Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/9FE823828CE111EE821DBD714AD9E6FC.roa
File: 9FE823828CE111EE821DBD714AD9E6FC.roa (raw, json)
Hash identifier: N+vo1diAdiJQdNVJaHjBa8XsWWYaK3WAQx19aLngZX8=
Subject key identifier: BF:8E:9B:50:D9:DE:10:C0:2C:04:A1:A9:B5:0A:AF:05:00:DD:73:28
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 554A
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/9FE823828CE111EE821DBD714AD9E6FC.roa
Signing time: Mon 27 Nov 2023 04:58:37 +0000
ROA not before: Mon 27 Nov 2023 04:58:34 +0000
ROA not after: Tue 26 Dec 2023 04:58:34 +0000
asID: 147176
IP address blocks: 154.212.139.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 21834 (0x554a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Nov 27 04:58:34 2023 GMT
Not After : Dec 26 04:58:34 2023 GMT
Subject: CN=656421fd-d4a4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:1f:42:34:31:e4:4c:bf:17:a5:d1:bb:ec:ea:
97:1f:fd:21:7a:bd:9f:e0:11:44:db:57:ed:36:4c:
53:ee:fa:03:64:c6:ae:3f:9d:19:26:fe:d5:11:ca:
78:e0:17:91:84:1d:7c:f6:2c:9e:03:01:50:9c:2d:
80:cf:1b:25:a7:8e:02:52:45:17:0a:6a:55:21:e6:
05:6b:e0:20:a2:1c:67:1c:f8:8e:76:f8:37:ce:d5:
89:0a:7e:0c:f4:d1:62:97:0c:fb:5b:66:36:89:be:
52:ca:bc:44:17:94:8b:1b:89:73:05:e5:bf:bb:f7:
c2:9b:c3:f7:71:e4:fc:92:ea:87:af:08:b1:3c:79:
78:0a:90:aa:d3:c6:fe:52:2c:6a:e5:25:e5:f2:4d:
24:9f:5f:7a:bb:b1:3c:3f:76:aa:4c:75:6a:da:26:
c2:52:b9:fd:01:c7:4a:2c:4e:e7:13:5c:f6:73:27:
85:79:4d:d1:81:c7:82:19:eb:3a:9f:06:77:dd:c1:
13:bf:ee:c4:32:e0:1f:27:af:d4:3b:61:6b:f1:19:
93:13:17:a5:a2:93:33:f4:7c:f6:61:72:03:1a:7c:
e2:5b:43:29:18:a3:c4:e7:d0:49:19:81:44:0a:cc:
b9:99:73:c8:dc:1e:26:08:6a:06:cc:b8:8b:80:8c:
33:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:8E:9B:50:D9:DE:10:C0:2C:04:A1:A9:B5:0A:AF:05:00:DD:73:28
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/9FE823828CE111EE821DBD714AD9E6FC.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.212.139.0/24
Signature Algorithm: sha256WithRSAEncryption
c4:5e:f1:5b:e4:54:0f:ef:f3:79:ca:80:66:c0:e4:51:d9:32:
8f:53:6f:eb:47:db:fd:b4:0f:30:1a:aa:19:98:13:9e:88:1d:
87:a2:28:90:7e:b8:15:a6:d0:11:8f:3f:eb:47:63:fc:97:73:
66:77:73:66:69:48:f1:b1:f0:c7:a0:d2:83:74:61:83:9e:e9:
e6:80:f0:72:56:0c:b2:07:cc:86:34:59:8f:bf:8a:67:7f:d9:
fe:1b:c9:0c:ef:62:99:12:77:8a:a7:16:14:f7:fe:e9:3d:73:
bd:c5:3f:d0:f0:37:cf:58:4d:36:8e:70:8d:70:bd:47:bb:9f:
d3:7e:2e:db:e2:87:e7:15:71:32:f3:62:fd:87:1e:92:a9:66:
3a:e9:bb:b9:54:e8:d8:24:54:53:71:96:fd:2d:57:e7:1a:52:
4d:fd:65:fc:ba:16:4e:05:4e:64:ff:94:9e:f6:eb:6f:3f:2d:
21:e8:a4:e1:10:8e:0f:98:70:11:0a:70:76:0c:ad:d6:b5:8a:
5b:21:93:1e:61:20:58:fd:e1:75:95:a4:45:99:6b:25:0c:9a:
87:c3:8a:0a:91:a0:bd:69:65:96:e4:be:ab:4f:cc:93:be:42:
92:6a:ab:ff:55:2e:e7:1d:c0:62:e5:d0:c4:37:68:e5:e8:9b:
c1:2a:51:1d
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICVUowDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
OEYyRDBBRjExMC8GA1UEBRMoMjVENjNFMDhFQUJFN0NGQTY3ODVENEMxRDZEMzQx
MTZERTE1QjNEQzAeFw0yMzExMjcwNDU4MzRaFw0yMzEyMjYwNDU4MzRaMBgxFjAU
BgNVBAMTDTY1NjQyMWZkLWQ0YTQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDNH0I0MeRMvxel0bvs6pcf/SF6vZ/gEUTbV+02TFPu+gNkxq4/nRkm/tUR
ynjgF5GEHXz2LJ4DAVCcLYDPGyWnjgJSRRcKalUh5gVr4CCiHGcc+I52+DfO1YkK
fgz00WKXDPtbZjaJvlLKvEQXlIsbiXMF5b+798Kbw/dx5PyS6oevCLE8eXgKkKrT
xv5SLGrlJeXyTSSfX3q7sTw/dqpMdWraJsJSuf0Bx0osTucTXPZzJ4V5TdGBx4IZ
6zqfBnfdwRO/7sQy4B8nr9Q7YWvxGZMTF6WikzP0fPZhcgMafOJbQykYo8Tn0EkZ
gUQKzLmZc8jcHiYIagbMuIuAjDOFAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUv46b
UNneEMAsBKGptQqvBQDdcygwHwYDVR0jBBgwFoAUJdY+COq+fPpnhdTB1tNBFt4V
s9wwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjhGMkQwLzdGNEE5OEVBNkUwNTExRTg5QzBENkU0QkY4QUVBMjI4L0pkWS1D
T3EtZlBwbmhkVEIxdE5CRnQ0VnM5dy5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0pkWS1DT3EtZlBwbmhkVEIxdE5CRnQ0VnM5dy5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjhGMkQwLzdGNEE5OEVBNkUwNTExRTg5QzBENkU0QkY4
QUVBMjI4LzlGRTgyMzgyOENFMTExRUU4MjFEQkQ3MTRBRDlFNkZDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACa1IswDQYJKoZIhvcNAQEL
BQADggEBAMRe8VvkVA/v83nKgGbA5FHZMo9Tb+tH2/20DzAaqhmYE56IHYeiKJB+
uBWm0BGPP+tHY/yXc2Z3c2ZpSPGx8Meg0oN0YYOe6eaA8HJWDLIHzIY0WY+/imd/
2f4byQzvYpkSd4qnFhT3/uk9c73FP9DwN89YTTaOcI1wvUe7n9N+Ltvih+cVcTLz
Yv2HHpKpZjrpu7lU6NgkVFNxlv0tV+caUk39Zfy6Fk4FTmT/lJ72628/LSHopOEQ
jg+YcBEKcHYMrda1ilshkx5hIFj94XWVpEWZayUMmofDigqRoL1pZZbkvqtPzJO+
QpJqq/9VLucdwGLl0MQ3aOXom8EqUR0=
-----END CERTIFICATE-----
Generated at Sun May 11 17:59:53 2025 by rpki-client