Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/9BC432ACDB2111EF8F559B5F762E951A.roa
File: 9BC432ACDB2111EF8F559B5F762E951A.roa (raw, json)
Hash identifier: O8EHsRhgklXApS4c9RZf+p/yfK0XFNzJxG6h+Q6iB64=
Subject key identifier: F1:73:44:2C:F3:70:A7:3D:3A:E1:36:11:3A:8B:99:83:17:65:3D:4D
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 014998
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/9BC432ACDB2111EF8F559B5F762E951A.roa
Signing time: Sat 25 Jan 2025 13:38:07 +0000
ROA not before: Sat 25 Jan 2025 13:38:03 +0000
ROA not after: Mon 03 Mar 2025 13:38:03 +0000
asID: 49505
IP address blocks: 154.209.210.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 84376 (0x14998)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Jan 25 13:38:03 2025 GMT
Not After : Mar 3 13:38:03 2025 GMT
Subject: CN=6794e93e-4a54
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:75:56:1e:4e:ff:8a:0b:2a:4e:1b:1a:d3:cd:
5e:e0:0b:fa:a2:37:3a:a6:18:f8:9a:7a:49:78:6d:
57:8b:60:80:a2:2e:83:6a:b8:db:c9:74:17:e9:00:
60:02:7a:44:8a:e6:a1:b6:be:dc:ef:0c:62:04:91:
7c:a7:59:b5:02:54:b7:96:ad:f1:e1:3e:21:3c:0a:
bc:6b:fa:fc:f8:42:e3:da:d2:ec:96:21:b2:4c:3c:
2f:52:38:70:e6:0d:49:a5:fa:b5:c4:dc:32:57:56:
10:96:8b:0c:87:4a:f6:74:a3:c0:26:a1:0a:87:44:
6b:52:49:3a:40:df:b0:d3:bc:ab:cc:f3:b0:35:a7:
c3:93:b9:4d:29:2d:7f:b2:76:25:2d:67:9a:86:16:
f2:2d:ed:2e:cc:16:ee:e5:c4:b3:49:f6:33:c3:1e:
53:1f:9c:59:39:f3:af:af:e6:c2:20:c4:a4:f9:b8:
c5:36:cc:98:ba:64:71:b9:4f:cb:02:73:3c:30:e7:
7e:26:e4:f6:c3:08:2f:65:e4:17:fa:8f:25:6e:e7:
0f:1e:3f:35:b2:2f:30:71:85:1b:d1:49:32:f2:19:
66:d1:f4:d4:f9:fb:a8:4b:90:06:32:80:66:4f:91:
8f:df:d0:b1:7e:79:d6:93:8b:cd:8f:f7:b1:43:62:
6a:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:73:44:2C:F3:70:A7:3D:3A:E1:36:11:3A:8B:99:83:17:65:3D:4D
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/9BC432ACDB2111EF8F559B5F762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.209.210.0/24
Signature Algorithm: sha256WithRSAEncryption
2d:75:0e:0e:f2:d4:ee:3a:e5:af:4e:53:ff:bc:34:67:14:2a:
7f:23:41:61:da:9d:79:be:f9:2c:2e:3e:9f:68:23:df:55:33:
f4:31:e1:de:16:4a:0e:b4:7a:37:dd:9c:71:33:11:bc:db:e8:
62:e6:40:39:26:37:8d:9c:31:26:97:2f:0b:f8:98:7b:48:99:
8b:d0:82:ca:f4:39:4a:fb:06:93:21:9b:4b:41:56:57:db:4d:
97:8a:b3:de:b3:02:da:dd:47:db:ae:3d:25:5e:51:02:0f:87:
9e:53:07:70:d1:8c:e6:86:68:22:2e:71:3c:a1:e9:93:7d:9c:
0c:1d:ac:92:7d:6b:16:e8:97:89:2d:09:0d:78:71:4a:1a:e4:
a4:74:44:b1:f7:f6:af:96:42:32:b7:b7:ac:12:09:86:9e:07:
ee:2c:7c:64:2e:8a:54:c7:c7:78:22:56:83:6b:20:01:c4:57:
cd:10:35:7b:61:0d:5d:48:52:f2:f2:ba:95:79:53:cc:cf:3e:
88:07:f7:d9:91:17:02:4d:3a:18:34:51:cd:4e:f1:2a:7b:8a:
3d:08:b4:5d:4d:d0:8b:8a:4a:45:64:d5:59:16:33:fd:d8:b9:
d0:20:ea:4e:78:0d:ad:e4:c9:e0:25:3e:35:b2:e6:a4:61:b5:
f1:aa:01:ab
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAUmYMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTI1MTMzODAzWhcNMjUwMzAzMTMzODAzWjAYMRYw
FAYDVQQDEw02Nzk0ZTkzZS00YTU0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAsHVWHk7/igsqThsa081e4Av6ojc6phj4mnpJeG1Xi2CAoi6DarjbyXQX
6QBgAnpEiuahtr7c7wxiBJF8p1m1AlS3lq3x4T4hPAq8a/r8+ELj2tLsliGyTDwv
Ujhw5g1Jpfq1xNwyV1YQlosMh0r2dKPAJqEKh0RrUkk6QN+w07yrzPOwNafDk7lN
KS1/snYlLWeahhbyLe0uzBbu5cSzSfYzwx5TH5xZOfOvr+bCIMSk+bjFNsyYumRx
uU/LAnM8MOd+JuT2wwgvZeQX+o8lbucPHj81si8wcYUb0Uky8hlm0fTU+fuoS5AG
MoBmT5GP39CxfnnWk4vNj/exQ2Jq8wIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFPFz
RCzzcKc9OuE2ETqLmYMXZT1NMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC85QkM0MzJBQ0RCMjExMUVGOEY1NTlCNUY3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmtHSMA0GCSqGSIb3DQEB
CwUAA4IBAQAtdQ4O8tTuOuWvTlP/vDRnFCp/I0Fh2p15vvksLj6faCPfVTP0MeHe
FkoOtHo33ZxxMxG82+hi5kA5JjeNnDEmly8L+Jh7SJmL0ILK9DlK+waTIZtLQVZX
202XirPeswLa3Ufbrj0lXlECD4eeUwdw0YzmhmgiLnE8oemTfZwMHaySfWsW6JeJ
LQkNeHFKGuSkdESx9/avlkIyt7esEgmGngfuLHxkLopUx8d4IlaDayABxFfNEDV7
YQ1dSFLy8rqVeVPMzz6IB/fZkRcCTToYNFHNTvEqe4o9CLRdTdCLikpFZNVZFjP9
2LnQIOpOeA2t5MngJT41suakYbXxqgGr
-----END CERTIFICATE-----
Generated at Thu Mar 13 17:55:14 2025 by rpki-client