Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D1765218DA5411EF8A5DC374762E951A.roa
File: D1765218DA5411EF8A5DC374762E951A.roa (raw, json)
Hash identifier: AS3TxOUL8GsmOZK2oz/UzTO/qeD3cMBqkxa4IVMIjss=
Subject key identifier: AA:47:54:79:53:33:D8:99:F2:60:D1:CE:21:02:0B:B1:9C:5E:E8:3C
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01474B
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D1765218DA5411EF8A5DC374762E951A.roa
Signing time: Fri 24 Jan 2025 13:12:10 +0000
ROA not before: Fri 24 Jan 2025 13:12:06 +0000
ROA not after: Sat 01 Mar 2025 13:12:06 +0000
asID: 49505
IP address blocks: 154.223.198.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 83787 (0x1474b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Jan 24 13:12:06 2025 GMT
Not After : Mar 1 13:12:06 2025 GMT
Subject: CN=679391aa-bf36
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:91:10:54:ba:d5:d1:b2:96:5a:8c:83:07:37:
34:95:57:15:54:87:48:39:ba:4f:32:1e:83:34:82:
f4:52:90:ff:48:44:f9:ee:03:41:8d:5b:a3:85:3e:
3f:dd:c2:7a:ea:2b:23:38:5f:a2:ec:ef:29:05:ad:
6f:f2:0a:3d:1e:35:93:08:7f:16:6b:fd:f0:3a:53:
e3:33:21:48:6b:62:e3:51:23:fa:af:4a:8a:a1:59:
91:cc:bd:ff:d5:8f:73:d1:bc:68:ee:4b:2a:56:e3:
e7:7d:fa:72:d8:56:88:56:dc:0a:0c:a2:6a:c0:b9:
7d:4b:5a:17:ec:e9:f3:c2:ca:70:8a:26:a1:5e:9f:
38:41:86:b4:4d:77:a9:8a:3d:72:2e:9c:53:44:76:
74:ed:66:f8:cb:93:50:f1:f8:a9:82:fb:25:20:58:
08:7f:63:f1:62:4f:31:83:93:e5:f0:92:3d:cb:93:
e9:55:00:f4:26:e9:7f:76:69:0e:86:a9:9c:54:ba:
a7:21:bd:ce:8b:a8:a4:32:ab:24:56:c0:f4:ec:23:
f3:cf:cb:f5:3d:18:93:05:42:bd:61:78:1a:3e:24:
eb:6f:da:eb:a3:69:f0:7e:9a:69:17:a5:e7:12:64:
a7:ab:d7:ed:d2:cc:88:63:11:e1:7f:b6:1c:ec:d3:
d7:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:47:54:79:53:33:D8:99:F2:60:D1:CE:21:02:0B:B1:9C:5E:E8:3C
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D1765218DA5411EF8A5DC374762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.223.198.0/24
Signature Algorithm: sha256WithRSAEncryption
03:a4:82:f8:b8:7a:a6:8f:3f:20:1a:d9:a3:2d:3f:38:c7:41:
0a:4a:5c:e3:cb:b2:29:c9:ee:4f:22:7c:e6:fb:a8:9e:99:e1:
99:96:44:93:c1:d5:dd:d1:56:9a:77:99:b6:24:e9:23:c8:2e:
5d:7f:ac:9d:19:92:6c:00:55:6b:fa:c9:92:5b:56:34:75:3a:
ab:c7:1c:cc:d7:38:bf:11:94:ea:52:07:a6:06:43:22:ff:73:
f9:4b:51:0c:95:67:7e:1b:60:5c:98:bc:76:4f:04:65:52:56:
3a:06:20:29:3b:d0:fd:0b:81:65:20:f9:34:a1:8d:9c:2e:fc:
3c:0b:4e:27:b2:5b:ff:1f:a6:d8:77:4f:50:c2:8b:db:c6:3e:
91:4b:44:f4:46:7d:86:80:cd:34:13:eb:f5:92:da:a4:ef:82:
20:da:fc:e5:78:82:3c:85:f2:0e:e7:92:ce:48:52:2e:e7:fb:
d4:c5:85:7b:44:18:8d:c9:be:16:e2:d2:f6:4d:8a:76:a7:a9:
8c:5e:99:81:ce:a1:dd:dc:38:de:38:75:1b:14:80:31:23:28:
45:dd:88:a3:0d:22:2f:55:af:72:cf:2a:33:71:cd:d4:86:60:
ab:82:f5:f3:06:ce:0a:35:81:88:8d:3a:a5:ec:b0:aa:58:55:
7b:54:5a:83
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAUdLMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTI0MTMxMjA2WhcNMjUwMzAxMTMxMjA2WjAYMRYw
FAYDVQQDEw02NzkzOTFhYS1iZjM2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAwpEQVLrV0bKWWoyDBzc0lVcVVIdIObpPMh6DNIL0UpD/SET57gNBjVuj
hT4/3cJ66isjOF+i7O8pBa1v8go9HjWTCH8Wa/3wOlPjMyFIa2LjUSP6r0qKoVmR
zL3/1Y9z0bxo7ksqVuPnffpy2FaIVtwKDKJqwLl9S1oX7OnzwspwiiahXp84QYa0
TXepij1yLpxTRHZ07Wb4y5NQ8fipgvslIFgIf2PxYk8xg5Pl8JI9y5PpVQD0Jul/
dmkOhqmcVLqnIb3Oi6ikMqskVsD07CPzz8v1PRiTBUK9YXgaPiTrb9rro2nwfppp
F6XnEmSnq9ft0syIYxHhf7Yc7NPX9wIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFKpH
VHlTM9iZ8mDRziECC7GcXug8MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9EMTc2NTIxOERBNTQxMUVGOEE1REMzNzQ3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmt/GMA0GCSqGSIb3DQEB
CwUAA4IBAQADpIL4uHqmjz8gGtmjLT84x0EKSlzjy7Ipye5PInzm+6iemeGZlkST
wdXd0Vaad5m2JOkjyC5df6ydGZJsAFVr+smSW1Y0dTqrxxzM1zi/EZTqUgemBkMi
/3P5S1EMlWd+G2BcmLx2TwRlUlY6BiApO9D9C4FlIPk0oY2cLvw8C04nslv/H6bY
d09Qwovbxj6RS0T0Rn2GgM00E+v1ktqk74Ig2vzleII8hfIO55LOSFIu5/vUxYV7
RBiNyb4W4tL2TYp2p6mMXpmBzqHd3DjeOHUbFIAxIyhF3YijDSIvVa9yzyozcc3U
hmCrgvXzBs4KNYGIjTql7LCqWFV7VFqD
-----END CERTIFICATE-----
Generated at Thu Mar 13 17:53:07 2025 by rpki-client