Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/7850C208F67511EFBE68BA7E762E951A.roa
File: 7850C208F67511EFBE68BA7E762E951A.roa (raw, json)
Hash identifier: EbyGK9nqs1NeOwpyo0b6206hlbemB2np6880LvdLiHs=
Subject key identifier: C4:AF:3D:19:4F:A4:61:02:4A:A1:E2:0F:03:16:55:38:46:77:DB:6F
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 016D48
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/7850C208F67511EFBE68BA7E762E951A.roa
Signing time: Sat 01 Mar 2025 08:16:26 +0000
ROA not before: Sat 01 Mar 2025 08:16:22 +0000
ROA not after: Sat 29 Mar 2025 08:16:22 +0000
asID: 984
IP address blocks: 154.200.150.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 93512 (0x16d48)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Mar 1 08:16:22 2025 GMT
Not After : Mar 29 08:16:22 2025 GMT
Subject: CN=67c2c25a-c023
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:8b:42:0a:5c:58:9a:74:e8:6b:c5:93:17:35:
d4:b8:2a:85:cf:74:00:50:5e:5b:db:8b:d8:0a:ad:
76:3b:38:b4:39:36:0c:66:5f:57:96:f9:9e:b6:6d:
33:d6:c3:31:7b:27:04:c7:07:c5:9e:76:20:7c:51:
7b:ab:fb:f9:55:00:b1:ee:98:c9:a2:8d:dd:7c:57:
97:ef:b7:f4:16:a1:0c:41:31:03:80:8c:7c:76:42:
3e:30:a8:cc:b5:07:a5:7e:27:06:c2:2c:9b:02:44:
02:0c:f7:c3:2f:8f:ef:cf:18:9c:db:22:4c:3c:9e:
df:49:b8:a4:86:cf:3b:8c:af:f2:eb:f8:d2:25:d3:
17:3c:1d:99:12:74:62:8a:31:a1:9c:86:6d:0c:fa:
a0:5b:c0:4c:3c:89:03:19:c5:29:67:fb:9d:d6:06:
c9:f7:0f:e8:40:d7:66:18:45:16:0a:7b:fc:dd:dd:
59:57:e1:ec:2d:cd:8e:e3:23:26:24:a5:da:7f:ba:
47:02:0f:21:15:0a:59:99:8f:f0:f2:56:de:9e:15:
5e:df:f8:3c:24:68:c0:be:57:4f:ae:c8:e1:ed:59:
08:ae:cb:ee:82:e5:2d:71:ee:fb:d3:50:12:64:55:
5c:90:05:5d:a7:59:91:8d:8b:33:6a:75:e5:5f:85:
03:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:AF:3D:19:4F:A4:61:02:4A:A1:E2:0F:03:16:55:38:46:77:DB:6F
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/7850C208F67511EFBE68BA7E762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.200.150.0/24
Signature Algorithm: sha256WithRSAEncryption
5c:a8:2e:24:5a:23:dc:f3:57:4a:48:e1:10:fc:e5:a6:42:1f:
a0:de:fd:d0:c3:79:44:00:3b:4c:e1:cf:6c:92:ac:70:67:16:
f0:73:da:f9:b0:96:22:ed:da:11:04:f7:6c:cb:28:7f:89:40:
69:27:20:b6:07:c0:f3:4b:bf:38:d9:36:09:70:62:9b:00:59:
43:14:df:3c:a2:7b:c2:eb:79:3f:d3:4d:69:f0:f5:e3:90:62:
c7:58:76:83:46:be:b8:c0:b3:44:d5:53:26:a8:14:7e:9f:f5:
f1:a7:1e:fa:a7:db:53:62:04:1c:2c:94:51:ec:e1:62:49:13:
c1:74:65:be:73:a0:7d:38:81:76:20:46:65:22:a1:f6:86:e7:
be:0f:dc:eb:a6:39:83:a6:aa:0a:49:b2:52:23:1b:f9:d1:d4:
cf:cf:a4:37:92:ec:2a:d1:cf:87:ff:ad:b9:11:12:f6:19:e1:
81:2a:2f:23:0f:0f:7a:51:31:49:b1:38:e0:80:11:51:80:7f:
77:22:94:36:ec:b6:f4:72:c2:e1:0a:9f:e6:50:56:07:2a:da:
98:8a:59:06:97:34:52:a8:45:3f:c6:2e:38:98:36:6f:32:40:
fb:63:f8:6e:53:10:45:7c:b8:e3:99:0d:d0:22:1c:9a:24:e2:
53:c5:0f:42
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAW1IMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMzAxMDgxNjIyWhcNMjUwMzI5MDgxNjIyWjAYMRYw
FAYDVQQDEw02N2MyYzI1YS1jMDIzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA7ItCClxYmnToa8WTFzXUuCqFz3QAUF5b24vYCq12Ozi0OTYMZl9Xlvme
tm0z1sMxeycExwfFnnYgfFF7q/v5VQCx7pjJoo3dfFeX77f0FqEMQTEDgIx8dkI+
MKjMtQelficGwiybAkQCDPfDL4/vzxic2yJMPJ7fSbikhs87jK/y6/jSJdMXPB2Z
EnRiijGhnIZtDPqgW8BMPIkDGcUpZ/ud1gbJ9w/oQNdmGEUWCnv83d1ZV+HsLc2O
4yMmJKXaf7pHAg8hFQpZmY/w8lbenhVe3/g8JGjAvldPrsjh7VkIrsvuguUtce77
01ASZFVckAVdp1mRjYszanXlX4UD/wIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFMSv
PRlPpGECSqHiDwMWVThGd9tvMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC83ODUwQzIwOEY2NzUxMUVGQkU2OEJBN0U3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmsiWMA0GCSqGSIb3DQEB
CwUAA4IBAQBcqC4kWiPc81dKSOEQ/OWmQh+g3v3Qw3lEADtM4c9skqxwZxbwc9r5
sJYi7doRBPdsyyh/iUBpJyC2B8DzS7842TYJcGKbAFlDFN88onvC63k/001p8PXj
kGLHWHaDRr64wLNE1VMmqBR+n/Xxpx76p9tTYgQcLJRR7OFiSRPBdGW+c6B9OIF2
IEZlIqH2hue+D9zrpjmDpqoKSbJSIxv50dTPz6Q3kuwq0c+H/625ERL2GeGBKi8j
Dw96UTFJsTjggBFRgH93IpQ27Lb0csLhCp/mUFYHKtqYilkGlzRSqEU/xi44mDZv
MkD7Y/huUxBFfLjjmQ3QIhyaJOJTxQ9C
-----END CERTIFICATE-----
Generated at Fri May 9 11:19:17 2025 by rpki-client