Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/73CE29E6DA4B11EFB3DAFBB2762E951A.roa
File: 73CE29E6DA4B11EFB3DAFBB2762E951A.roa (raw, json)
Hash identifier: vMCqDX07YrZR1ct+Kck9QaYX+OxlhK7WIrDrYDxY2Vo=
Subject key identifier: 23:E5:29:56:A7:2D:F2:9F:83:CE:48:04:35:FB:AB:95:CD:46:0C:37
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 014677
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/73CE29E6DA4B11EFB3DAFBB2762E951A.roa
Signing time: Fri 24 Jan 2025 12:05:07 +0000
ROA not before: Fri 24 Jan 2025 12:04:59 +0000
ROA not after: Wed 05 Mar 2025 12:04:59 +0000
asID: 49505
IP address blocks: 154.211.17.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 83575 (0x14677)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Jan 24 12:04:59 2025 GMT
Not After : Mar 5 12:04:59 2025 GMT
Subject: CN=679381f3-7474
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:7d:9d:66:26:a3:90:43:00:4a:37:89:21:b4:
3a:1a:0e:3e:92:a0:68:11:44:d9:bd:ec:bb:ad:20:
45:2c:71:01:cd:9e:98:e7:1b:41:3a:c9:ae:81:d4:
c5:82:76:18:7c:21:2b:55:88:43:9d:1e:a3:e7:37:
ea:ff:60:52:fd:f6:93:8e:60:b5:dc:c0:8e:39:0c:
91:cc:3f:d3:82:3f:8e:89:28:aa:18:94:47:e3:5e:
dd:2a:ab:21:7a:1e:a6:c6:7a:96:19:f1:ee:95:de:
7e:25:23:d8:e4:8f:12:1e:58:06:c2:39:71:e7:8a:
68:fd:3a:1c:99:da:04:6f:d9:a4:69:4a:80:21:5f:
34:4b:45:ed:48:b7:1b:56:17:ba:1f:06:ed:b7:03:
30:06:c5:cf:ce:aa:ed:f9:8e:81:d7:88:db:08:b7:
d2:50:7b:4d:b9:1a:b7:07:d7:05:c9:51:b9:0b:68:
76:4f:87:db:e1:fa:3b:ce:19:6d:c7:15:b2:1a:11:
33:ca:1d:30:84:d3:9a:be:5e:71:25:a3:fa:25:30:
08:54:ef:ec:32:64:c6:db:fa:f6:da:3f:8a:ff:d0:
2d:10:a6:9c:02:5d:fd:09:1f:0f:08:b1:d7:28:42:
7b:f1:b6:67:78:5c:7a:d0:7c:d2:a1:2c:8e:6b:3a:
21:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:E5:29:56:A7:2D:F2:9F:83:CE:48:04:35:FB:AB:95:CD:46:0C:37
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/73CE29E6DA4B11EFB3DAFBB2762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.211.17.0/24
Signature Algorithm: sha256WithRSAEncryption
6e:3c:2d:3d:f9:c4:90:0c:c3:f2:dd:d6:7d:66:ec:74:93:81:
16:69:85:d2:97:3b:cd:12:74:53:87:c9:27:bf:e4:ac:68:e6:
8d:14:93:89:51:7b:89:72:61:a7:de:7f:81:8a:f8:65:57:16:
93:f5:e6:98:60:e5:a1:21:da:a9:4c:c3:00:3f:35:15:8c:e8:
e8:84:b9:cf:9b:72:a4:e8:20:39:e0:26:3a:f1:8c:68:8b:24:
a9:ee:bd:08:2a:e9:70:38:1c:9a:ee:4c:96:10:6b:b5:63:ee:
12:13:d1:14:72:d0:7c:fc:b1:64:c6:48:7b:ac:dd:07:c0:01:
21:42:32:a2:b2:70:94:55:f8:16:75:d3:ce:45:7f:10:5e:53:
4a:79:e3:0f:1a:14:ab:3d:ff:8c:6b:41:59:2d:8b:33:3f:1d:
e8:48:d3:7e:0c:fe:58:90:1b:5e:f6:75:dc:9e:10:b1:fd:19:
83:32:fc:50:c6:30:35:27:20:ca:69:9c:b3:59:28:95:85:77:
fe:5b:7a:84:c4:57:3b:cf:16:7b:25:23:da:6c:a4:1f:c0:cd:
16:c9:d3:64:a6:3f:70:d5:60:55:51:60:6d:46:e4:f6:f8:65:
5e:45:ee:27:9a:ba:16:b6:2d:e7:df:b9:e4:cc:e5:d0:85:89:
ca:c9:d5:86
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAUZ3MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTI0MTIwNDU5WhcNMjUwMzA1MTIwNDU5WjAYMRYw
FAYDVQQDEw02NzkzODFmMy03NDc0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA2n2dZiajkEMASjeJIbQ6Gg4+kqBoEUTZvey7rSBFLHEBzZ6Y5xtBOsmu
gdTFgnYYfCErVYhDnR6j5zfq/2BS/faTjmC13MCOOQyRzD/Tgj+OiSiqGJRH417d
Kqsheh6mxnqWGfHuld5+JSPY5I8SHlgGwjlx54po/TocmdoEb9mkaUqAIV80S0Xt
SLcbVhe6HwbttwMwBsXPzqrt+Y6B14jbCLfSUHtNuRq3B9cFyVG5C2h2T4fb4fo7
zhltxxWyGhEzyh0whNOavl5xJaP6JTAIVO/sMmTG2/r22j+K/9AtEKacAl39CR8P
CLHXKEJ78bZneFx60HzSoSyOazohJwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFCPl
KVanLfKfg85IBDX7q5XNRgw3MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC83M0NFMjlFNkRBNEIxMUVGQjNEQUZCQjI3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmtMRMA0GCSqGSIb3DQEB
CwUAA4IBAQBuPC09+cSQDMPy3dZ9Zux0k4EWaYXSlzvNEnRTh8knv+SsaOaNFJOJ
UXuJcmGn3n+BivhlVxaT9eaYYOWhIdqpTMMAPzUVjOjohLnPm3Kk6CA54CY68Yxo
iySp7r0IKulwOBya7kyWEGu1Y+4SE9EUctB8/LFkxkh7rN0HwAEhQjKisnCUVfgW
ddPORX8QXlNKeeMPGhSrPf+Ma0FZLYszPx3oSNN+DP5YkBte9nXcnhCx/RmDMvxQ
xjA1JyDKaZyzWSiVhXf+W3qExFc7zxZ7JSPabKQfwM0WydNkpj9w1WBVUWBtRuT2
+GVeRe4nmroWti3n37nkzOXQhYnKydWG
-----END CERTIFICATE-----
Generated at Thu Mar 13 17:55:14 2025 by rpki-client