Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/C3AA3368F69A11EF88E2B47C762E951A.roa
File: C3AA3368F69A11EF88E2B47C762E951A.roa (raw, json)
Hash identifier: F9DDKViIXOhHl12WTAi+bs8M8tVAayzErlR6YbOwsUc=
Subject key identifier: EB:7D:05:3C:BA:6B:52:70:3F:F9:DF:CD:B4:EC:10:F8:39:2F:FE:F4
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 016E4C
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/C3AA3368F69A11EF88E2B47C762E951A.roa
Signing time: Sat 01 Mar 2025 12:43:24 +0000
ROA not before: Sat 01 Mar 2025 12:43:20 +0000
ROA not after: Mon 31 Mar 2025 12:43:20 +0000
asID: 202656
IP address blocks: 154.219.200.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 93772 (0x16e4c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Mar 1 12:43:20 2025 GMT
Not After : Mar 31 12:43:20 2025 GMT
Subject: CN=67c300ec-6549
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:97:40:02:20:24:4d:84:06:fb:32:d6:68:aa:
9e:e1:fa:5a:44:df:e1:f1:9a:0a:a9:68:7a:46:22:
c0:97:49:d8:8a:db:c7:75:36:93:c9:65:0d:1e:bb:
48:b8:43:f6:ab:75:83:11:5a:4c:c7:9d:cc:b0:11:
be:05:df:82:f2:18:80:83:44:d0:0c:53:d5:a7:11:
02:3d:db:cf:0c:77:b9:8a:b9:5b:66:4b:99:48:08:
6a:c5:fd:fa:46:5d:20:bd:3b:f0:6b:b1:ca:2b:fe:
f5:9c:60:c6:38:bd:a5:bd:50:1f:9d:07:86:39:68:
73:89:4b:24:f5:99:f3:b7:79:15:4f:59:07:e5:69:
d8:80:dd:8e:f0:c4:fd:e2:7c:37:b7:77:2c:2e:0c:
8a:f7:22:95:dc:65:4b:b1:ee:31:4b:2e:65:62:c7:
f8:7b:78:39:b8:f1:94:64:6d:c0:ae:09:4d:b2:95:
2c:81:09:b4:f7:04:cc:71:2e:6e:13:8b:1e:68:a1:
b4:6c:8e:a5:d4:de:1f:e9:0b:d1:e3:9a:d9:42:90:
b1:e8:93:ea:c6:b9:4a:88:41:71:b4:2a:43:e3:58:
40:db:b4:a4:fa:14:6f:51:12:84:3a:06:95:a2:98:
c9:f3:7f:11:38:b4:ca:72:cf:84:4e:22:e6:fb:dd:
d9:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:7D:05:3C:BA:6B:52:70:3F:F9:DF:CD:B4:EC:10:F8:39:2F:FE:F4
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/C3AA3368F69A11EF88E2B47C762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.219.200.0/24
Signature Algorithm: sha256WithRSAEncryption
30:5e:0e:6f:bb:c3:ae:fe:00:3f:20:a7:10:12:f1:01:04:0c:
a9:ae:8b:dc:da:46:0a:f7:35:60:d5:9e:14:33:8e:75:b7:df:
2a:73:aa:c4:c6:91:36:94:ff:51:2e:e1:a7:56:66:27:1e:c0:
80:70:1c:0c:6c:07:74:3b:bf:31:2a:72:7f:66:3b:d9:5f:a1:
1d:08:d6:c8:61:0c:ef:61:d8:0a:fe:9d:7d:49:14:f4:9f:86:
4a:0e:a1:ac:7d:f4:84:88:a0:4b:ff:39:73:60:b4:3b:a5:2f:
1f:81:6b:76:fd:2d:02:b5:96:a0:4f:4e:3b:e8:18:8a:a2:36:
93:3e:7d:74:e0:35:03:80:b2:11:41:7f:87:9b:55:00:48:c6:
55:c1:c5:36:c5:f7:f6:01:78:10:a5:e9:4f:14:5d:c5:0b:2b:
1d:79:4d:5c:3d:e9:47:64:e5:9a:1e:aa:e5:a3:b9:3c:cb:4b:
62:c7:a7:9d:90:cf:e5:0e:cd:e9:b1:e6:6b:ee:fd:9b:63:10:
27:c4:45:1c:c9:9b:19:05:09:21:c9:9a:cb:2a:a5:c7:90:b9:
e7:09:61:d3:f8:32:be:fc:05:e1:7e:45:37:78:10:63:4c:58:
39:b6:cd:de:40:e2:56:75:ba:f6:46:80:cb:39:5b:03:19:63:
76:2d:03:0e
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAW5MMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMzAxMTI0MzIwWhcNMjUwMzMxMTI0MzIwWjAYMRYw
FAYDVQQDEw02N2MzMDBlYy02NTQ5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAu5dAAiAkTYQG+zLWaKqe4fpaRN/h8ZoKqWh6RiLAl0nYitvHdTaTyWUN
HrtIuEP2q3WDEVpMx53MsBG+Bd+C8hiAg0TQDFPVpxECPdvPDHe5irlbZkuZSAhq
xf36Rl0gvTvwa7HKK/71nGDGOL2lvVAfnQeGOWhziUsk9Znzt3kVT1kH5WnYgN2O
8MT94nw3t3csLgyK9yKV3GVLse4xSy5lYsf4e3g5uPGUZG3ArglNspUsgQm09wTM
cS5uE4seaKG0bI6l1N4f6QvR45rZQpCx6JPqxrlKiEFxtCpD41hA27Sk+hRvURKE
OgaVopjJ838ROLTKcs+ETiLm+93ZWQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFOt9
BTy6a1JwP/nfzbTsEPg5L/70MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9DM0FBMzM2OEY2OUExMUVGODhFMkI0N0M3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmtvIMA0GCSqGSIb3DQEB
CwUAA4IBAQAwXg5vu8Ou/gA/IKcQEvEBBAyprovc2kYK9zVg1Z4UM451t98qc6rE
xpE2lP9RLuGnVmYnHsCAcBwMbAd0O78xKnJ/ZjvZX6EdCNbIYQzvYdgK/p19SRT0
n4ZKDqGsffSEiKBL/zlzYLQ7pS8fgWt2/S0CtZagT0476BiKojaTPn104DUDgLIR
QX+Hm1UASMZVwcU2xff2AXgQpelPFF3FCysdeU1cPelHZOWaHqrlo7k8y0tix6ed
kM/lDs3pseZr7v2bYxAnxEUcyZsZBQkhyZrLKqXHkLnnCWHT+DK+/AXhfkU3eBBj
TFg5ts3eQOJWdbr2RoDLOVsDGWN2LQMO
-----END CERTIFICATE-----
Generated at Fri May 9 06:26:46 2025 by rpki-client