Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/ABD5FEEEF81F11EFB4CBD24C762E951A.roa
File: ABD5FEEEF81F11EFB4CBD24C762E951A.roa (raw, json)
Hash identifier: harbG7atXgkGewN//DcXWsEK/R6BwmQ5mAsT1gW6Fu4=
Subject key identifier: 4D:F8:5F:DF:BD:9C:F0:05:B0:A2:57:9D:E8:B6:85:8F:9E:0E:6E:EF
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 017057
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/ABD5FEEEF81F11EFB4CBD24C762E951A.roa
Signing time: Mon 03 Mar 2025 11:07:18 +0000
ROA not before: Mon 03 Mar 2025 11:07:14 +0000
ROA not after: Mon 31 Mar 2025 11:07:14 +0000
asID: 202656
IP address blocks: 154.219.4.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 94295 (0x17057)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Mar 3 11:07:14 2025 GMT
Not After : Mar 31 11:07:14 2025 GMT
Subject: CN=67c58d66-584f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:26:e7:b4:22:72:b8:d8:08:f1:c4:ed:6d:ac:
44:71:45:3f:3d:a1:94:1a:b1:54:2d:22:8e:3f:bf:
64:09:fa:23:81:25:83:cd:a0:70:0e:d5:5d:d7:0b:
78:45:4b:f6:ee:8a:e5:29:dc:df:42:d1:e5:a3:1b:
d7:41:5f:73:d8:95:0f:3c:3f:bb:67:04:59:40:48:
46:81:0d:ae:06:c3:6a:e6:15:cf:01:18:50:c8:a3:
26:32:89:0e:cd:83:08:0d:62:33:ec:7c:a6:ee:bd:
ea:ec:a4:d2:f5:f8:1b:c5:02:c6:2d:89:d0:f2:c5:
5d:90:4d:5c:c1:41:cd:63:04:87:7d:da:7e:6a:89:
27:3c:98:25:17:75:dd:c6:ac:76:79:96:0a:a1:a0:
53:3c:54:7b:63:c8:da:6e:0c:f5:13:b2:b8:a9:09:
fc:9c:71:0b:71:ef:05:f5:4d:17:55:5f:5e:48:7f:
12:aa:6d:88:4d:f6:37:07:88:4f:2c:48:0d:88:c2:
76:25:b5:c1:1c:76:41:7b:ec:8d:9f:3b:26:d0:2c:
bc:9a:27:4a:42:44:27:05:ac:35:86:77:7d:98:75:
ee:ad:1d:f9:9f:a5:76:f7:c9:f6:d9:16:13:f5:58:
27:d1:21:61:09:be:62:06:80:ee:c9:72:68:ab:e9:
9a:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:F8:5F:DF:BD:9C:F0:05:B0:A2:57:9D:E8:B6:85:8F:9E:0E:6E:EF
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/ABD5FEEEF81F11EFB4CBD24C762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.219.4.0/24
Signature Algorithm: sha256WithRSAEncryption
1f:a4:71:19:ff:5f:3e:d0:95:e6:22:e0:8e:6a:6a:5d:a0:1b:
3b:b8:93:44:e5:69:bf:2d:2c:9a:10:1e:55:24:9d:ce:54:81:
12:ff:f6:6f:e2:42:cf:7e:58:2c:d9:49:ef:f3:4a:b8:ff:1a:
59:20:25:d2:65:f4:ee:fd:b0:1a:9a:8d:93:59:e2:b4:12:02:
87:0b:1b:03:03:5b:f2:d8:7f:76:73:96:23:42:26:3e:e4:50:
6b:16:43:97:45:87:f8:4f:a9:ef:d4:cf:52:b3:02:fa:25:dd:
cb:7f:59:6e:31:6c:30:e8:ba:b4:38:96:ee:fe:65:78:9b:6c:
5d:97:43:23:2b:22:a2:32:3d:81:15:e6:64:56:c6:86:a9:f0:
10:8a:6b:9e:88:d9:85:76:f9:3c:86:35:80:16:3a:bc:12:c8:
74:07:84:19:fe:64:a3:57:fc:60:76:3f:ef:5c:a3:60:a1:d8:
47:19:d4:b4:23:cf:46:ec:f1:04:70:17:b3:ab:ae:5a:c4:31:
00:31:b7:42:2e:06:02:15:dc:31:bf:14:0f:c6:d4:a5:a5:c7:
c4:00:c9:94:44:a0:94:ab:d3:3e:f2:5d:a0:e9:22:a2:99:dd:
46:09:e6:c0:5c:6e:eb:2e:9f:1f:d5:4e:39:9e:8a:3e:1a:9f:
85:25:a9:19
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAXBXMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMzAzMTEwNzE0WhcNMjUwMzMxMTEwNzE0WjAYMRYw
FAYDVQQDEw02N2M1OGQ2Ni01ODRmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAvibntCJyuNgI8cTtbaxEcUU/PaGUGrFULSKOP79kCfojgSWDzaBwDtVd
1wt4RUv27orlKdzfQtHloxvXQV9z2JUPPD+7ZwRZQEhGgQ2uBsNq5hXPARhQyKMm
MokOzYMIDWIz7Hym7r3q7KTS9fgbxQLGLYnQ8sVdkE1cwUHNYwSHfdp+aoknPJgl
F3Xdxqx2eZYKoaBTPFR7Y8jabgz1E7K4qQn8nHELce8F9U0XVV9eSH8Sqm2ITfY3
B4hPLEgNiMJ2JbXBHHZBe+yNnzsm0Cy8midKQkQnBaw1hnd9mHXurR35n6V298n2
2RYT9Vgn0SFhCb5iBoDuyXJoq+ma4QIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFE34
X9+9nPAFsKJXnei2hY+eDm7vMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9BQkQ1RkVFRUY4MUYxMUVGQjRDQkQyNEM3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmtsEMA0GCSqGSIb3DQEB
CwUAA4IBAQAfpHEZ/18+0JXmIuCOampdoBs7uJNE5Wm/LSyaEB5VJJ3OVIES//Zv
4kLPflgs2Unv80q4/xpZICXSZfTu/bAamo2TWeK0EgKHCxsDA1vy2H92c5YjQiY+
5FBrFkOXRYf4T6nv1M9SswL6Jd3Lf1luMWww6Lq0OJbu/mV4m2xdl0MjKyKiMj2B
FeZkVsaGqfAQimueiNmFdvk8hjWAFjq8Esh0B4QZ/mSjV/xgdj/vXKNgodhHGdS0
I89G7PEEcBezq65axDEAMbdCLgYCFdwxvxQPxtSlpcfEAMmURKCUq9M+8l2g6SKi
md1GCebAXG7rLp8f1U45noo+Gp+FJakZ
-----END CERTIFICATE-----
Generated at Fri May 9 17:23:02 2025 by rpki-client