Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/B8136896F69311EF8F24A74E762E951A.roa
File: B8136896F69311EF8F24A74E762E951A.roa (raw, json)
Hash identifier: mUr6hDdVAtBLifiV7/8gmixGO0rszqbbdRFJzSlcysc=
Subject key identifier: E8:B9:D5:15:76:B1:5F:4D:F1:D2:ED:33:76:B9:D8:35:B6:F5:13:D4
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 016E1F
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/B8136896F69311EF8F24A74E762E951A.roa
Signing time: Sat 01 Mar 2025 11:52:58 +0000
ROA not before: Sat 01 Mar 2025 11:52:54 +0000
ROA not after: Sat 05 Apr 2025 11:52:54 +0000
asID: 203020
IP address blocks: 154.202.86.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 93727 (0x16e1f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Mar 1 11:52:54 2025 GMT
Not After : Apr 5 11:52:54 2025 GMT
Subject: CN=67c2f51a-f3b1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:81:ce:e8:12:0a:16:1b:34:d2:b7:0e:e8:57:
33:51:8d:3c:8d:61:05:f1:93:6b:3f:77:1b:4e:d0:
90:fe:50:f0:0d:e6:5e:e1:03:cd:f8:1c:a5:43:d4:
03:ad:25:da:c2:ab:56:14:d9:09:2a:4f:93:2e:aa:
20:f0:63:89:41:f4:5f:4b:af:6b:e8:37:9b:1e:37:
82:40:fe:30:5e:ad:0c:c0:f8:ab:85:ee:0a:51:d4:
fe:3d:9f:95:4b:dd:c6:1d:84:b2:21:38:65:ce:8a:
2b:9d:1d:b5:92:39:7d:cb:fe:55:3b:f0:a4:96:54:
3c:2b:6f:1e:e1:0d:35:e6:38:3e:be:54:f7:38:b2:
82:ec:b8:45:e7:c4:a1:a4:01:99:6a:b6:d4:43:67:
1a:99:f5:85:3d:f9:6f:ba:9c:9f:4e:45:3e:07:53:
5d:2a:c4:ec:82:29:46:95:d1:cd:ea:e4:e9:9c:e7:
47:8a:af:f6:6b:9f:d6:40:97:9d:d6:23:39:97:d3:
2a:3f:2b:c9:70:39:1b:8d:84:64:8f:5e:e0:4e:bb:
5f:fc:64:ff:b7:ae:65:23:65:35:ec:8c:39:7c:1b:
5a:4b:d1:47:30:d7:2b:e2:5d:6f:02:fe:d6:1c:23:
58:e1:d4:1b:9a:79:34:81:17:84:5e:0a:b8:b7:83:
43:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:B9:D5:15:76:B1:5F:4D:F1:D2:ED:33:76:B9:D8:35:B6:F5:13:D4
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/B8136896F69311EF8F24A74E762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.202.86.0/23
Signature Algorithm: sha256WithRSAEncryption
0d:9a:9f:1e:eb:8e:65:51:3d:71:b8:da:e7:73:c2:40:34:69:
01:cb:15:68:f5:d6:48:21:d3:e3:3c:04:47:79:14:1a:bd:56:
81:f3:1a:0f:35:1e:0b:91:92:f7:85:41:81:41:61:db:4b:c3:
f2:5d:82:4c:5c:4d:12:22:07:80:ab:fa:a0:4b:34:89:64:c3:
70:b4:4c:82:57:e5:91:4f:3c:0e:b4:64:be:71:cd:f0:d1:cc:
4f:e3:31:d8:88:58:4e:7d:95:5a:21:34:9c:13:be:d5:cf:d2:
e4:e7:d8:70:89:ab:97:a0:dc:45:ec:70:15:73:32:4d:10:46:
aa:1c:01:d9:6e:e6:34:31:1b:e4:6b:8d:65:7e:43:c7:49:10:
3d:e6:67:79:4b:ed:b5:19:69:07:27:57:f1:11:d7:6a:cd:df:
d2:c7:07:95:05:a0:1d:5e:06:08:25:6d:c1:e3:0e:b4:73:0c:
38:ff:9a:c3:74:e0:96:a3:34:55:c0:7a:96:04:cb:2c:68:4c:
60:1e:ac:e0:aa:40:4c:f9:88:04:65:5d:97:69:03:43:bb:98:
20:e4:33:bf:6f:43:40:13:f0:a1:31:c2:ac:06:aa:1e:b8:83:
9d:26:be:01:ae:1f:48:27:08:b7:c7:55:88:4f:2c:7c:92:ad:
23:dc:e8:56
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAW4fMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMzAxMTE1MjU0WhcNMjUwNDA1MTE1MjU0WjAYMRYw
FAYDVQQDEw02N2MyZjUxYS1mM2IxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEArYHO6BIKFhs00rcO6FczUY08jWEF8ZNrP3cbTtCQ/lDwDeZe4QPN+Byl
Q9QDrSXawqtWFNkJKk+TLqog8GOJQfRfS69r6DebHjeCQP4wXq0MwPirhe4KUdT+
PZ+VS93GHYSyIThlzoornR21kjl9y/5VO/CkllQ8K28e4Q015jg+vlT3OLKC7LhF
58ShpAGZarbUQ2camfWFPflvupyfTkU+B1NdKsTsgilGldHN6uTpnOdHiq/2a5/W
QJed1iM5l9MqPyvJcDkbjYRkj17gTrtf/GT/t65lI2U17Iw5fBtaS9FHMNcr4l1v
Av7WHCNY4dQbmnk0gReEXgq4t4NDIwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFOi5
1RV2sV9N8dLtM3a52DW29RPUMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9CODEzNjg5NkY2OTMxMUVGOEYyNEE3NEU3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBmspWMA0GCSqGSIb3DQEB
CwUAA4IBAQANmp8e645lUT1xuNrnc8JANGkByxVo9dZIIdPjPARHeRQavVaB8xoP
NR4LkZL3hUGBQWHbS8PyXYJMXE0SIgeAq/qgSzSJZMNwtEyCV+WRTzwOtGS+cc3w
0cxP4zHYiFhOfZVaITScE77Vz9Lk59hwiauXoNxF7HAVczJNEEaqHAHZbuY0MRvk
a41lfkPHSRA95md5S+21GWkHJ1fxEddqzd/SxweVBaAdXgYIJW3B4w60cww4/5rD
dOCWozRVwHqWBMssaExgHqzgqkBM+YgEZV2XaQNDu5gg5DO/b0NAE/ChMcKsBqoe
uIOdJr4Brh9IJwi3x1WITyx8kq0j3OhW
-----END CERTIFICATE-----
Generated at Fri Apr 11 04:29:17 2025 by rpki-client