Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/882DADDEF69411EFB0224F53762E951A.roa
File: 882DADDEF69411EFB0224F53762E951A.roa (raw, json)
Hash identifier: Ao1lCFH8DeljNV3LBQeN2QXykY+ViYR+jnIbH895A+k=
Subject key identifier: 1C:FF:C5:36:4A:FE:7A:87:DB:F5:AE:C0:AD:37:58:2F:44:95:48:41
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 016E23
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/882DADDEF69411EFB0224F53762E951A.roa
Signing time: Sat 01 Mar 2025 11:58:47 +0000
ROA not before: Sat 01 Mar 2025 11:58:44 +0000
ROA not after: Mon 31 Mar 2025 11:58:44 +0000
asID: 202656
IP address blocks: 154.221.59.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 93731 (0x16e23)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Mar 1 11:58:44 2025 GMT
Not After : Mar 31 11:58:44 2025 GMT
Subject: CN=67c2f677-9287
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ef:84:3c:a5:04:05:5a:14:bf:c8:56:16:a2:6c:
82:db:8c:07:51:32:a4:63:fe:dd:d6:2b:10:9a:fa:
3f:e3:e9:34:6b:e3:95:bd:fb:88:be:ae:df:7a:56:
fc:61:30:f8:8b:26:01:09:5e:fb:b7:82:71:90:58:
ec:8b:5a:18:26:10:3c:e2:b3:06:e1:d7:07:81:8d:
a6:51:c4:57:a7:f0:31:b9:76:62:c1:c4:0f:a2:5b:
f8:88:f3:c3:ea:a3:69:88:c8:11:75:5e:fd:8a:37:
d7:07:14:c8:b4:3b:cf:d3:51:57:e7:79:78:5d:08:
ec:60:f8:f5:e0:b4:cf:5e:0b:8d:c0:21:7e:ca:37:
4d:9b:a3:96:e6:ef:25:7b:c0:df:40:ca:e4:0b:57:
10:26:16:29:fe:47:59:53:d5:a1:fa:07:3b:c9:96:
24:59:2c:fc:53:c6:ab:0e:8f:ca:6e:ca:b0:66:5d:
2d:16:a1:8a:e3:c9:3c:b2:92:f2:80:15:e9:4e:ea:
5d:5b:8b:03:24:96:40:10:84:81:a2:f4:36:69:43:
dc:13:a7:a7:91:1c:10:f4:1e:ae:69:0b:97:09:77:
30:cc:dd:35:c4:83:1a:64:5b:0a:51:a3:b9:64:fc:
4a:53:2f:6b:da:e7:be:8b:0b:d7:12:c6:1a:9d:71:
0b:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:FF:C5:36:4A:FE:7A:87:DB:F5:AE:C0:AD:37:58:2F:44:95:48:41
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/882DADDEF69411EFB0224F53762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.221.59.0/24
Signature Algorithm: sha256WithRSAEncryption
95:14:7f:c7:61:a0:e5:5f:7c:f5:98:35:1c:db:86:88:e9:e2:
d9:31:13:ac:e7:6e:34:dc:30:79:3a:45:ae:71:c3:8d:60:e5:
d3:71:22:89:ca:91:3f:a8:0b:e1:fb:5f:68:4c:cf:84:2a:d6:
ef:a8:45:74:bb:72:d6:33:82:17:c0:42:90:1c:1e:73:09:42:
b6:cd:18:a5:80:cd:4d:14:45:89:48:62:36:ce:62:3d:09:84:
26:b6:47:1a:d8:8e:cf:28:2d:21:6c:38:65:b6:a2:91:f4:b1:
22:37:24:f8:12:d6:f6:7a:d3:33:4b:d4:6a:92:d3:c2:00:a9:
b4:31:bf:e1:a8:a8:f9:5b:f8:81:9d:6e:43:36:f1:96:45:6f:
86:f8:86:35:c7:0a:f4:71:0b:47:9f:3c:e4:39:de:e2:17:91:
f2:9b:d6:07:72:a2:11:0b:72:6a:1f:11:01:4e:48:bc:86:7c:
15:f7:78:d7:6d:9a:6a:b2:d7:de:8a:9b:84:b4:61:69:73:4f:
88:8a:94:f5:cb:14:75:dd:6f:64:10:0b:b7:4b:2d:64:e8:0e:
a1:11:54:e9:53:ca:d7:9e:22:76:10:40:ac:84:ce:cf:ac:21:
ba:72:de:00:22:df:72:49:fa:ee:b3:90:f9:69:e0:7a:1b:bc:
86:e5:57:f6
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAW4jMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMzAxMTE1ODQ0WhcNMjUwMzMxMTE1ODQ0WjAYMRYw
FAYDVQQDEw02N2MyZjY3Ny05Mjg3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA74Q8pQQFWhS/yFYWomyC24wHUTKkY/7d1isQmvo/4+k0a+OVvfuIvq7f
elb8YTD4iyYBCV77t4JxkFjsi1oYJhA84rMG4dcHgY2mUcRXp/AxuXZiwcQPolv4
iPPD6qNpiMgRdV79ijfXBxTItDvP01FX53l4XQjsYPj14LTPXguNwCF+yjdNm6OW
5u8le8DfQMrkC1cQJhYp/kdZU9Wh+gc7yZYkWSz8U8arDo/KbsqwZl0tFqGK48k8
spLygBXpTupdW4sDJJZAEISBovQ2aUPcE6enkRwQ9B6uaQuXCXcwzN01xIMaZFsK
UaO5ZPxKUy9r2ue+iwvXEsYanXELbwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFBz/
xTZK/nqH2/WuwK03WC9ElUhBMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC84ODJEQURERUY2OTQxMUVGQjAyMjRGNTM3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmt07MA0GCSqGSIb3DQEB
CwUAA4IBAQCVFH/HYaDlX3z1mDUc24aI6eLZMROs52403DB5OkWuccONYOXTcSKJ
ypE/qAvh+19oTM+EKtbvqEV0u3LWM4IXwEKQHB5zCUK2zRilgM1NFEWJSGI2zmI9
CYQmtkca2I7PKC0hbDhltqKR9LEiNyT4Etb2etMzS9RqktPCAKm0Mb/hqKj5W/iB
nW5DNvGWRW+G+IY1xwr0cQtHnzzkOd7iF5Hym9YHcqIRC3JqHxEBTki8hnwV93jX
bZpqstfeipuEtGFpc0+IipT1yxR13W9kEAu3Sy1k6A6hEVTpU8rXniJ2EECshM7P
rCG6ct4AIt9ySfrus5D5aeB6G7yG5Vf2
-----END CERTIFICATE-----
Generated at Fri May 9 06:45:49 2025 by rpki-client