Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/959E3B4CF82811EFAD323586762E951A.roa
File: 959E3B4CF82811EFAD323586762E951A.roa (raw, json)
Hash identifier: XTM+3W3PHOymxERz0g7Pfwkgu/pkP7SiypwXTtxlEhw=
Subject key identifier: C0:60:A2:DC:A9:4B:DA:ED:E5:5D:F7:D7:EB:7B:5F:B3:7D:69:FF:FC
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01707D
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/959E3B4CF82811EFAD323586762E951A.roa
Signing time: Mon 03 Mar 2025 12:11:07 +0000
ROA not before: Mon 03 Mar 2025 12:11:01 +0000
ROA not after: Mon 31 Mar 2025 12:11:01 +0000
asID: 202656
IP address blocks: 154.218.29.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 94333 (0x1707d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Mar 3 12:11:01 2025 GMT
Not After : Mar 31 12:11:01 2025 GMT
Subject: CN=67c59c5b-a5d4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:a8:ee:70:96:90:86:0b:49:1d:cf:b7:a6:13:
3c:ec:80:5f:69:6a:fc:35:c1:77:38:5b:90:14:f5:
f6:dc:40:fb:1b:67:60:95:2e:82:7a:11:e6:84:60:
2f:07:87:22:18:e0:df:84:c1:f5:e4:5e:c5:f6:9f:
16:bc:62:74:04:3b:27:15:2a:d2:e7:2f:43:71:f1:
d8:c0:7c:a7:7f:71:7c:b8:f5:8b:d4:b7:71:c2:44:
14:11:ce:94:f9:5b:74:bb:51:c5:c1:38:24:0c:89:
87:2f:ed:31:f9:22:63:c2:a9:73:0a:e2:5e:e5:05:
87:f9:d8:51:5c:7f:2f:3f:c2:07:1e:72:a8:7f:52:
e7:01:3f:f8:07:ef:b4:57:e1:48:4e:e0:3b:b7:d7:
0a:a9:b7:d4:3c:f0:10:8b:a0:b1:fe:9f:e7:b3:0e:
ff:79:9b:4d:ec:05:c4:c4:25:73:ec:aa:d9:10:d4:
76:04:eb:92:b5:a2:77:37:19:19:71:91:02:d3:56:
8d:13:00:24:9b:24:2c:be:27:b9:e8:dd:5b:09:20:
8e:25:47:18:66:ed:1d:66:bd:71:e1:65:e6:f6:9e:
70:73:c7:55:b6:ae:fd:9e:9e:67:95:0d:ef:d5:e7:
8c:89:45:66:1a:bd:fe:a1:13:74:3a:2e:71:9f:c0:
62:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:60:A2:DC:A9:4B:DA:ED:E5:5D:F7:D7:EB:7B:5F:B3:7D:69:FF:FC
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/959E3B4CF82811EFAD323586762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.218.29.0/24
Signature Algorithm: sha256WithRSAEncryption
c0:a3:b9:f3:ab:53:41:ef:6e:2f:55:bf:13:b1:c5:b3:6c:72:
73:09:60:e9:b3:aa:03:42:dd:44:71:0a:48:53:62:10:a2:56:
d3:5d:a5:b3:d8:d2:d3:57:40:0f:6f:eb:78:7f:7c:8c:f5:b1:
d3:52:f6:f0:69:3c:79:9d:c6:4b:4f:07:c3:b1:0b:e5:ef:02:
a5:5a:74:24:3e:a9:9c:cc:fd:2f:8d:49:2d:3c:24:6d:da:3e:
31:d5:bf:75:51:b2:13:3e:b5:bc:43:d6:1a:6d:12:63:d5:e0:
73:7a:99:62:40:39:d2:f4:a5:0e:59:cf:fe:94:f0:a9:c3:4e:
ce:e0:83:63:67:02:44:cc:a0:ce:db:9e:dd:e8:47:ee:30:cc:
32:3e:63:19:53:77:ec:89:2b:6e:b0:68:2e:7d:77:90:7d:e5:
28:5a:8e:cb:07:a7:37:29:bd:b2:9a:21:b4:99:30:83:04:4a:
22:f2:72:05:49:da:3c:ff:dd:c6:cb:d0:0c:ed:01:da:f0:2d:
d8:e0:ff:d5:e9:56:e4:c0:fd:c3:75:17:b3:e0:2a:2b:a4:e4:
aa:cf:83:a7:93:a2:a9:ba:26:10:93:af:8c:0c:d5:68:ea:30:
c6:dc:91:a5:c4:d8:db:5f:da:24:7a:6f:0c:c9:47:64:9f:f6:
42:74:79:d3
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAXB9MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMzAzMTIxMTAxWhcNMjUwMzMxMTIxMTAxWjAYMRYw
FAYDVQQDEw02N2M1OWM1Yi1hNWQ0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAr6jucJaQhgtJHc+3phM87IBfaWr8NcF3OFuQFPX23ED7G2dglS6CehHm
hGAvB4ciGODfhMH15F7F9p8WvGJ0BDsnFSrS5y9DcfHYwHynf3F8uPWL1LdxwkQU
Ec6U+Vt0u1HFwTgkDImHL+0x+SJjwqlzCuJe5QWH+dhRXH8vP8IHHnKof1LnAT/4
B++0V+FITuA7t9cKqbfUPPAQi6Cx/p/nsw7/eZtN7AXExCVz7KrZENR2BOuStaJ3
NxkZcZEC01aNEwAkmyQsvie56N1bCSCOJUcYZu0dZr1x4WXm9p5wc8dVtq79np5n
lQ3v1eeMiUVmGr3+oRN0Oi5xn8BiIQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFMBg
otypS9rt5V331+t7X7N9af/8MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC85NTlFM0I0Q0Y4MjgxMUVGQUQzMjM1ODY3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmtodMA0GCSqGSIb3DQEB
CwUAA4IBAQDAo7nzq1NB724vVb8TscWzbHJzCWDps6oDQt1EcQpIU2IQolbTXaWz
2NLTV0APb+t4f3yM9bHTUvbwaTx5ncZLTwfDsQvl7wKlWnQkPqmczP0vjUktPCRt
2j4x1b91UbITPrW8Q9YabRJj1eBzepliQDnS9KUOWc/+lPCpw07O4INjZwJEzKDO
257d6EfuMMwyPmMZU3fsiStusGgufXeQfeUoWo7LB6c3Kb2ymiG0mTCDBEoi8nIF
Sdo8/93Gy9AM7QHa8C3Y4P/V6VbkwP3DdRez4CorpOSqz4Onk6KpuiYQk6+MDNVo
6jDG3JGlxNjbX9okem8MyUdkn/ZCdHnT
-----END CERTIFICATE-----
Generated at Fri May 9 07:03:34 2025 by rpki-client