Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/AAA21B7CFD9A11EFBCF81654762E951A.roa
File: AAA21B7CFD9A11EFBCF81654762E951A.roa (raw, json)
Hash identifier: CQ9RtaSvHNT7tcjt2tjNSm3cPXKs0xq2W/eLbd8L7Ew=
Subject key identifier: 9E:39:06:5B:FC:84:1F:30:58:B8:55:69:E1:15:07:CC:5A:05:5A:C6
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 017341
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/AAA21B7CFD9A11EFBCF81654762E951A.roa
Signing time: Mon 10 Mar 2025 10:30:20 +0000
ROA not before: Mon 10 Mar 2025 10:30:16 +0000
ROA not after: Sat 29 Mar 2025 10:30:16 +0000
asID: 9304
IP address blocks: 154.206.47.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 95041 (0x17341)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Mar 10 10:30:16 2025 GMT
Not After : Mar 29 10:30:16 2025 GMT
Subject: CN=67cebf3c-4333
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:58:9f:cd:16:53:03:57:eb:b4:4f:4a:08:cb:
86:52:f1:19:4f:7c:dd:c1:78:6e:b6:94:58:e7:e7:
4d:1f:12:02:83:46:5b:ad:ac:dc:c6:f2:d4:7f:e9:
b6:1a:67:68:31:e5:03:e7:f1:36:3d:92:49:e3:54:
d7:40:7a:e4:47:be:51:9c:48:37:75:f8:ea:cb:cf:
af:96:1a:c4:1f:02:8a:10:12:7a:7a:d7:2e:65:50:
77:20:e9:33:7e:f5:20:bb:5a:99:31:9a:87:48:7b:
cf:f0:8d:3a:87:ba:57:ad:d2:f8:ca:d0:22:de:29:
3b:4c:aa:5d:1c:a4:bc:6f:22:68:15:31:ae:4d:9f:
f7:46:4c:00:62:1d:8c:10:e3:19:0e:9e:dc:97:e7:
6c:5b:72:73:4e:88:e1:78:c0:d9:98:79:a9:01:6e:
1a:ee:0e:78:cf:05:11:3c:ba:e1:fb:00:47:8d:27:
07:01:9d:5b:12:7e:2e:70:f0:2b:7e:6a:1d:6d:7e:
02:cc:63:a4:2c:74:91:ea:9c:e8:39:15:6b:27:d3:
dc:78:42:a8:e4:57:27:06:8c:2c:f7:d2:f8:31:25:
b0:20:9e:ab:1b:92:b3:16:05:c9:5c:88:26:2a:4b:
ba:f5:29:0f:51:cb:1c:4a:7f:90:34:e9:aa:39:5e:
71:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:39:06:5B:FC:84:1F:30:58:B8:55:69:E1:15:07:CC:5A:05:5A:C6
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/AAA21B7CFD9A11EFBCF81654762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.206.47.0/24
Signature Algorithm: sha256WithRSAEncryption
79:61:63:42:95:50:b5:1f:b1:dd:e6:56:55:87:39:48:38:88:
a9:f9:a1:68:56:5b:98:f9:6f:09:d8:ac:67:f1:e2:ca:77:9d:
da:b5:b6:b8:c4:71:1b:cf:bf:31:07:fd:cc:a0:72:29:83:ba:
f7:82:85:f0:68:0a:da:70:d5:c6:9a:e3:89:74:e1:98:d6:d9:
3f:f2:99:df:42:07:1c:fe:44:87:2c:1c:9e:de:c1:8b:9a:bf:
e2:49:84:ce:b4:91:5f:e5:0e:5c:02:e6:1d:7e:f6:61:68:26:
b0:65:6d:42:b0:50:9b:e3:e9:2d:d3:b1:2e:bd:37:53:db:2d:
ca:ea:ec:4e:93:ff:75:eb:02:af:6e:6a:cf:47:39:af:04:ba:
7e:d6:d1:20:a9:eb:8b:8a:0b:20:ce:2c:5a:93:6f:5f:1e:2a:
14:90:c2:bb:f5:ab:ab:21:09:af:db:f1:11:d1:f0:d7:03:d1:
e7:3d:96:55:6b:0c:3b:5a:91:9e:ee:bc:23:5c:9e:6b:44:8f:
76:1e:87:f0:5c:20:ff:e1:f4:32:b0:6b:b7:b0:8c:44:cf:17:
0e:76:31:a7:13:cf:ab:0e:56:65:e2:86:f7:7e:6c:58:4f:d9:
89:fe:6f:7d:6a:65:32:5c:3d:49:1d:24:af:09:66:0c:26:e1:
0e:ae:07:0e
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAXNBMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMzEwMTAzMDE2WhcNMjUwMzI5MTAzMDE2WjAYMRYw
FAYDVQQDEw02N2NlYmYzYy00MzMzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAplifzRZTA1frtE9KCMuGUvEZT3zdwXhutpRY5+dNHxICg0ZbrazcxvLU
f+m2GmdoMeUD5/E2PZJJ41TXQHrkR75RnEg3dfjqy8+vlhrEHwKKEBJ6etcuZVB3
IOkzfvUgu1qZMZqHSHvP8I06h7pXrdL4ytAi3ik7TKpdHKS8byJoFTGuTZ/3RkwA
Yh2MEOMZDp7cl+dsW3JzTojheMDZmHmpAW4a7g54zwURPLrh+wBHjScHAZ1bEn4u
cPArfmodbX4CzGOkLHSR6pzoORVrJ9PceEKo5FcnBows99L4MSWwIJ6rG5KzFgXJ
XIgmKku69SkPUcscSn+QNOmqOV5xXQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFJ45
Blv8hB8wWLhVaeEVB8xaBVrGMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9BQUEyMUI3Q0ZEOUExMUVGQkNGODE2NTQ3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAms4vMA0GCSqGSIb3DQEB
CwUAA4IBAQB5YWNClVC1H7Hd5lZVhzlIOIip+aFoVluY+W8J2Kxn8eLKd53atba4
xHEbz78xB/3MoHIpg7r3goXwaAracNXGmuOJdOGY1tk/8pnfQgcc/kSHLBye3sGL
mr/iSYTOtJFf5Q5cAuYdfvZhaCawZW1CsFCb4+kt07EuvTdT2y3K6uxOk/916wKv
bmrPRzmvBLp+1tEgqeuLigsgzixak29fHioUkMK79aurIQmv2/ER0fDXA9HnPZZV
aww7WpGe7rwjXJ5rRI92HofwXCD/4fQysGu3sIxEzxcOdjGnE8+rDlZl4ob3fmxY
T9mJ/m99amUyXD1JHSSvCWYMJuEOrgcO
-----END CERTIFICATE-----
Generated at Fri May 9 11:10:00 2025 by rpki-client