Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/872C9840F82011EFB77FE452762E951A.roa
File: 872C9840F82011EFB77FE452762E951A.roa (raw, json)
Hash identifier: X8wLea0lQLwuzCa2ssgCuNiCNIWBS9h7re0jz7b+0kI=
Subject key identifier: 61:A4:71:AA:9F:B5:BF:F5:37:3C:52:C8:70:CD:00:A3:45:57:84:98
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01705F
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/872C9840F82011EFB77FE452762E951A.roa
Signing time: Mon 03 Mar 2025 11:13:26 +0000
ROA not before: Mon 03 Mar 2025 11:13:22 +0000
ROA not after: Mon 31 Mar 2025 11:13:22 +0000
asID: 202656
IP address blocks: 154.219.1.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 94303 (0x1705f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Mar 3 11:13:22 2025 GMT
Not After : Mar 31 11:13:22 2025 GMT
Subject: CN=67c58ed6-e59d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:96:61:52:68:1e:e4:63:a7:22:77:7f:b0:01:
24:2f:95:2f:7b:ea:7b:63:ef:11:39:26:84:b5:8b:
92:83:87:15:c1:c1:d9:e4:43:ca:06:fa:95:4d:17:
2b:34:9f:af:d7:b9:2c:c0:7e:63:3f:bf:21:c6:87:
80:45:67:2d:72:ec:cb:fb:3b:e1:b5:7b:b4:89:97:
fe:f2:73:98:42:9c:f6:89:64:d8:d7:7c:b1:cd:7a:
e4:43:24:db:bb:f9:52:3d:fc:0e:7b:4c:b8:3f:e2:
89:2f:15:2e:57:16:1d:b6:fe:22:f4:8b:f2:02:6f:
8b:c1:69:48:04:fe:2d:8e:61:cb:75:29:eb:25:dc:
78:8d:19:54:7a:74:7a:11:5a:18:23:53:94:9e:77:
05:5b:12:ab:85:22:2a:96:18:8a:0e:48:07:1a:11:
f7:3b:8c:e2:4a:36:55:48:1f:a7:2e:ea:39:aa:31:
2a:82:7f:15:36:9f:74:43:00:7a:8a:0d:a3:12:ec:
d6:59:10:04:ae:54:20:42:91:da:e2:26:f2:3b:e4:
25:f1:fe:e0:43:71:8e:b8:8f:b4:49:ac:25:b9:bf:
37:b2:d6:0d:fd:95:2f:64:12:4e:c9:d3:6b:a4:04:
97:3f:c6:1f:69:25:74:a5:9a:b8:23:ae:2b:83:63:
c5:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:A4:71:AA:9F:B5:BF:F5:37:3C:52:C8:70:CD:00:A3:45:57:84:98
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/872C9840F82011EFB77FE452762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.219.1.0/24
Signature Algorithm: sha256WithRSAEncryption
0a:84:69:f3:c8:2f:85:9b:e5:45:8c:ce:80:5e:ed:ce:9d:3b:
26:f9:b1:78:17:d3:89:a4:ed:eb:28:36:87:57:30:75:c4:12:
a2:63:1c:5e:87:7e:ff:7b:34:00:5c:bf:3e:cc:22:6b:ef:4f:
7d:ff:89:67:72:7b:29:31:ff:9b:f9:f7:ff:f7:98:b7:48:11:
7e:96:d4:ac:dd:91:fb:71:81:97:93:1a:4a:62:bd:57:58:8b:
91:fd:ec:74:b7:9a:12:47:1b:81:26:47:ef:d0:35:ff:26:67:
eb:6b:85:35:c3:65:76:ca:00:34:45:90:53:db:ad:95:e4:b2:
a4:6c:8f:9e:10:a8:8f:1d:64:a8:ac:bb:fc:82:ac:4d:36:17:
f4:a8:7a:13:a4:3a:91:88:bb:84:81:19:46:16:47:ab:cd:81:
a4:ba:06:44:43:c7:84:c9:01:c2:8a:71:12:4d:2d:5e:10:98:
5d:7e:d8:b0:a8:83:99:0a:cf:5f:d5:f4:a5:31:30:51:c8:a2:
95:44:ad:21:42:16:aa:23:4f:26:08:39:75:b5:34:21:2c:49:
07:3e:a2:0d:93:f1:19:95:6b:a0:16:a7:6f:11:2c:52:27:6a:
af:00:59:9f:cf:c9:f1:40:2a:49:eb:c6:9b:ab:1e:e0:22:ba:
91:bf:33:3e
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAXBfMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMzAzMTExMzIyWhcNMjUwMzMxMTExMzIyWjAYMRYw
FAYDVQQDEw02N2M1OGVkNi1lNTlkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAvZZhUmge5GOnInd/sAEkL5Uve+p7Y+8ROSaEtYuSg4cVwcHZ5EPKBvqV
TRcrNJ+v17kswH5jP78hxoeARWctcuzL+zvhtXu0iZf+8nOYQpz2iWTY13yxzXrk
QyTbu/lSPfwOe0y4P+KJLxUuVxYdtv4i9IvyAm+LwWlIBP4tjmHLdSnrJdx4jRlU
enR6EVoYI1OUnncFWxKrhSIqlhiKDkgHGhH3O4ziSjZVSB+nLuo5qjEqgn8VNp90
QwB6ig2jEuzWWRAErlQgQpHa4ibyO+Ql8f7gQ3GOuI+0Sawlub83stYN/ZUvZBJO
ydNrpASXP8YfaSV0pZq4I64rg2PFRwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFGGk
caqftb/1NzxSyHDNAKNFV4SYMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC84NzJDOTg0MEY4MjAxMUVGQjc3RkU0NTI3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmtsBMA0GCSqGSIb3DQEB
CwUAA4IBAQAKhGnzyC+Fm+VFjM6AXu3OnTsm+bF4F9OJpO3rKDaHVzB1xBKiYxxe
h37/ezQAXL8+zCJr7099/4lncnspMf+b+ff/95i3SBF+ltSs3ZH7cYGXkxpKYr1X
WIuR/ex0t5oSRxuBJkfv0DX/Jmfra4U1w2V2ygA0RZBT262V5LKkbI+eEKiPHWSo
rLv8gqxNNhf0qHoTpDqRiLuEgRlGFkerzYGkugZEQ8eEyQHCinESTS1eEJhdftiw
qIOZCs9f1fSlMTBRyKKVRK0hQhaqI08mCDl1tTQhLEkHPqINk/EZlWugFqdvESxS
J2qvAFmfz8nxQCpJ68abqx7gIrqRvzM+
-----END CERTIFICATE-----
Generated at Fri May 9 11:42:13 2025 by rpki-client