Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/BCF2022EFF2011EF8D5E4757762E951A.roa
File: BCF2022EFF2011EF8D5E4757762E951A.roa (raw, json)
Hash identifier: s+m7oKrhp2EJ5pL5o/5V2FFwMU1Ssmk6ZFtoK6r0Tb8=
Subject key identifier: 94:EE:84:A2:04:A2:82:73:20:B5:18:1C:DC:83:18:BD:15:26:C3:C5
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0173BF
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/BCF2022EFF2011EF8D5E4757762E951A.roa
Signing time: Wed 12 Mar 2025 09:02:35 +0000
ROA not before: Wed 12 Mar 2025 09:02:31 +0000
ROA not after: Mon 31 Mar 2025 09:02:31 +0000
asID: 5065
IP address blocks: 154.81.12.0/22 maxlen: 24
154.83.225.0/24 maxlen: 24
154.84.144.0/22 maxlen: 24
154.84.182.0/24 maxlen: 24
154.84.183.0/24 maxlen: 24
154.84.184.0/22 maxlen: 24
154.85.108.0/24 maxlen: 24
154.85.109.0/24 maxlen: 24
154.90.24.0/22 maxlen: 24
154.95.20.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 95167 (0x173bf)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Mar 12 09:02:31 2025 GMT
Not After : Mar 31 09:02:31 2025 GMT
Subject: CN=67d14daa-ebb3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:f9:b9:c0:ce:5c:bf:f3:d1:fd:5c:e6:6c:4c:
fb:53:c9:77:3d:d9:96:e3:a3:4c:bd:6c:38:b4:d2:
2e:d6:10:29:28:96:14:c1:10:2e:41:55:73:9e:bb:
af:2d:1e:d7:67:88:a6:07:67:ee:cf:1c:1a:f5:af:
75:65:de:a8:11:63:f9:53:5c:11:1e:f5:c7:ee:31:
5f:cb:84:a5:0d:72:13:75:ab:cc:1e:27:0d:95:07:
59:81:6a:2c:63:84:0c:4f:1e:ff:a3:99:a0:0b:19:
6a:56:cf:6e:c2:6e:d6:17:30:2a:42:a7:58:6d:20:
8c:54:00:d7:30:cd:54:0a:09:bd:e7:a8:dc:09:98:
da:5c:62:8a:69:c9:b6:42:ca:65:1b:bc:07:fa:67:
87:7e:b1:7b:8c:f8:b5:91:b9:bd:30:05:ea:aa:3a:
e4:5d:69:64:41:13:37:67:1b:d0:5b:c4:2e:79:69:
96:57:43:08:89:8f:fc:99:0d:b0:70:51:e2:69:ec:
ae:21:97:fb:85:be:96:2f:41:11:1f:3e:eb:2f:f6:
0b:e4:38:d4:b3:3c:58:8b:56:4b:90:1c:a8:24:3a:
db:9d:fc:bc:89:a4:46:53:b0:9b:31:68:44:82:31:
88:15:14:85:14:e8:f4:07:93:9d:76:b0:82:aa:30:
f1:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:EE:84:A2:04:A2:82:73:20:B5:18:1C:DC:83:18:BD:15:26:C3:C5
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/BCF2022EFF2011EF8D5E4757762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.81.12.0/22
154.83.225.0/24
154.84.144.0/22
154.84.182.0-154.84.187.255
