Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/AC903EC0F6B811EFB7AB9E46762E951A.roa
File: AC903EC0F6B811EFB7AB9E46762E951A.roa (raw, json)
Hash identifier: tJYu80csM0kVyUcZk1Qizw2x+0n3tTgNOwnzPqLV0tk=
Subject key identifier: AC:A1:E7:F9:26:7B:24:45:81:1C:D2:D7:42:54:4C:25:C1:B7:CC:F5
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 016EDB
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/AC903EC0F6B811EFB7AB9E46762E951A.roa
Signing time: Sat 01 Mar 2025 16:17:30 +0000
ROA not before: Sat 01 Mar 2025 16:17:26 +0000
ROA not after: Mon 31 Mar 2025 16:17:26 +0000
asID: 202656
IP address blocks: 154.219.219.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 93915 (0x16edb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Mar 1 16:17:26 2025 GMT
Not After : Mar 31 16:17:26 2025 GMT
Subject: CN=67c3331a-fcdf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:09:42:a1:9d:48:22:19:ae:83:a0:e3:c2:3e:
16:46:79:67:3e:53:e4:ff:bc:71:70:0f:40:98:c0:
5c:f8:c9:65:8a:12:08:25:48:48:c3:6a:ff:29:28:
67:2f:54:24:6c:2f:d7:c1:2d:ce:2d:44:06:6c:02:
76:ab:8e:14:36:52:4e:b8:9d:7d:78:7d:cf:9a:dc:
02:c8:79:9d:f5:76:48:cf:ab:96:93:ae:f4:f6:2d:
07:21:a4:b5:f4:43:82:d3:60:57:33:9d:d5:f6:11:
51:65:b3:a5:57:b5:30:21:80:84:88:45:53:f3:68:
ab:e6:18:4e:7b:e9:4a:2b:ec:37:00:52:06:b9:3e:
f8:39:d6:7c:6f:e0:4c:3d:98:e7:ad:5f:26:84:78:
9f:7f:77:7c:74:19:65:72:09:7a:ed:cc:04:e6:7e:
38:c1:c0:b7:43:ea:e2:95:4e:0e:f7:d9:7a:93:12:
d5:f9:2b:1c:86:1c:8e:cf:a6:8a:3c:f9:14:26:10:
88:aa:02:43:74:61:38:1b:17:dd:92:ae:fb:99:03:
44:fc:8d:e3:f2:de:cc:44:8d:91:c6:fb:97:2b:f8:
b4:de:55:b8:fc:6d:64:07:29:89:5b:08:ca:8a:a0:
1d:f9:85:73:28:b1:b5:8f:b5:da:15:ee:c7:c5:3a:
fd:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:A1:E7:F9:26:7B:24:45:81:1C:D2:D7:42:54:4C:25:C1:B7:CC:F5
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/AC903EC0F6B811EFB7AB9E46762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.219.219.0/24
Signature Algorithm: sha256WithRSAEncryption
81:17:db:df:ed:11:61:c8:cf:22:c7:08:c9:84:b9:6d:66:87:
07:63:4c:84:bb:38:db:24:b5:c5:67:bd:8d:4e:40:b4:86:19:
a4:56:f0:5f:82:63:38:a4:9d:83:93:35:34:e1:57:40:d5:10:
93:35:ab:42:23:57:b0:e8:91:f2:dc:1f:10:79:30:43:ae:48:
f0:f5:b2:8b:bc:27:62:05:61:32:42:d6:5f:b9:f0:37:83:24:
d7:0e:5f:24:22:c9:a3:9a:43:09:b4:89:35:dd:cc:7b:a6:26:
d6:ab:5c:54:0a:23:cd:c8:3f:1d:bc:25:cd:11:71:3b:e2:e7:
ed:6c:0e:fd:21:f9:02:4f:9a:8f:e8:ef:35:09:e0:d3:2a:6a:
8b:ef:d5:ee:30:da:b0:e1:da:4f:e7:5f:d3:fc:9c:a1:11:53:
c6:0e:83:5c:59:72:5f:44:e9:ec:18:a5:c5:62:be:02:6e:36:
5e:2c:b2:0f:54:fe:9a:8a:7d:38:3b:f7:bd:9c:9a:4c:8b:12:
9d:70:e0:d9:67:5e:29:d1:d7:fb:56:1f:ff:f8:e1:d5:e0:42:
86:50:3b:50:e7:5c:d1:43:6c:0f:84:02:cf:58:a2:f7:a0:6a:
a3:a2:cd:bc:dc:fe:2a:f6:17:76:f6:6d:fd:49:17:b8:8a:be:
b1:bf:84:ca
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAW7bMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMzAxMTYxNzI2WhcNMjUwMzMxMTYxNzI2WjAYMRYw
FAYDVQQDEw02N2MzMzMxYS1mY2RmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAvwlCoZ1IIhmug6Djwj4WRnlnPlPk/7xxcA9AmMBc+MllihIIJUhIw2r/
KShnL1QkbC/XwS3OLUQGbAJ2q44UNlJOuJ19eH3PmtwCyHmd9XZIz6uWk6709i0H
IaS19EOC02BXM53V9hFRZbOlV7UwIYCEiEVT82ir5hhOe+lKK+w3AFIGuT74OdZ8
b+BMPZjnrV8mhHiff3d8dBllcgl67cwE5n44wcC3Q+rilU4O99l6kxLV+SschhyO
z6aKPPkUJhCIqgJDdGE4Gxfdkq77mQNE/I3j8t7MRI2RxvuXK/i03lW4/G1kBymJ
WwjKiqAd+YVzKLG1j7XaFe7HxTr9xwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFKyh
5/kmeyRFgRzS10JUTCXBt8z1MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9BQzkwM0VDMEY2QjgxMUVGQjdBQjlFNDY3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmtvbMA0GCSqGSIb3DQEB
CwUAA4IBAQCBF9vf7RFhyM8ixwjJhLltZocHY0yEuzjbJLXFZ72NTkC0hhmkVvBf
gmM4pJ2DkzU04VdA1RCTNatCI1ew6JHy3B8QeTBDrkjw9bKLvCdiBWEyQtZfufA3
gyTXDl8kIsmjmkMJtIk13cx7pibWq1xUCiPNyD8dvCXNEXE74uftbA79IfkCT5qP
6O81CeDTKmqL79XuMNqw4dpP51/T/JyhEVPGDoNcWXJfROnsGKXFYr4CbjZeLLIP
VP6ain04O/e9nJpMixKdcODZZ14p0df7Vh//+OHV4EKGUDtQ51zRQ2wPhALPWKL3
oGqjos283P4q9hd29m39SRe4ir6xv4TK
-----END CERTIFICATE-----
Generated at Fri May 9 06:31:47 2025 by rpki-client