Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/94607A80F6B411EF869C9BA8762E951A.roa
File: 94607A80F6B411EF869C9BA8762E951A.roa (raw, json)
Hash identifier: wk8gcIJSC0JvVUM93lEhZFvcj+kXpamd3aQl2agEH4A=
Subject key identifier: 2B:D3:D3:B9:B5:EC:C4:8A:7D:99:12:E0:47:F7:AD:BE:60:1B:37:33
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 016EBD
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/94607A80F6B411EF869C9BA8762E951A.roa
Signing time: Sat 01 Mar 2025 15:48:12 +0000
ROA not before: Sat 01 Mar 2025 15:48:08 +0000
ROA not after: Mon 31 Mar 2025 15:48:08 +0000
asID: 202656
IP address blocks: 154.219.214.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 93885 (0x16ebd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Mar 1 15:48:08 2025 GMT
Not After : Mar 31 15:48:08 2025 GMT
Subject: CN=67c32c3b-bc2c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:34:8c:2b:75:57:f1:e4:1f:77:1c:e6:5c:da:
e3:6b:3c:b8:e9:10:b3:66:e0:c4:45:54:e2:a5:29:
da:62:fe:ed:42:6a:73:14:e6:82:90:cd:7e:73:34:
4c:ff:f0:76:5f:7d:e9:34:6a:51:d0:bd:98:e1:40:
dc:42:73:50:42:56:99:83:7a:38:5f:a5:73:d3:a6:
6e:01:72:b2:bc:8c:cf:74:5e:1f:b9:fc:8b:45:4c:
5a:1c:9d:ad:d6:27:24:d9:eb:c9:76:cb:c4:28:8c:
8b:44:d2:d6:41:2a:a1:aa:f6:29:c3:70:ef:a3:b7:
60:02:2f:94:41:58:1c:94:c4:b2:f2:c5:0a:c8:34:
0b:d7:1c:f5:16:f3:86:81:5e:ad:35:c3:c8:80:94:
8d:dd:2f:df:c0:3b:97:46:84:43:7c:9e:17:54:8f:
44:02:16:47:04:d2:ff:e7:5a:31:e2:d0:35:f2:f9:
f1:a2:25:97:d4:3b:01:51:b0:7b:be:f7:46:76:f6:
89:df:e1:5f:20:48:28:5b:ef:b2:55:29:6a:6c:a7:
81:b9:3d:31:90:6d:f7:74:db:c7:5b:fe:e5:d7:6b:
a9:8e:03:e2:d3:c4:ff:fe:a7:a0:df:22:b1:ba:72:
58:61:fd:e8:5d:75:a0:f1:7a:fd:7f:3b:c7:b4:ab:
ad:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:D3:D3:B9:B5:EC:C4:8A:7D:99:12:E0:47:F7:AD:BE:60:1B:37:33
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/94607A80F6B411EF869C9BA8762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.219.214.0/24
Signature Algorithm: sha256WithRSAEncryption
d5:62:45:76:98:6e:5b:71:72:be:c7:61:e5:fb:02:ce:be:33:
76:90:f6:fd:8f:5a:c6:9b:dd:95:28:5c:86:81:fe:44:29:4a:
80:87:88:74:5c:bd:7d:75:65:3c:23:f4:9b:56:8f:f8:9a:08:
8d:cc:c3:86:7f:bb:51:b0:c4:7b:e6:16:3a:e6:f0:80:5d:46:
e2:62:b7:4f:27:93:d0:4e:85:70:ee:5b:58:ed:29:3f:55:2c:
0e:24:ac:83:0e:e6:40:a6:71:bf:64:75:96:c7:46:e8:99:a6:
21:ce:b7:d8:a4:eb:16:fa:40:e5:da:54:20:ea:1d:7c:dd:02:
ba:70:96:89:8f:2a:fd:e3:98:b6:9f:01:7f:25:43:94:7a:f8:
e7:f5:ca:e5:d9:9c:cf:46:c6:29:4a:27:87:57:e6:a0:e2:56:
61:a3:a7:63:91:52:08:3a:6d:8f:96:a4:d0:3e:d6:52:76:c2:
74:2c:3d:e5:55:4c:5b:1b:15:b7:9f:34:c3:1a:ed:a8:3e:8b:
a2:44:e4:9c:dc:49:52:30:4a:66:63:c2:00:55:87:c6:70:5a:
bd:42:ca:7d:cc:b9:91:9d:1c:36:d2:b7:53:f6:8f:70:6f:27:
e1:0e:d3:ab:5d:4a:a8:c7:56:85:ca:2f:dc:bb:3a:4a:93:9d:
13:da:20:c3
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAW69MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMzAxMTU0ODA4WhcNMjUwMzMxMTU0ODA4WjAYMRYw
FAYDVQQDEw02N2MzMmMzYi1iYzJjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAxjSMK3VX8eQfdxzmXNrjazy46RCzZuDERVTipSnaYv7tQmpzFOaCkM1+
czRM//B2X33pNGpR0L2Y4UDcQnNQQlaZg3o4X6Vz06ZuAXKyvIzPdF4fufyLRUxa
HJ2t1ick2evJdsvEKIyLRNLWQSqhqvYpw3Dvo7dgAi+UQVgclMSy8sUKyDQL1xz1
FvOGgV6tNcPIgJSN3S/fwDuXRoRDfJ4XVI9EAhZHBNL/51ox4tA18vnxoiWX1DsB
UbB7vvdGdvaJ3+FfIEgoW++yVSlqbKeBuT0xkG33dNvHW/7l12upjgPi08T//qeg
3yKxunJYYf3oXXWg8Xr9fzvHtKutuQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFCvT
07m17MSKfZkS4Ef3rb5gGzczMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC85NDYwN0E4MEY2QjQxMUVGODY5QzlCQTg3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmtvWMA0GCSqGSIb3DQEB
CwUAA4IBAQDVYkV2mG5bcXK+x2Hl+wLOvjN2kPb9j1rGm92VKFyGgf5EKUqAh4h0
XL19dWU8I/SbVo/4mgiNzMOGf7tRsMR75hY65vCAXUbiYrdPJ5PQToVw7ltY7Sk/
VSwOJKyDDuZApnG/ZHWWx0bomaYhzrfYpOsW+kDl2lQg6h183QK6cJaJjyr945i2
nwF/JUOUevjn9crl2ZzPRsYpSieHV+ag4lZho6djkVIIOm2PlqTQPtZSdsJ0LD3l
VUxbGxW3nzTDGu2oPouiROSc3ElSMEpmY8IAVYfGcFq9Qsp9zLmRnRw20rdT9o9w
byfhDtOrXUqox1aFyi/cuzpKk50T2iDD
-----END CERTIFICATE-----
Generated at Fri May 9 11:51:21 2025 by rpki-client