Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/A3998FC2DA6311EF926E675A762E951A.roa
File: A3998FC2DA6311EF926E675A762E951A.roa (raw, json)
Hash identifier: M2pkcXTlPB3S+Lj5TP15Wd4eJL+oTdq6KOsMze/p2zM=
Subject key identifier: FD:A5:D7:ED:E1:D9:3C:DA:EE:80:20:4E:2A:E3:5A:B2:09:E3:1F:14
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 014884
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/A3998FC2DA6311EF926E675A762E951A.roa
Signing time: Fri 24 Jan 2025 14:58:15 +0000
ROA not before: Fri 24 Jan 2025 14:58:12 +0000
ROA not after: Wed 05 Mar 2025 14:58:12 +0000
asID: 49505
IP address blocks: 154.209.216.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 84100 (0x14884)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Jan 24 14:58:12 2025 GMT
Not After : Mar 5 14:58:12 2025 GMT
Subject: CN=6793aa87-ca3e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:0d:7f:f7:08:5c:7d:59:fb:9d:0a:31:09:95:
6c:9a:57:b4:de:0a:75:61:f3:dc:03:f8:68:2a:7f:
83:34:79:3d:ca:31:9f:33:c5:97:5b:35:37:7d:fa:
7e:07:fc:d6:8c:19:97:2b:bf:4b:d5:a7:0a:7b:66:
18:56:ce:1b:b9:82:89:3b:92:76:68:da:14:94:0b:
1b:1a:f1:de:16:11:63:48:f7:d8:4a:69:bd:1f:0f:
7b:00:b8:42:14:23:eb:7c:6b:38:dd:4c:e7:6e:54:
d6:9a:a1:b7:d3:5c:6d:cd:b8:46:27:0f:e8:01:2e:
4d:0b:65:93:3a:39:fd:5b:69:e6:3b:f3:64:13:f0:
d3:ea:6a:d6:73:e7:61:c4:82:c8:9e:43:93:bb:28:
e5:b4:cc:10:bc:fb:53:ac:ea:8d:92:8b:12:e2:12:
3d:95:02:32:96:d3:df:4b:27:f2:1b:63:3e:3e:e2:
e4:3e:c7:22:c1:ce:44:76:d0:ee:fc:c3:13:53:d8:
0d:d4:26:f4:65:cd:d0:67:e7:d8:49:86:93:92:50:
5a:dc:5b:6a:e7:b8:b9:fb:b8:62:42:37:e3:b7:ab:
96:06:10:56:75:1b:d2:31:dc:e4:56:4b:92:93:e3:
d9:9d:d6:9d:f1:28:60:9b:1e:68:9d:4d:e2:b2:b8:
34:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:A5:D7:ED:E1:D9:3C:DA:EE:80:20:4E:2A:E3:5A:B2:09:E3:1F:14
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/A3998FC2DA6311EF926E675A762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.209.216.0/24
Signature Algorithm: sha256WithRSAEncryption
ac:9a:f5:b1:af:a2:50:a5:32:b1:25:3a:1b:d2:ec:50:62:47:
1c:80:69:69:bb:aa:88:98:60:a3:fe:8d:30:17:c1:fc:22:19:
35:c1:59:47:94:23:fa:2e:35:0d:73:e5:95:e4:ae:f7:23:8c:
18:96:10:22:8a:31:2c:c3:86:fa:81:d8:b6:06:66:3d:0c:53:
e3:49:a0:f3:68:d0:39:51:94:80:7a:b8:e4:0b:08:66:5a:02:
3b:e0:1a:3f:36:51:70:9a:ec:76:4d:2c:64:cb:70:7b:b5:3a:
91:04:3c:da:bc:8f:8f:5e:89:a3:17:33:ea:ab:6f:c5:2b:0f:
d2:bc:a4:62:68:68:db:9f:ae:a2:c7:7e:49:42:a9:64:ce:af:
30:77:57:9d:66:dc:3e:63:61:1a:b2:64:0a:d1:4c:c4:1b:ad:
30:cb:35:db:18:3e:63:0e:a7:c5:8a:22:ec:72:3f:b1:f7:9d:
f2:85:5c:63:2a:f3:67:27:43:ec:4f:9e:aa:82:b4:f5:4f:17:
5c:f4:a2:f8:5e:65:cb:6e:88:c7:cc:fe:0e:5d:e8:e4:54:d1:
a4:9d:55:9d:40:37:d3:65:56:93:73:bf:48:89:70:21:10:fe:
85:be:87:62:e9:40:28:65:62:ba:7a:fc:4f:bb:b6:9c:d7:c3:
b6:0a:5d:10
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAUiEMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTI0MTQ1ODEyWhcNMjUwMzA1MTQ1ODEyWjAYMRYw
FAYDVQQDEw02NzkzYWE4Ny1jYTNlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAsQ1/9whcfVn7nQoxCZVsmle03gp1YfPcA/hoKn+DNHk9yjGfM8WXWzU3
ffp+B/zWjBmXK79L1acKe2YYVs4buYKJO5J2aNoUlAsbGvHeFhFjSPfYSmm9Hw97
ALhCFCPrfGs43UznblTWmqG301xtzbhGJw/oAS5NC2WTOjn9W2nmO/NkE/DT6mrW
c+dhxILInkOTuyjltMwQvPtTrOqNkosS4hI9lQIyltPfSyfyG2M+PuLkPsciwc5E
dtDu/MMTU9gN1Cb0Zc3QZ+fYSYaTklBa3Ftq57i5+7hiQjfjt6uWBhBWdRvSMdzk
VkuSk+PZndad8Shgmx5onU3isrg0uwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFP2l
1+3h2Tza7oAgTirjWrIJ4x8UMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9BMzk5OEZDMkRBNjMxMUVGOTI2RTY3NUE3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmtHYMA0GCSqGSIb3DQEB
CwUAA4IBAQCsmvWxr6JQpTKxJTob0uxQYkccgGlpu6qImGCj/o0wF8H8Ihk1wVlH
lCP6LjUNc+WV5K73I4wYlhAiijEsw4b6gdi2BmY9DFPjSaDzaNA5UZSAerjkCwhm
WgI74Bo/NlFwmux2TSxky3B7tTqRBDzavI+PXomjFzPqq2/FKw/SvKRiaGjbn66i
x35JQqlkzq8wd1edZtw+Y2EasmQK0UzEG60wyzXbGD5jDqfFiiLscj+x953yhVxj
KvNnJ0PsT56qgrT1Txdc9KL4XmXLbojHzP4OXejkVNGknVWdQDfTZVaTc79IiXAh
EP6Fvodi6UAoZWK6evxPu7ac18O2Cl0Q
-----END CERTIFICATE-----
Generated at Thu Mar 13 17:55:11 2025 by rpki-client