Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/AA4A3DE63BD711F0A5C26BF0DAE4EC9C.roa
File: AA4A3DE63BD711F0A5C26BF0DAE4EC9C.roa (raw, json)
Hash identifier: a9sZaU4UYFu74qVIxvz8I1IJ/RwCkj14T1fdzl0Nto4=
Subject key identifier: B8:61:66:D1:AD:E4:79:11:3F:3F:AB:89:E1:0C:A9:24:AD:0C:31:FE
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01838A
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/AA4A3DE63BD711F0A5C26BF0DAE4EC9C.roa
Signing time: Wed 28 May 2025 15:23:11 +0000
ROA not before: Wed 28 May 2025 15:23:06 +0000
ROA not after: Sat 07 Jun 2025 15:23:06 +0000
asID: 139646
IP address blocks: 154.214.32.0/19 maxlen: 24
154.216.128.0/18 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 99210 (0x1838a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: May 28 15:23:06 2025 GMT
Not After : Jun 7 15:23:06 2025 GMT
Subject: CN=68372a5f-0498
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:75:94:d2:f6:6d:ce:92:9f:91:18:3f:1e:33:
f6:c7:e0:2d:25:32:6c:59:9f:d6:37:60:4c:a7:dc:
28:76:d2:27:e5:d2:dc:27:14:7a:04:89:96:95:0d:
be:77:fe:77:c5:17:ef:4e:3d:23:c1:ff:b4:4d:8a:
28:7d:03:24:cb:82:e6:79:4a:b6:c1:12:a1:f0:ff:
37:7a:9b:f0:13:95:ad:1e:62:36:8b:90:24:73:df:
dc:91:e6:d7:08:ea:c3:03:2e:ae:d9:9d:8e:5a:42:
0b:7d:b7:45:73:34:0d:8d:92:32:07:fb:a5:9a:9e:
cf:4f:72:45:66:2b:f5:f5:e0:86:fa:5d:0f:bf:a2:
b2:12:be:27:ff:fc:e0:83:5a:b8:c6:ec:68:dc:bf:
05:2e:f0:b7:f1:d3:f7:b9:f5:29:7d:e8:30:f7:af:
dc:0f:d0:52:65:c6:fd:28:91:9a:1f:e1:8b:d7:0f:
80:e9:c4:a9:99:dd:1e:e5:b9:f4:6e:01:f0:eb:79:
ca:a2:95:48:32:34:e2:b4:9f:77:22:09:88:77:0a:
aa:2b:cf:64:75:86:e0:e4:04:4e:40:1f:4b:fb:08:
62:e1:24:45:33:e6:3e:5e:0e:44:9e:b1:a7:1c:cb:
ca:05:09:d0:7d:49:95:00:00:51:6a:72:1c:34:23:
fc:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:61:66:D1:AD:E4:79:11:3F:3F:AB:89:E1:0C:A9:24:AD:0C:31:FE
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/AA4A3DE63BD711F0A5C26BF0DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.214.32.0/19
154.216.128.0/18
Signature Algorithm: sha256WithRSAEncryption
01:2d:c4:4d:7f:42:f2:79:e7:23:38:58:fe:85:f4:d5:e5:89:
cf:03:55:9a:17:5f:53:53:da:4e:ba:5d:99:5f:2f:af:b0:20:
25:8b:7e:b2:d2:23:32:46:9c:1e:0b:c8:9b:30:2a:1a:bb:cc:
7c:40:44:66:9f:0d:a4:91:1e:63:26:f9:19:8d:29:0f:99:de:
d5:c1:90:85:c2:9b:e2:8d:13:75:68:a5:23:eb:6b:c9:db:f9:
2f:0e:57:8f:c1:6c:37:68:6c:54:9d:c5:13:0a:f3:ef:1b:4b:
c3:97:d7:bb:b7:dd:4d:1b:6a:8b:2e:a4:48:b0:63:a0:a8:4f:
14:12:ca:82:c1:c1:11:89:bd:a8:e3:d3:7c:18:38:67:e2:ae:
1f:26:a0:fa:3c:98:c3:38:62:2c:6a:c2:d1:b5:02:b4:64:66:
26:43:94:6b:2b:fb:50:5a:44:4e:1a:60:5d:1a:62:2a:27:07:
2f:fa:bd:7b:4a:f9:9c:c2:ce:c3:66:8d:97:d6:62:c2:ea:ac:
64:8c:49:f2:f3:a7:8f:67:47:8b:a3:ea:52:f6:cf:e5:8e:a7:
9e:06:94:03:e5:82:b5:35:93:d7:84:8b:56:19:47:78:d4:8f:
32:78:9a:c2:dd:80:d5:e7:61:c9:c0:18:1c:f3:6a:68:6e:b9:
7e:06:cd:9d
-----BEGIN CERTIFICATE-----
MIIFijCCBHKgAwIBAgIDAYOKMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNTI4MTUyMzA2WhcNMjUwNjA3MTUyMzA2WjAYMRYw
FAYDVQQDEw02ODM3MmE1Zi0wNDk4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAq3WU0vZtzpKfkRg/HjP2x+AtJTJsWZ/WN2BMp9wodtIn5dLcJxR6BImW
lQ2+d/53xRfvTj0jwf+0TYoofQMky4LmeUq2wRKh8P83epvwE5WtHmI2i5Akc9/c
kebXCOrDAy6u2Z2OWkILfbdFczQNjZIyB/ulmp7PT3JFZiv19eCG+l0Pv6KyEr4n
//zgg1q4xuxo3L8FLvC38dP3ufUpfegw96/cD9BSZcb9KJGaH+GL1w+A6cSpmd0e
5bn0bgHw63nKopVIMjTitJ93IgmIdwqqK89kdYbg5AROQB9L+whi4SRFM+Y+Xg5E
nrGnHMvKBQnQfUmVAABRanIcNCP85QIDAQABo4ICqzCCAqcwHQYDVR0OBBYEFLhh
ZtGt5HkRPz+rieEMqSStDDH+MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9BQTRBM0RFNjNCRDcxMUYwQTVDMjZCRjBEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQFmtYgAwQGmtiAMA0GCSqG
SIb3DQEBCwUAA4IBAQABLcRNf0LyeecjOFj+hfTV5YnPA1WaF19TU9pOul2ZXy+v
sCAli36y0iMyRpweC8ibMCoau8x8QERmnw2kkR5jJvkZjSkPmd7VwZCFwpvijRN1
aKUj62vJ2/kvDlePwWw3aGxUncUTCvPvG0vDl9e7t91NG2qLLqRIsGOgqE8UEsqC
wcERib2o49N8GDhn4q4fJqD6PJjDOGIsasLRtQK0ZGYmQ5RrK/tQWkROGmBdGmIq
Jwcv+r17Svmcws7DZo2X1mLC6qxkjEny86ePZ0eLo+pS9s/ljqeeBpQD5YK1NZPX
hItWGUd41I8yeJrC3YDV52HJwBgc82pobrl+Bs2d
-----END CERTIFICATE-----
Generated at Mon Jun 9 12:41:29 2025 by rpki-client