Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/8B6C5978F6A811EF8D43245A762E951A.roa
File: 8B6C5978F6A811EF8D43245A762E951A.roa (raw, json)
Hash identifier: OaBChhnM5hTGcKapzgT42yKt3wNjEFxEQ58upU3x7gs=
Subject key identifier: 8B:65:DB:52:0D:5A:D8:0A:3D:47:DA:3F:8F:BF:B6:70:55:E6:4B:E4
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 016E6E
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/8B6C5978F6A811EF8D43245A762E951A.roa
Signing time: Sat 01 Mar 2025 14:22:03 +0000
ROA not before: Sat 01 Mar 2025 14:21:59 +0000
ROA not after: Mon 31 Mar 2025 14:21:59 +0000
asID: 202656
IP address blocks: 154.219.249.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 93806 (0x16e6e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Mar 1 14:21:59 2025 GMT
Not After : Mar 31 14:21:59 2025 GMT
Subject: CN=67c3180a-6a7a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:1c:70:85:0f:63:e0:7e:9c:31:04:cd:2e:e7:
38:e7:92:71:44:d6:16:54:a6:02:eb:5a:2e:aa:74:
8d:01:64:d8:31:5b:fc:6c:a6:7d:60:e6:d0:eb:7b:
73:ad:b4:55:96:fb:25:a0:21:b7:d5:db:ab:cd:74:
ef:15:2f:e5:d9:99:a8:f3:86:e3:07:d1:1a:12:8a:
83:88:fd:b0:1f:38:32:13:2d:bf:72:fb:a4:8a:24:
de:10:ac:8f:03:64:3d:bc:d7:13:25:64:db:65:84:
3a:d6:bd:e8:73:1f:dd:1b:7f:71:5c:ca:68:05:3b:
d3:3c:6f:a0:24:d0:ef:8b:06:b1:24:ee:f8:c0:a2:
50:0c:31:62:d2:4a:ea:b6:7b:5c:16:77:4d:26:35:
bc:32:ea:42:c6:64:c6:ff:55:9d:3d:b6:20:1c:fc:
10:39:e0:53:b5:77:17:e7:ba:18:9f:13:eb:9f:48:
ad:a1:d6:7b:f9:35:dc:3a:79:e0:c9:ba:60:c5:f5:
f8:cf:89:91:39:2c:28:44:b3:1a:3c:59:b2:3f:ef:
57:d3:20:6b:d9:a0:a0:c1:47:64:bb:4c:96:cb:f8:
95:39:e5:78:2d:0a:10:3a:dd:ad:e4:45:88:af:dc:
f2:d3:6a:78:16:3c:0b:da:2c:b2:5a:7b:26:d5:d7:
c1:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:65:DB:52:0D:5A:D8:0A:3D:47:DA:3F:8F:BF:B6:70:55:E6:4B:E4
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/8B6C5978F6A811EF8D43245A762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.219.249.0/24
Signature Algorithm: sha256WithRSAEncryption
a0:b8:4b:17:54:e4:46:f6:36:fc:50:e0:0c:2f:08:7e:35:dd:
ea:0e:e0:b1:3f:00:fe:5b:08:75:86:8f:40:0f:48:e8:39:e1:
b7:26:e2:5c:e6:e3:9e:43:ed:55:04:15:54:88:91:4a:03:6d:
1f:be:ec:61:a8:d5:c9:7e:60:8a:55:0e:b5:92:31:92:01:4c:
3d:06:63:6f:de:b4:a0:10:ed:50:ba:bf:f8:cc:8b:48:89:21:
8a:67:cf:65:51:18:5f:ab:71:12:96:96:c8:3c:a8:44:94:20:
ec:9c:c3:6b:e3:28:9d:29:5d:50:5d:60:7f:fa:21:38:f3:f2:
13:bd:f1:33:6f:a4:ba:19:2d:79:3f:b7:ea:c6:c7:c5:de:36:
d8:8a:d1:c5:23:55:a1:e5:ee:c5:a1:2b:ca:77:3f:c8:e6:5a:
04:b4:a3:35:75:50:c6:fc:07:6e:c2:97:cf:19:5c:88:7a:16:
f1:ff:8c:bf:00:a6:91:4f:73:3f:28:0a:dd:8b:56:6a:57:8d:
f1:dc:64:b4:f0:f3:8b:61:5e:f3:51:90:47:33:76:bb:9b:ce:
b5:48:6e:27:b1:64:b1:ae:4d:72:9a:39:ae:0c:87:2d:71:d4:
6a:ff:45:47:13:ea:17:24:31:36:49:17:9d:45:da:fd:ee:0b:
0c:cd:99:7a
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAW5uMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMzAxMTQyMTU5WhcNMjUwMzMxMTQyMTU5WjAYMRYw
FAYDVQQDEw02N2MzMTgwYS02YTdhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAvRxwhQ9j4H6cMQTNLuc455JxRNYWVKYC61ouqnSNAWTYMVv8bKZ9YObQ
63tzrbRVlvsloCG31durzXTvFS/l2Zmo84bjB9EaEoqDiP2wHzgyEy2/cvukiiTe
EKyPA2Q9vNcTJWTbZYQ61r3ocx/dG39xXMpoBTvTPG+gJNDviwaxJO74wKJQDDFi
0krqtntcFndNJjW8MupCxmTG/1WdPbYgHPwQOeBTtXcX57oYnxPrn0itodZ7+TXc
OnngybpgxfX4z4mROSwoRLMaPFmyP+9X0yBr2aCgwUdku0yWy/iVOeV4LQoQOt2t
5EWIr9zy02p4FjwL2iyyWnsm1dfBTQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFItl
21INWtgKPUfaP4+/tnBV5kvkMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC84QjZDNTk3OEY2QTgxMUVGOEQ0MzI0NUE3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmtv5MA0GCSqGSIb3DQEB
CwUAA4IBAQCguEsXVORG9jb8UOAMLwh+Nd3qDuCxPwD+Wwh1ho9AD0joOeG3JuJc
5uOeQ+1VBBVUiJFKA20fvuxhqNXJfmCKVQ61kjGSAUw9BmNv3rSgEO1Qur/4zItI
iSGKZ89lURhfq3ESlpbIPKhElCDsnMNr4yidKV1QXWB/+iE48/ITvfEzb6S6GS15
P7fqxsfF3jbYitHFI1Wh5e7FoSvKdz/I5loEtKM1dVDG/AduwpfPGVyIehbx/4y/
AKaRT3M/KArdi1ZqV43x3GS08POLYV7zUZBHM3a7m861SG4nsWSxrk1ymjmuDIct
cdRq/0VHE+oXJDE2SRedRdr97gsMzZl6
-----END CERTIFICATE-----
Generated at Fri May 9 11:52:32 2025 by rpki-client