Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/91000CB2F67C11EFB59BB5B0762E951A.roa
File: 91000CB2F67C11EFB59BB5B0762E951A.roa (raw, json)
Hash identifier: Yrpvau5olen1DpmC7h8vtHP7QJo/bu1pgDyUcFkEiI8=
Subject key identifier: 62:83:B0:E4:E0:04:5C:EA:CB:88:B0:3B:B8:AA:13:CC:0A:A3:31:5C
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 016D7F
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/91000CB2F67C11EFB59BB5B0762E951A.roa
Signing time: Sat 01 Mar 2025 09:07:14 +0000
ROA not before: Sat 01 Mar 2025 09:07:10 +0000
ROA not after: Mon 31 Mar 2025 09:07:10 +0000
asID: 44559
IP address blocks: 154.209.204.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 93567 (0x16d7f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Mar 1 09:07:10 2025 GMT
Not After : Mar 31 09:07:10 2025 GMT
Subject: CN=67c2ce42-8046
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:5d:d3:64:d7:81:2c:32:f4:4a:9d:20:f7:0f:
3f:47:d6:c7:14:60:0c:e5:4f:2b:5c:42:73:83:b4:
28:b0:27:16:f8:f4:73:a5:0b:0b:94:83:77:f4:25:
c7:6c:36:0c:ce:0d:2f:30:dd:55:8f:43:25:87:56:
d7:da:dd:7e:59:dd:25:17:e8:5e:16:e6:61:d7:5b:
1f:11:b1:7b:c0:1f:ff:47:9b:e8:b0:36:c7:9f:b6:
45:1a:ca:f0:78:57:b3:32:cd:ed:b1:07:98:f5:f0:
3c:ca:03:1d:09:d2:85:c8:92:3c:5a:27:d3:b5:d0:
85:86:00:e4:55:a5:83:c4:ca:02:09:3a:72:2e:e7:
f3:eb:e8:00:d4:1f:6a:f7:c3:db:eb:1c:2c:b9:d8:
27:9c:54:3f:e4:49:d6:f4:99:a6:d6:03:f6:e5:ae:
ea:3e:22:d4:a5:fd:c9:ff:20:ca:18:f2:31:32:43:
8f:90:62:76:88:4f:0f:71:1d:c7:cd:56:52:df:d2:
23:bd:ac:50:3a:75:84:22:fd:7d:75:56:ac:0a:bc:
b8:a7:29:9c:1e:e1:ff:dd:2c:1a:5c:48:89:e3:8b:
fc:c9:30:07:9d:07:db:0d:80:ef:c6:38:36:92:57:
27:c9:58:d0:d4:2a:5b:37:0b:d2:e4:7c:dd:21:7d:
1a:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:83:B0:E4:E0:04:5C:EA:CB:88:B0:3B:B8:AA:13:CC:0A:A3:31:5C
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/91000CB2F67C11EFB59BB5B0762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.209.204.0/24
Signature Algorithm: sha256WithRSAEncryption
78:04:be:63:11:f6:d8:e4:f0:1f:20:45:28:a2:88:df:c9:ae:
50:3a:cc:64:ea:91:ff:f3:db:8b:53:fc:9c:c1:2a:53:28:6f:
b2:e6:43:0e:92:3f:f1:ab:4e:dc:86:ce:2c:e3:87:eb:d8:23:
1b:6f:40:4e:dc:10:a3:02:7c:c6:5a:ba:a0:55:55:32:2a:ee:
94:d1:80:2e:01:a3:28:69:2c:da:29:09:5c:12:3e:2c:33:f7:
4a:0d:3c:b2:fa:c2:eb:b2:46:c9:4f:da:0f:b3:f3:3e:3c:cc:
c9:69:03:9c:8a:5d:51:7a:57:34:f2:14:21:9a:49:94:55:13:
2b:32:92:46:71:c4:7e:4f:fd:72:98:98:f8:d8:8b:6e:ae:9e:
a2:ba:87:d0:2a:df:9e:18:c2:ab:67:3d:cd:f8:e8:08:55:70:
e9:2d:37:9c:39:87:4c:3c:68:03:5e:d3:81:20:2a:b3:f2:28:
c5:70:b0:dd:c1:6d:86:e7:96:0a:ca:1d:b5:c6:ca:dd:dc:1d:
df:6d:4d:98:36:f4:5d:28:ee:4b:9e:76:67:74:a9:02:68:ff:
ad:2d:1b:4a:26:f7:14:eb:67:11:2b:82:8f:d6:a6:02:47:a4:
d4:6a:ee:50:51:cf:09:ea:0e:da:63:5a:d1:77:41:83:8b:33:
47:3b:9a:f1
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAW1/MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMzAxMDkwNzEwWhcNMjUwMzMxMDkwNzEwWjAYMRYw
FAYDVQQDEw02N2MyY2U0Mi04MDQ2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAyV3TZNeBLDL0Sp0g9w8/R9bHFGAM5U8rXEJzg7QosCcW+PRzpQsLlIN3
9CXHbDYMzg0vMN1Vj0Mlh1bX2t1+Wd0lF+heFuZh11sfEbF7wB//R5vosDbHn7ZF
GsrweFezMs3tsQeY9fA8ygMdCdKFyJI8WifTtdCFhgDkVaWDxMoCCTpyLufz6+gA
1B9q98Pb6xwsudgnnFQ/5EnW9Jmm1gP25a7qPiLUpf3J/yDKGPIxMkOPkGJ2iE8P
cR3HzVZS39IjvaxQOnWEIv19dVasCry4pymcHuH/3SwaXEiJ44v8yTAHnQfbDYDv
xjg2klcnyVjQ1CpbNwvS5HzdIX0aGwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFGKD
sOTgBFzqy4iwO7iqE8wKozFcMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC85MTAwMENCMkY2N0MxMUVGQjU5QkI1QjA3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmtHMMA0GCSqGSIb3DQEB
CwUAA4IBAQB4BL5jEfbY5PAfIEUooojfya5QOsxk6pH/89uLU/ycwSpTKG+y5kMO
kj/xq07chs4s44fr2CMbb0BO3BCjAnzGWrqgVVUyKu6U0YAuAaMoaSzaKQlcEj4s
M/dKDTyy+sLrskbJT9oPs/M+PMzJaQOcil1Relc08hQhmkmUVRMrMpJGccR+T/1y
mJj42Iturp6iuofQKt+eGMKrZz3N+OgIVXDpLTecOYdMPGgDXtOBICqz8ijFcLDd
wW2G55YKyh21xsrd3B3fbU2YNvRdKO5LnnZndKkCaP+tLRtKJvcU62cRK4KP1qYC
R6TUau5QUc8J6g7aY1rRd0GDizNHO5rx
-----END CERTIFICATE-----
Generated at Fri May 9 07:13:50 2025 by rpki-client