Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D633AF5CF2CE11EFBEFD3165762E951A.roa
File: D633AF5CF2CE11EFBEFD3165762E951A.roa (raw, json)
Hash identifier: nCIWGQtUt0iPQ0NNlXkEtx01ZB3+zTZMqUsunH19cDI=
Subject key identifier: 8C:66:52:34:01:C0:BC:6F:A4:49:0B:0D:8E:88:FF:31:8B:9D:D0:7D
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 015C7E
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D633AF5CF2CE11EFBEFD3165762E951A.roa
Signing time: Mon 24 Feb 2025 16:46:04 +0000
ROA not before: Mon 24 Feb 2025 16:46:01 +0000
ROA not after: Sat 29 Mar 2025 16:46:01 +0000
asID: 203020
IP address blocks: 154.223.186.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 89214 (0x15c7e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Feb 24 16:46:01 2025 GMT
Not After : Mar 29 16:46:01 2025 GMT
Subject: CN=67bca24c-e539
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:2c:b0:8b:ad:2b:a2:62:f8:bd:86:bc:9c:87:
9f:ec:7b:7b:48:18:ff:32:ca:60:34:5f:33:90:9e:
29:55:12:24:24:a8:26:d5:86:8c:5f:61:78:91:cc:
ab:52:73:9d:54:dd:65:81:0e:ab:96:77:1f:4c:e7:
fc:58:a0:e9:d5:8e:3a:1e:85:a4:3d:b4:bd:80:20:
80:8b:b5:b9:4e:8b:95:9b:23:0c:64:3b:26:70:65:
f0:52:01:94:bd:ce:54:2f:ec:51:66:5b:4b:b8:0d:
07:85:8a:2f:00:ff:1f:59:53:fe:1b:08:c8:5f:20:
bc:50:8a:31:44:27:e6:e5:d8:0d:e8:8e:bc:1f:c4:
94:4f:48:58:ac:3d:d8:72:ad:c9:6f:8e:35:10:66:
9d:e6:36:0d:a9:35:08:6d:f1:80:5b:02:cd:5a:12:
27:8a:c8:53:26:55:1c:89:64:5e:c8:b2:36:33:84:
40:78:ea:1a:27:7b:fb:8e:af:4f:ee:86:33:5d:7f:
68:d8:ad:b1:da:03:27:15:36:d5:62:dc:2b:12:53:
54:27:6e:19:ce:0f:80:d5:1f:b9:a9:7f:37:3b:bf:
c1:39:1d:57:77:20:68:ae:76:89:6e:ea:61:4f:07:
46:16:9a:ee:a3:49:53:92:f8:3e:f9:c8:a7:96:c2:
a4:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:66:52:34:01:C0:BC:6F:A4:49:0B:0D:8E:88:FF:31:8B:9D:D0:7D
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D633AF5CF2CE11EFBEFD3165762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.223.186.0/24
Signature Algorithm: sha256WithRSAEncryption
c3:a5:9b:d9:56:d4:a0:ba:a6:91:bf:6f:72:4d:2a:88:3c:1c:
fb:4d:cb:9b:51:2d:05:a0:9e:cf:bb:b0:47:a2:3f:fe:86:7d:
d0:29:f0:46:f2:1b:cd:0b:11:1b:f2:9a:7b:17:d5:0d:8b:70:
11:98:02:c3:23:02:81:6c:7a:96:b2:8c:d6:2d:ce:80:dc:7c:
74:56:16:a6:4d:39:7e:55:fb:7a:f3:ac:6c:30:ae:7b:2f:85:
9b:e9:0f:16:c9:69:42:5f:0f:85:07:eb:7d:1d:06:8b:21:dc:
e7:30:96:66:ce:3e:63:73:15:af:94:ad:97:69:d9:b4:8f:e4:
a7:1b:57:75:ff:1a:f2:1b:71:fb:44:19:f8:b7:5c:30:6f:39:
dc:a3:0b:f3:f2:26:72:60:66:ac:b3:d2:ad:0f:54:d3:71:cb:
bf:99:db:24:b0:4b:16:ca:0f:3a:32:a4:0c:31:d9:9a:82:ab:
36:88:14:cc:e7:01:b5:a5:1b:00:40:0c:82:0f:ce:5b:f1:3a:
2d:b5:8d:e6:99:47:36:db:ab:b3:2b:65:c3:dd:ab:9c:9e:f2:
28:20:98:bd:3e:7a:c1:dd:96:49:48:b0:7d:3e:36:c9:ad:08:
8c:f6:34:fc:95:e7:50:70:6c:53:d3:40:a9:4e:c4:14:56:16:
8c:ee:30:9f
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAVx+MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMjI0MTY0NjAxWhcNMjUwMzI5MTY0NjAxWjAYMRYw
FAYDVQQDEw02N2JjYTI0Yy1lNTM5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA1iywi60romL4vYa8nIef7Ht7SBj/MspgNF8zkJ4pVRIkJKgm1YaMX2F4
kcyrUnOdVN1lgQ6rlncfTOf8WKDp1Y46HoWkPbS9gCCAi7W5TouVmyMMZDsmcGXw
UgGUvc5UL+xRZltLuA0HhYovAP8fWVP+GwjIXyC8UIoxRCfm5dgN6I68H8SUT0hY
rD3Ycq3Jb441EGad5jYNqTUIbfGAWwLNWhInishTJlUciWReyLI2M4RAeOoaJ3v7
jq9P7oYzXX9o2K2x2gMnFTbVYtwrElNUJ24Zzg+A1R+5qX83O7/BOR1XdyBornaJ
buphTwdGFpruo0lTkvg++cinlsKkYwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFIxm
UjQBwLxvpEkLDY6I/zGLndB9MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9ENjMzQUY1Q0YyQ0UxMUVGQkVGRDMxNjU3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmt+6MA0GCSqGSIb3DQEB
CwUAA4IBAQDDpZvZVtSguqaRv29yTSqIPBz7TcubUS0FoJ7Pu7BHoj/+hn3QKfBG
8hvNCxEb8pp7F9UNi3ARmALDIwKBbHqWsozWLc6A3Hx0VhamTTl+Vft686xsMK57
L4Wb6Q8WyWlCXw+FB+t9HQaLIdznMJZmzj5jcxWvlK2Xadm0j+SnG1d1/xryG3H7
RBn4t1wwbzncowvz8iZyYGass9KtD1TTccu/mdsksEsWyg86MqQMMdmagqs2iBTM
5wG1pRsAQAyCD85b8TottY3mmUc226uzK2XD3aucnvIoIJi9PnrB3ZZJSLB9PjbJ
rQiM9jT8ledQcGxT00CpTsQUVhaM7jCf
-----END CERTIFICATE-----
Generated at Sat Apr 12 05:01:46 2025 by rpki-client