Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/C09C7F64DA6111EFB15ABC4C762E951A.roa
File: C09C7F64DA6111EFB15ABC4C762E951A.roa (raw, json)
Hash identifier: /buY+8IoCIgn9zeHUkCTwLj+E9yOhTgQjbZFAVrtiiY=
Subject key identifier: 7E:67:85:B0:B6:3D:BB:58:05:D0:FA:DB:63:8F:44:BB:65:54:46:37
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01485B
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/C09C7F64DA6111EFB15ABC4C762E951A.roa
Signing time: Fri 24 Jan 2025 14:44:45 +0000
ROA not before: Fri 24 Jan 2025 14:44:41 +0000
ROA not after: Wed 05 Mar 2025 14:44:41 +0000
asID: 49505
IP address blocks: 154.209.208.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 84059 (0x1485b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Jan 24 14:44:41 2025 GMT
Not After : Mar 5 14:44:41 2025 GMT
Subject: CN=6793a75d-663b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:f4:57:b1:b4:ea:54:2f:7e:18:a4:69:c6:7e:
f8:d5:ff:26:c2:be:b3:ee:45:38:a4:7d:26:83:3b:
19:aa:11:22:57:89:ce:30:34:df:13:33:c1:1e:e1:
59:e5:ad:0b:3a:06:80:c7:65:e9:98:48:39:31:7d:
1b:c5:e6:8c:20:60:47:49:a2:f1:67:15:5f:8c:4b:
5d:c2:9b:72:36:d6:0d:fb:ad:16:44:65:ac:7f:43:
8c:e9:fc:9b:df:3d:c8:8d:96:4b:f3:17:b0:1a:52:
d2:e0:40:9e:ee:24:65:0b:36:75:30:a6:0d:42:ae:
96:9e:99:c3:37:f1:fd:20:0e:12:89:ac:a4:19:96:
d3:c8:a7:5f:e4:a6:00:b0:a7:74:7d:0f:e6:ea:89:
34:d1:ea:5f:83:d5:8b:31:ac:c0:32:e8:8a:4d:ad:
a3:ec:83:ee:f5:5f:59:95:a8:d0:bc:ef:85:91:2a:
87:1f:03:90:9f:77:df:c3:eb:c3:ea:4a:e7:7b:7a:
09:c1:7c:e9:b9:21:b9:b5:c4:2a:27:b9:ab:52:ec:
90:27:2a:d5:39:98:ea:a8:49:13:1b:a9:a2:16:2a:
d0:b7:51:fa:f4:5c:39:72:b1:7d:a1:fb:03:6f:c9:
2c:c7:a9:92:d3:38:d3:63:55:b3:ae:d1:a5:a8:4e:
9f:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:67:85:B0:B6:3D:BB:58:05:D0:FA:DB:63:8F:44:BB:65:54:46:37
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/C09C7F64DA6111EFB15ABC4C762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.209.208.0/24
Signature Algorithm: sha256WithRSAEncryption
88:dc:4f:bc:77:2a:8d:be:ce:37:6e:3e:68:e8:07:a9:3d:43:
32:f7:a6:ea:cc:7e:de:5d:cd:12:44:a5:0b:ea:38:cf:4a:bf:
55:b8:05:d1:00:00:e7:ca:13:23:e2:4a:e8:1d:4c:76:22:67:
9c:16:68:23:09:a3:29:3f:b1:85:cd:e7:0d:73:23:d8:f9:e6:
c6:35:e1:cb:b3:31:07:96:c6:37:a9:ca:b3:46:b8:44:06:6e:
d1:5a:31:ed:56:f9:73:2f:20:8d:89:2d:e0:8c:8a:e0:4b:99:
74:6a:9a:60:48:d1:58:4c:36:b7:3a:41:17:0b:13:e6:ee:10:
89:d2:8e:4a:3b:b1:d3:89:12:e5:d9:ef:7e:f6:54:ec:eb:1f:
20:f5:a4:aa:ab:95:b9:6c:48:f1:dc:e9:c0:82:44:f1:3f:9f:
89:93:a4:0d:f5:a1:e8:6c:5e:18:eb:0c:32:41:6c:f7:0e:bd:
49:d0:8b:bc:b7:3f:2a:93:be:f5:8b:07:dd:25:ac:7a:2d:53:
9d:2e:51:74:a1:0f:9f:f0:ae:82:55:51:c0:ac:03:67:27:cf:
03:84:9c:ac:b5:6e:90:ae:cf:76:a1:20:4e:ba:b7:74:88:f7:
27:7c:b9:40:36:a7:90:d3:86:e9:44:08:8b:10:ef:5d:ee:e2:
21:2c:40:48
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAUhbMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTI0MTQ0NDQxWhcNMjUwMzA1MTQ0NDQxWjAYMRYw
FAYDVQQDEw02NzkzYTc1ZC02NjNiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAzfRXsbTqVC9+GKRpxn741f8mwr6z7kU4pH0mgzsZqhEiV4nOMDTfEzPB
HuFZ5a0LOgaAx2XpmEg5MX0bxeaMIGBHSaLxZxVfjEtdwptyNtYN+60WRGWsf0OM
6fyb3z3IjZZL8xewGlLS4ECe7iRlCzZ1MKYNQq6WnpnDN/H9IA4SiaykGZbTyKdf
5KYAsKd0fQ/m6ok00epfg9WLMazAMuiKTa2j7IPu9V9ZlajQvO+FkSqHHwOQn3ff
w+vD6krne3oJwXzpuSG5tcQqJ7mrUuyQJyrVOZjqqEkTG6miFirQt1H69Fw5crF9
ofsDb8ksx6mS0zjTY1WzrtGlqE6fPQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFH5n
hbC2PbtYBdD622OPRLtlVEY3MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9DMDlDN0Y2NERBNjExMUVGQjE1QUJDNEM3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmtHQMA0GCSqGSIb3DQEB
CwUAA4IBAQCI3E+8dyqNvs43bj5o6AepPUMy96bqzH7eXc0SRKUL6jjPSr9VuAXR
AADnyhMj4kroHUx2ImecFmgjCaMpP7GFzecNcyPY+ebGNeHLszEHlsY3qcqzRrhE
Bm7RWjHtVvlzLyCNiS3gjIrgS5l0appgSNFYTDa3OkEXCxPm7hCJ0o5KO7HTiRLl
2e9+9lTs6x8g9aSqq5W5bEjx3OnAgkTxP5+Jk6QN9aHobF4Y6wwyQWz3Dr1J0Iu8
tz8qk771iwfdJax6LVOdLlF0oQ+f8K6CVVHArANnJ88DhJystW6Qrs92oSBOurd0
iPcnfLlANqeQ04bpRAiLEO9d7uIhLEBI
-----END CERTIFICATE-----
Generated at Thu Mar 13 17:45:57 2025 by rpki-client