154.85.108.0/23
154.90.24.0/22
154.95.20.0/22
Signature Algorithm: sha256WithRSAEncryption
55:3e:16:73:af:0d:cb:88:54:86:c4:a8:d6:32:0e:15:17:a7:
30:11:d9:9f:46:b8:87:47:9d:72:ec:99:7d:cf:4f:69:84:a1:
15:f7:e8:50:26:48:f7:76:cb:21:64:37:ff:d3:92:64:97:9b:
e2:ec:7e:7e:59:dd:ef:3a:b0:f3:b1:52:75:20:24:0e:a3:fc:
7c:78:dc:5a:fc:7c:73:d9:5f:aa:07:f1:73:9e:5e:3c:65:33:
8c:3f:6c:cf:02:c1:9d:b2:4f:84:36:08:ae:43:77:b8:01:3d:
7c:81:0e:88:b4:a7:66:b5:fb:1a:b2:29:aa:92:e4:f2:bb:05:
b3:b0:a8:d0:94:5f:e3:5d:c3:81:f8:91:ee:01:e1:37:b5:f8:
4d:ae:fe:90:da:18:58:77:cc:ee:a0:a5:9c:22:ba:df:14:5e:
50:a4:f9:67:06:7a:d5:d0:bd:e8:89:97:a5:26:2b:ae:c8:8b:
c2:6d:a9:9a:3a:2f:76:59:39:5d:a1:bd:79:b0:29:7b:d3:34:
a2:f7:3d:d7:68:4f:81:a2:cb:c9:e1:f5:55:fb:84:ff:bd:17:
44:e6:0a:12:74:15:f8:a1:cc:f7:60:f5:ba:c8:d9:d8:b0:bd:
c4:b9:5a:81:0d:27:62:92:10:02:83:f3:54:64:e2:22:b6:0a:
fd:43:e6:bb
-----BEGIN CERTIFICATE-----
MIIFsDCCBJigAwIBAgIDAXO/MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMzEyMDkwMjMxWhcNMjUwMzMxMDkwMjMxWjAYMRYw
FAYDVQQDEw02N2QxNGRhYS1lYmIzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAyvm5wM5cv/PR/VzmbEz7U8l3PdmW46NMvWw4tNIu1hApKJYUwRAuQVVz
nruvLR7XZ4imB2fuzxwa9a91Zd6oEWP5U1wRHvXH7jFfy4SlDXITdavMHicNlQdZ
gWosY4QMTx7/o5mgCxlqVs9uwm7WFzAqQqdYbSCMVADXMM1UCgm956jcCZjaXGKK
acm2QsplG7wH+meHfrF7jPi1kbm9MAXqqjrkXWlkQRM3ZxvQW8QueWmWV0MIiY/8
mQ2wcFHiaeyuIZf7hb6WL0ERHz7rL/YL5DjUszxYi1ZLkByoJDrbnfy8iaRGU7Cb
MWhEgjGIFRSFFOj0B5OddrCCqjDx1QIDAQABo4IC0TCCAs0wHQYDVR0OBBYEFJTu
hKIEooJzILUYHNyDGL0VJsPFMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9CQ0YyMDIyRUZGMjAxMUVGOEQ1RTQ3NTc3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMEsGCCsGAQUFBwEHAQH/BDwwOjA4BAIAATAyAwQCmlEMAwQAmlPhAwQCmlSQ
MAwDBAGaVLYDBAKaVLgDBAGaVWwDBAKaWhgDBAKaXxQwDQYJKoZIhvcNAQELBQAD
ggEBAFU+FnOvDcuIVIbEqNYyDhUXpzAR2Z9GuIdHnXLsmX3PT2mEoRX36FAmSPd2
yyFkN//TkmSXm+Lsfn5Z3e86sPOxUnUgJA6j/Hx43Fr8fHPZX6oH8XOeXjxlM4w/
bM8CwZ2yT4Q2CK5Dd7gBPXyBDoi0p2a1+xqyKaqS5PK7BbOwqNCUX+Ndw4H4ke4B
4Te1+E2u/pDaGFh3zO6gpZwiut8UXlCk+WcGetXQveiJl6UmK67Ii8JtqZo6L3ZZ
OV2hvXmwKXvTNKL3PddoT4Giy8nh9VX7hP+9F0TmChJ0FfihzPdg9brI2diwvcS5
WoENJ2KSEAKD81Rk4iK2Cv1D5rs=
-----END CERTIFICATE-----
Generated at Fri May 9 05:44:24 2025 by rpki-client