Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/B20FFE42F16A11EFBBA57C53762E951A.roa
File: B20FFE42F16A11EFBBA57C53762E951A.roa (raw, json)
Hash identifier: ztYhPG2jYPWvayoJtcABbvbl4598WXVsUcrx61n1n1A=
Subject key identifier: 09:00:B7:0E:B6:7F:9C:CF:68:12:1A:77:E7:AD:B4:5C:28:E9:88:D9
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 015AA7
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/B20FFE42F16A11EFBBA57C53762E951A.roa
Signing time: Sat 22 Feb 2025 22:16:43 +0000
ROA not before: Sat 22 Feb 2025 22:16:39 +0000
ROA not after: Thu 27 Mar 2025 22:16:39 +0000
asID: 18779
IP address blocks: 154.206.20.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 88743 (0x15aa7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Feb 22 22:16:39 2025 GMT
Not After : Mar 27 22:16:39 2025 GMT
Subject: CN=67ba4ccb-620e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:90:bb:39:f7:5f:ce:5a:e4:81:1b:df:17:2c:
51:a3:67:c6:33:90:0e:df:90:71:fb:b1:cb:43:80:
7d:c6:70:29:e0:35:0d:bb:39:d2:7b:53:dd:5f:ca:
6e:31:1a:96:4f:00:f7:5f:70:b9:06:d9:8b:86:33:
eb:74:a8:cb:56:bb:d3:1f:55:72:62:52:43:f8:1a:
bc:c2:a1:93:e9:cb:13:3c:84:48:8c:07:d5:6b:e7:
64:0c:a1:97:9f:25:15:15:d4:52:16:e5:bb:31:ff:
b5:e0:8c:2f:7d:8d:50:83:e6:ff:c9:06:97:4e:ba:
71:73:98:52:55:3f:85:fe:2f:20:e7:c2:5e:27:d0:
b9:80:38:62:62:a1:92:19:f8:f0:2c:07:51:ee:d4:
46:13:ab:82:b3:bd:25:fd:16:3a:e6:d5:bf:d7:ff:
ad:f2:62:ac:e4:06:74:af:04:41:f5:68:2a:1a:8a:
72:79:a1:a6:f7:f2:cd:12:26:c9:67:b8:53:08:18:
8f:dc:bf:65:7b:80:0b:78:1f:81:8b:bc:80:ff:7c:
e1:4b:24:45:3a:f9:1b:1a:f3:d4:40:9e:f4:b4:e1:
3f:0e:2c:88:b3:3c:3f:5b:a7:2e:8f:58:f1:a4:fb:
09:50:e2:f7:12:26:cc:fe:d4:76:19:56:53:0e:fe:
13:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:00:B7:0E:B6:7F:9C:CF:68:12:1A:77:E7:AD:B4:5C:28:E9:88:D9
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/B20FFE42F16A11EFBBA57C53762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.206.20.0/24
Signature Algorithm: sha256WithRSAEncryption
70:59:82:d2:60:9d:d6:6d:3e:f6:34:ea:b7:a8:8f:ca:9c:8d:
37:34:8d:6f:d8:1b:4f:7e:ae:98:a3:b9:4e:8d:e6:81:f7:3b:
0b:4d:88:58:c4:62:97:5f:e4:02:2c:dc:3d:06:2e:6b:ad:b6:
0b:37:24:5d:ff:73:bb:c2:94:f0:24:7b:45:1d:d1:94:71:65:
47:eb:cf:c6:f4:73:aa:4c:cf:08:55:3c:d9:ce:67:38:ce:da:
2e:17:25:23:00:0a:4f:8d:b0:3b:f2:5c:15:db:9b:2a:dc:57:
9c:ee:d9:85:73:04:02:71:54:d9:b9:62:c7:be:b8:b0:8b:6e:
98:56:2a:b6:89:b8:4e:0c:fd:68:ac:a3:28:1c:22:3f:e2:6e:
b9:5b:70:60:d6:af:6e:bd:2c:02:0d:e1:2c:4b:c5:f1:ef:d8:
1b:58:e7:91:1f:80:5c:ab:3f:b2:db:5f:a1:21:a1:3e:bc:19:
ff:bf:b4:95:57:d0:ea:55:f6:74:51:6b:3f:83:d2:fc:5e:41:
7a:a6:60:43:1b:16:f9:77:d3:37:5e:3b:44:f2:59:08:b2:07:
6e:92:9b:b5:0a:79:ac:da:3b:ca:b4:ee:1a:54:5c:39:d2:90:
2c:54:60:74:cf:e0:bc:fe:8d:ec:c4:db:95:a2:f6:d6:23:2d:
30:ef:0d:77
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAVqnMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMjIyMjIxNjM5WhcNMjUwMzI3MjIxNjM5WjAYMRYw
FAYDVQQDEw02N2JhNGNjYi02MjBlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAv5C7OfdfzlrkgRvfFyxRo2fGM5AO35Bx+7HLQ4B9xnAp4DUNuznSe1Pd
X8puMRqWTwD3X3C5BtmLhjPrdKjLVrvTH1VyYlJD+Bq8wqGT6csTPIRIjAfVa+dk
DKGXnyUVFdRSFuW7Mf+14IwvfY1Qg+b/yQaXTrpxc5hSVT+F/i8g58JeJ9C5gDhi
YqGSGfjwLAdR7tRGE6uCs70l/RY65tW/1/+t8mKs5AZ0rwRB9WgqGopyeaGm9/LN
EibJZ7hTCBiP3L9le4ALeB+Bi7yA/3zhSyRFOvkbGvPUQJ70tOE/DiyIszw/W6cu
j1jxpPsJUOL3EibM/tR2GVZTDv4TuwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFAkA
tw62f5zPaBIad+ettFwo6YjZMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9CMjBGRkU0MkYxNkExMUVGQkJBNTdDNTM3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAms4UMA0GCSqGSIb3DQEB
CwUAA4IBAQBwWYLSYJ3WbT72NOq3qI/KnI03NI1v2BtPfq6Yo7lOjeaB9zsLTYhY
xGKXX+QCLNw9Bi5rrbYLNyRd/3O7wpTwJHtFHdGUcWVH68/G9HOqTM8IVTzZzmc4
ztouFyUjAApPjbA78lwV25sq3Fec7tmFcwQCcVTZuWLHvriwi26YViq2ibhODP1o
rKMoHCI/4m65W3Bg1q9uvSwCDeEsS8Xx79gbWOeRH4Bcqz+y21+hIaE+vBn/v7SV
V9DqVfZ0UWs/g9L8XkF6pmBDGxb5d9M3XjtE8lkIsgdukpu1Cnms2jvKtO4aVFw5
0pAsVGB0z+C8/o3sxNuVovbWIy0w7w13
-----END CERTIFICATE-----
Generated at Fri May 9 06:34:39 2025 by rpki-client