/a8tY00Vqrw71xRztnExIdkX5G4qZ+HSpWL4syHXPaz
B3dvtZpe3Zvpdq0MvJhDE/LUcE33v4W8bWInenEMMTfpiiOVy9Rb3qLvnC/fsgIR
NnSXjaA4gCsCKB+yUO8MlYI3R0qh3HvX
-----END CERTIFICATE-----
Generated at Sat Apr 12 05:09:25 2025 by rpki-client