Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/9A2F54C2F14611EF88CF217A762E951A.roa
File: 9A2F54C2F14611EF88CF217A762E951A.roa (raw, json)
Hash identifier: vgEMwVzVO5fail5dr/aH0HZhGAaRZEIn1C3ifM3AyTk=
Subject key identifier: 31:22:7C:BB:A0:03:82:27:6E:9E:BF:E0:67:A4:0F:A7:BF:52:0D:2A
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 015A24
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/9A2F54C2F14611EF88CF217A762E951A.roa
Signing time: Sat 22 Feb 2025 17:58:21 +0000
ROA not before: Sat 22 Feb 2025 17:58:17 +0000
ROA not after: Mon 24 Mar 2025 17:58:17 +0000
asID: 996
IP address blocks: 154.205.184.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 88612 (0x15a24)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Feb 22 17:58:17 2025 GMT
Not After : Mar 24 17:58:17 2025 GMT
Subject: CN=67ba103d-2a11
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:cd:d9:cd:92:c2:5a:31:7f:ad:4a:92:0b:f8:
0f:97:1a:c1:2d:b0:64:9a:bd:a8:a1:47:3b:16:57:
cc:a4:a0:10:b3:b7:0a:b4:83:78:27:13:3c:6d:3d:
d6:b5:4b:19:20:61:42:9b:f1:f5:8a:5d:88:14:c2:
77:8e:66:b9:60:06:e3:c1:45:e0:b3:b9:cd:43:eb:
0d:28:6c:0e:7d:e8:2b:b4:98:a3:2a:37:47:ac:15:
fd:5a:6a:55:36:80:8f:11:ae:ca:d0:a3:7c:3c:0f:
85:fb:b8:bc:66:7d:a1:19:ed:f9:11:87:c2:4d:e6:
e1:57:74:f6:63:7c:5e:d6:b0:dd:ec:b8:83:09:9d:
a0:90:4c:58:a9:41:55:c2:bd:50:dc:99:2a:0b:78:
4b:05:37:db:59:b9:78:dd:45:89:f0:ff:75:9a:2a:
d6:34:c5:e6:04:1f:97:ce:66:e8:41:b3:7f:46:ba:
33:35:e3:d4:12:2e:12:11:79:63:a0:52:8f:03:bb:
af:b7:d7:cf:56:78:94:57:5b:6c:aa:41:22:3a:53:
66:5e:22:31:77:ad:ce:81:b1:6c:28:3d:b0:7b:18:
ab:42:16:72:38:0b:ad:43:10:27:82:66:5a:af:3d:
44:72:c9:b0:99:3f:c4:a1:b4:0b:ee:35:a1:6c:0a:
8b:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:22:7C:BB:A0:03:82:27:6E:9E:BF:E0:67:A4:0F:A7:BF:52:0D:2A
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/9A2F54C2F14611EF88CF217A762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.205.184.0/23
Signature Algorithm: sha256WithRSAEncryption
82:5a:4f:86:2d:bb:9a:61:b1:85:ae:00:dc:e4:0d:1d:24:04:
43:3f:51:13:04:76:b7:96:bc:fe:29:29:87:75:af:2c:45:90:
82:cd:d4:a6:87:89:63:4d:4e:7c:d0:d7:19:3c:f8:6f:6d:c6:
fd:6b:ee:82:be:84:55:3c:b3:a2:53:4f:f5:0c:93:50:ab:ba:
6a:1d:73:ee:e7:13:17:2e:5a:7d:ec:73:6b:07:29:b3:69:49:
2a:c1:82:1c:42:43:bb:e0:9e:e7:3a:72:3e:01:c3:23:2d:23:
55:3a:49:b9:81:28:14:48:1e:33:ba:cd:93:6d:34:db:78:ad:
3e:5b:f9:9f:e9:f0:16:5b:a9:cc:21:3f:d0:62:16:7f:f3:6f:
a7:46:2d:de:ef:92:ab:08:2c:6f:62:4f:01:b4:79:3f:ed:25:
de:ed:56:45:cf:5b:ce:09:89:99:26:b7:8b:be:ef:43:69:9b:
8f:02:ea:98:17:5d:dd:d5:ae:34:25:3e:bc:d5:62:13:0f:bc:
04:56:14:03:75:b7:77:51:93:33:b3:ce:10:49:b9:86:3a:b7:
3b:ed:fc:e6:89:86:6d:91:1d:94:43:24:58:38:a6:48:af:8e:
e9:47:d0:06:49:e8:1d:fc:2d:e3:01:04:a1:fe:3b:82:fe:2e:
84:0b:f0:6f
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAVokMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMjIyMTc1ODE3WhcNMjUwMzI0MTc1ODE3WjAYMRYw
FAYDVQQDEw02N2JhMTAzZC0yYTExMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAos3ZzZLCWjF/rUqSC/gPlxrBLbBkmr2ooUc7FlfMpKAQs7cKtIN4JxM8
bT3WtUsZIGFCm/H1il2IFMJ3jma5YAbjwUXgs7nNQ+sNKGwOfegrtJijKjdHrBX9
WmpVNoCPEa7K0KN8PA+F+7i8Zn2hGe35EYfCTebhV3T2Y3xe1rDd7LiDCZ2gkExY
qUFVwr1Q3JkqC3hLBTfbWbl43UWJ8P91mirWNMXmBB+XzmboQbN/RrozNePUEi4S
EXljoFKPA7uvt9fPVniUV1tsqkEiOlNmXiIxd63OgbFsKD2wexirQhZyOAutQxAn
gmZarz1EcsmwmT/EobQL7jWhbAqLVwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFDEi
fLugA4Inbp6/4GekD6e/Ug0qMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC85QTJGNTRDMkYxNDYxMUVGODhDRjIxN0E3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBms24MA0GCSqGSIb3DQEB
CwUAA4IBAQCCWk+GLbuaYbGFrgDc5A0dJARDP1ETBHa3lrz+KSmHda8sRZCCzdSm
h4ljTU580NcZPPhvbcb9a+6CvoRVPLOiU0/1DJNQq7pqHXPu5xMXLlp97HNrBymz
aUkqwYIcQkO74J7nOnI+AcMjLSNVOkm5gSgUSB4zus2TbTTbeK0+W/mf6fAWW6nM
IT/QYhZ/82+nRi3e75KrCCxvYk8BtHk/7SXe7VZFz1vOCYmZJreLvu9DaZuPAuqY
F13d1a40JT681WITD7wEVhQDdbd3UZMzs84QSbmGOrc77fzmiYZtkR2UQyRYOKZI
r47pR9AGSegd/C3jAQSh/juC/i6EC/Bv
-----END CERTIFICATE-----
Generated at Fri May 9 13:23:16 2025 by rpki-client