Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/BFFA618CF2CD11EF832CC55F762E951A.roa
File: BFFA618CF2CD11EF832CC55F762E951A.roa (raw, json)
Hash identifier: wgMk8szX306UR6o4xl+HH8SXF6iowvLYvEmS52mfKVY=
Subject key identifier: 9A:68:A1:0F:8C:4D:10:4F:C9:E7:6D:DC:E6:26:6F:A5:FB:52:29:10
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 015C78
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/BFFA618CF2CD11EF832CC55F762E951A.roa
Signing time: Mon 24 Feb 2025 16:38:18 +0000
ROA not before: Mon 24 Feb 2025 16:38:14 +0000
ROA not after: Sat 29 Mar 2025 16:38:14 +0000
asID: 203020
IP address blocks: 154.223.173.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 89208 (0x15c78)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Feb 24 16:38:14 2025 GMT
Not After : Mar 29 16:38:14 2025 GMT
Subject: CN=67bca079-032d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:1b:5c:83:2d:eb:aa:d3:f0:5a:20:9a:f2:f3:
b2:88:eb:38:44:dd:6a:c2:83:83:ba:59:2d:a5:10:
85:e6:72:bf:c3:c8:7f:d0:d6:b1:b7:84:bf:7d:cd:
4c:89:11:04:90:81:b5:be:0f:bd:c5:c0:76:78:06:
06:ea:e0:e3:fb:5d:c4:9f:07:7d:e2:f7:31:d7:40:
fc:92:c2:67:f2:55:1e:c0:73:58:3d:87:8d:5a:1e:
3e:a3:78:b9:99:8e:73:cc:1b:d3:e5:73:db:50:f8:
15:45:f2:14:ff:66:ce:7f:dc:b0:6c:58:c4:2b:36:
91:fa:0d:58:b3:6e:06:b8:b9:7c:ea:49:e6:44:c6:
6d:74:aa:9d:3f:8f:19:79:a4:d3:f6:9f:fa:00:fe:
82:ac:4d:d0:dc:19:23:45:9d:ab:82:bd:55:bf:89:
d1:41:86:29:74:03:36:fd:16:89:e2:0b:31:56:b6:
ac:e9:33:67:94:91:e9:e3:98:94:14:c4:d9:52:8f:
9d:c6:fd:f7:f6:52:4b:b5:ac:2f:37:b2:60:0e:81:
87:a0:c4:df:92:28:ca:d1:c5:0d:c1:64:8b:b9:d8:
02:e0:a6:be:03:29:16:87:dc:be:3f:17:b4:2b:8e:
a0:16:7e:f1:ed:26:c3:c4:77:cc:0b:fb:d5:62:dd:
d6:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:68:A1:0F:8C:4D:10:4F:C9:E7:6D:DC:E6:26:6F:A5:FB:52:29:10
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/BFFA618CF2CD11EF832CC55F762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.223.173.0/24
Signature Algorithm: sha256WithRSAEncryption
71:01:90:55:e5:61:fc:b0:b6:ad:df:06:5f:85:f8:cf:28:53:
c6:cb:35:a4:6a:a1:8b:1c:c6:98:0c:a5:11:bd:c4:20:6b:96:
44:ce:38:bb:33:3c:32:c7:bf:f5:3d:ac:87:41:a9:5d:b5:65:
91:aa:4c:dc:1e:20:02:36:4c:c5:2a:00:2b:3b:3f:1d:e9:69:
f1:2e:4f:59:55:de:85:22:27:76:78:f1:dd:78:c1:86:4d:99:
8d:e7:26:a4:0c:cd:66:4c:b5:c9:37:55:09:52:a3:25:26:e4:
b2:d3:e8:ae:32:8b:60:86:00:7a:5b:4e:b2:3c:3a:2a:82:40:
be:77:ef:e3:88:e3:50:9b:a1:74:8b:8b:b7:dc:ff:64:7b:0b:
f8:10:f9:c4:a9:c5:96:f0:93:27:b2:b1:98:29:e0:e3:72:14:
1d:84:8e:ea:31:ad:10:11:12:5c:60:c4:b2:f9:7e:61:6f:75:
3f:57:3b:08:ba:08:cd:65:4b:1f:c2:24:06:0f:a7:12:91:a0:
86:e2:88:bb:25:bc:2a:0f:4e:9a:e1:1e:a3:77:23:d8:53:eb:
4a:9d:d8:ea:ff:0b:aa:54:3e:8a:97:9c:23:0f:cc:50:7c:19:
47:6a:a3:78:b1:84:28:f0:a0:ce:91:da:d6:68:12:75:fa:ec:
02:44:d3:41
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAVx4MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMjI0MTYzODE0WhcNMjUwMzI5MTYzODE0WjAYMRYw
FAYDVQQDEw02N2JjYTA3OS0wMzJkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAphtcgy3rqtPwWiCa8vOyiOs4RN1qwoODulktpRCF5nK/w8h/0Naxt4S/
fc1MiREEkIG1vg+9xcB2eAYG6uDj+13Enwd94vcx10D8ksJn8lUewHNYPYeNWh4+
o3i5mY5zzBvT5XPbUPgVRfIU/2bOf9ywbFjEKzaR+g1Ys24GuLl86knmRMZtdKqd
P48ZeaTT9p/6AP6CrE3Q3BkjRZ2rgr1Vv4nRQYYpdAM2/RaJ4gsxVras6TNnlJHp
45iUFMTZUo+dxv339lJLtawvN7JgDoGHoMTfkijK0cUNwWSLudgC4Ka+AykWh9y+
Pxe0K46gFn7x7SbDxHfMC/vVYt3WXQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFJpo
oQ+MTRBPyedt3OYmb6X7UikQMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9CRkZBNjE4Q0YyQ0QxMUVGODMyQ0M1NUY3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmt+tMA0GCSqGSIb3DQEB
CwUAA4IBAQBxAZBV5WH8sLat3wZfhfjPKFPGyzWkaqGLHMaYDKURvcQga5ZEzji7
Mzwyx7/1PayHQaldtWWRqkzcHiACNkzFKgArOz8d6WnxLk9ZVd6FIid2ePHdeMGG
TZmN5yakDM1mTLXJN1UJUqMlJuSy0+iuMotghgB6W06yPDoqgkC+d+/jiONQm6F0
i4u33P9kewv4EPnEqcWW8JMnsrGYKeDjchQdhI7qMa0QERJcYMSy+X5hb3U/VzsI
ugjNZUsfwiQGD6cSkaCG4oi7JbwqD06a4R6jdyPYU+tKndjq/wuqVD6Kl5wjD8xQ
fBlHaqN4sYQo8KDOkdrWaBJ1+uwCRNNB
-----END CERTIFICATE-----
Generated at Thu Apr 17 03:16:38 2025 by rpki-client