Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/CF53F65CF69C11EF98637F8A762E951A.roa
File: CF53F65CF69C11EF98637F8A762E951A.roa (raw, json)
Hash identifier: H5t75y0Jzb7JjV7XYl4yvll9ex5u1kGsYjXH588cZ14=
Subject key identifier: FE:05:07:4C:A5:1E:A7:B7:DD:EB:53:97:3A:52:65:86:89:0F:3A:8E
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 016E60
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/CF53F65CF69C11EF98637F8A762E951A.roa
Signing time: Sat 01 Mar 2025 12:58:03 +0000
ROA not before: Sat 01 Mar 2025 12:57:59 +0000
ROA not after: Mon 31 Mar 2025 12:57:59 +0000
asID: 202656
IP address blocks: 154.219.205.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 93792 (0x16e60)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Mar 1 12:57:59 2025 GMT
Not After : Mar 31 12:57:59 2025 GMT
Subject: CN=67c3045a-cf7e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:83:05:20:cb:d6:c9:3d:b6:11:af:35:3b:8c:
0a:20:77:d7:a7:9a:6f:66:65:0c:38:75:c2:53:2e:
3a:69:2e:b3:bc:49:30:3f:ac:cf:c1:65:56:a2:a6:
48:18:c4:e1:07:94:7f:d7:d2:7f:a8:95:dd:0c:6d:
1f:ab:c1:2d:91:f9:4d:94:60:96:39:67:33:f0:25:
90:19:02:04:b2:fc:cd:c0:95:ef:12:bb:2f:83:76:
b4:b3:81:8c:32:e1:02:30:74:a3:05:11:9a:d7:68:
62:fe:6e:cb:d4:ac:b7:82:ba:e2:1c:d9:e8:f9:87:
0a:b9:cb:15:a0:9d:15:20:74:0d:77:05:40:7e:94:
77:b2:ff:80:bf:59:c6:9a:d6:c6:f8:d0:aa:f0:80:
2f:57:b8:8d:4d:02:91:6e:73:40:a2:f9:b2:dc:0e:
1b:13:87:58:01:6b:b1:c4:cd:66:67:92:0a:4d:1f:
e1:5a:94:e5:f1:b6:68:d2:34:dc:0a:a3:94:84:c4:
c3:a6:b5:4b:6b:d4:2b:28:15:d1:28:59:88:1e:d1:
e8:3f:da:cb:b3:9c:41:2f:2b:3b:ce:f6:a1:61:3c:
7b:82:d8:41:de:c3:d8:c1:02:b1:e3:10:86:01:cf:
07:9d:a8:ad:71:39:f2:26:d3:12:b7:ca:33:ee:d1:
59:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:05:07:4C:A5:1E:A7:B7:DD:EB:53:97:3A:52:65:86:89:0F:3A:8E
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/CF53F65CF69C11EF98637F8A762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.219.205.0/24
Signature Algorithm: sha256WithRSAEncryption
9e:12:ec:26:ba:2a:59:cb:b5:42:94:84:e4:a1:67:08:77:64:
05:b8:5d:e0:15:4f:99:bc:f5:01:ad:6b:c7:c8:f5:a8:cf:0e:
e0:be:bb:bd:9e:41:24:a4:00:5d:05:13:dd:76:73:e1:b7:67:
56:cb:9a:9c:33:2f:9e:0b:3d:7c:0c:77:5b:b4:64:7c:40:6e:
e2:c9:67:bb:bc:d4:b0:2a:5a:cf:62:3e:4f:8e:af:d3:59:71:
29:ec:e6:7d:43:20:94:a4:07:f5:98:a9:23:8b:f3:4f:a6:4d:
c8:00:72:a1:25:8e:68:52:95:b6:79:6e:ce:37:fc:9f:a9:22:
9f:b3:d2:52:18:a4:56:cf:06:3c:3b:d7:22:27:db:9d:b7:7d:
5b:fd:06:b7:73:d7:09:66:5f:c8:43:a6:53:9b:1a:d2:d5:b9:
2f:e6:ad:11:d6:9b:16:ba:83:be:2e:16:59:c7:df:55:82:1c:
f9:a6:16:fd:5c:5b:f6:01:bb:31:ae:4e:66:97:b3:7f:27:ac:
5c:93:a1:8a:b1:58:77:56:61:94:c9:c3:64:ca:a9:08:e9:f8:
af:a8:59:9f:c3:33:a1:8a:15:6d:52:71:76:63:57:ae:1b:ca:
0d:01:51:28:a1:31:51:80:c1:ac:89:c1:d7:60:51:f7:a7:78:
c1:f2:17:30
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAW5gMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMzAxMTI1NzU5WhcNMjUwMzMxMTI1NzU5WjAYMRYw
FAYDVQQDEw02N2MzMDQ1YS1jZjdlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA6YMFIMvWyT22Ea81O4wKIHfXp5pvZmUMOHXCUy46aS6zvEkwP6zPwWVW
oqZIGMThB5R/19J/qJXdDG0fq8EtkflNlGCWOWcz8CWQGQIEsvzNwJXvErsvg3a0
s4GMMuECMHSjBRGa12hi/m7L1Ky3grriHNno+YcKucsVoJ0VIHQNdwVAfpR3sv+A
v1nGmtbG+NCq8IAvV7iNTQKRbnNAovmy3A4bE4dYAWuxxM1mZ5IKTR/hWpTl8bZo
0jTcCqOUhMTDprVLa9QrKBXRKFmIHtHoP9rLs5xBLys7zvahYTx7gthB3sPYwQKx
4xCGAc8HnaitcTnyJtMSt8oz7tFZgQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFP4F
B0ylHqe33etTlzpSZYaJDzqOMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9DRjUzRjY1Q0Y2OUMxMUVGOTg2MzdGOEE3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmtvNMA0GCSqGSIb3DQEB
CwUAA4IBAQCeEuwmuipZy7VClITkoWcId2QFuF3gFU+ZvPUBrWvHyPWozw7gvru9
nkEkpABdBRPddnPht2dWy5qcMy+eCz18DHdbtGR8QG7iyWe7vNSwKlrPYj5Pjq/T
WXEp7OZ9QyCUpAf1mKkji/NPpk3IAHKhJY5oUpW2eW7ON/yfqSKfs9JSGKRWzwY8
O9ciJ9udt31b/Qa3c9cJZl/IQ6ZTmxrS1bkv5q0R1psWuoO+LhZZx99Vghz5phb9
XFv2Absxrk5ml7N/J6xck6GKsVh3VmGUycNkyqkI6fivqFmfwzOhihVtUnF2Y1eu
G8oNAVEooTFRgMGsicHXYFH3p3jB8hcw
-----END CERTIFICATE-----
Generated at Fri May 9 06:28:20 2025 by rpki-client