Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/DCEF14CAF7F711EFBA39D2BD762E951A.roa
File: DCEF14CAF7F711EFBA39D2BD762E951A.roa (raw, json)
Hash identifier: 7iNjL9CVXKkCxW+s0vA1wHwkrCBQBzSribKytpQk9vk=
Subject key identifier: 6D:FB:CD:B1:BE:05:61:70:A7:4B:01:EB:CD:B3:C5:F4:F5:89:12:0F
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 016F66
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/DCEF14CAF7F711EFBA39D2BD762E951A.roa
Signing time: Mon 03 Mar 2025 06:22:21 +0000
ROA not before: Mon 03 Mar 2025 06:22:16 +0000
ROA not after: Tue 01 Apr 2025 06:22:16 +0000
asID: 20473
IP address blocks: 154.196.165.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 94054 (0x16f66)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Mar 3 06:22:16 2025 GMT
Not After : Apr 1 06:22:16 2025 GMT
Subject: CN=67c54a9d-309f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:18:27:78:2d:24:cb:aa:a9:22:85:92:a9:3d:
02:0e:09:eb:d6:34:c0:37:bb:a5:a7:29:90:43:03:
7d:a7:e3:51:fc:4d:76:39:08:3c:81:8d:61:d5:bb:
89:32:2b:63:16:a6:fb:23:31:45:fa:1f:1d:a2:9d:
8a:cd:d2:01:63:62:40:73:80:5b:32:8f:e5:c9:a1:
a8:37:00:66:9a:a3:60:d0:43:ed:be:d0:e0:04:91:
be:47:e9:54:b0:51:1e:f8:dc:63:43:2a:da:33:d7:
f8:61:b9:83:a0:d0:56:21:d8:88:7a:81:16:dc:a5:
76:18:35:81:24:d9:17:38:46:d2:8a:04:b8:c9:49:
5f:1d:95:03:fc:33:2d:af:0d:66:02:36:c3:b1:8a:
2a:2b:5b:b8:39:bd:d7:1a:ad:ac:0b:3b:cc:3e:7d:
bd:be:e1:e5:fb:8e:6a:6b:5a:1b:f8:fa:1f:de:32:
5f:aa:f6:62:af:89:b2:59:d7:95:2b:5c:da:2c:1d:
3c:7c:a8:10:ab:01:62:03:85:ce:b9:8b:4d:db:ba:
cd:5e:9f:e3:b7:d3:fa:ff:cf:55:af:8c:a9:2c:ca:
36:32:91:b6:71:7b:f6:ee:b3:1f:ba:0b:ab:3b:42:
3c:47:a6:b4:06:75:6c:60:c0:e2:3f:84:f0:66:5b:
46:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:FB:CD:B1:BE:05:61:70:A7:4B:01:EB:CD:B3:C5:F4:F5:89:12:0F
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/DCEF14CAF7F711EFBA39D2BD762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.196.165.0/24
Signature Algorithm: sha256WithRSAEncryption
42:92:ad:42:5d:33:de:46:ae:35:e8:5c:75:54:0a:c9:2c:3b:
67:ae:27:76:0a:42:d5:ca:e7:a2:8c:37:90:bc:75:bd:02:57:
dd:2a:f4:fc:69:10:d8:76:db:f0:76:40:35:8e:68:95:df:b7:
4d:88:cd:21:45:47:36:40:7f:d5:8d:b4:ad:50:a3:05:23:f4:
a2:69:1f:09:98:b9:f5:f0:89:88:5e:c4:40:84:ca:30:e4:77:
52:ac:59:72:ea:53:b8:70:23:1c:24:62:10:b3:3f:72:ca:61:
2b:35:18:48:4c:52:11:f5:ad:9e:d7:f2:e7:a1:ca:5a:75:dd:
2f:2d:53:c3:df:ea:b7:2d:2f:a0:88:5d:39:fe:2c:81:6d:b7:
e3:64:3d:44:97:78:80:d9:b4:4f:e9:a1:45:5d:d9:44:79:c9:
9c:75:1d:2f:7e:97:fe:18:cc:12:f4:5c:af:b0:5e:a2:43:c8:
be:14:ee:65:33:12:74:85:a9:a2:29:9b:cd:d3:40:9e:60:65:
1c:76:aa:8b:32:73:fa:6f:7d:7c:0b:5f:1b:d0:79:7f:c7:71:
3c:17:50:16:11:f3:e0:d8:7d:e6:95:b1:3c:64:c1:32:c3:6a:
97:5c:a2:1d:5b:1c:f0:85:68:85:10:35:d9:d4:b4:cc:38:f8:
f2:b9:6a:2e
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAW9mMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMzAzMDYyMjE2WhcNMjUwNDAxMDYyMjE2WjAYMRYw
FAYDVQQDEw02N2M1NGE5ZC0zMDlmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA7BgneC0ky6qpIoWSqT0CDgnr1jTAN7ulpymQQwN9p+NR/E12OQg8gY1h
1buJMitjFqb7IzFF+h8dop2KzdIBY2JAc4BbMo/lyaGoNwBmmqNg0EPtvtDgBJG+
R+lUsFEe+NxjQyraM9f4YbmDoNBWIdiIeoEW3KV2GDWBJNkXOEbSigS4yUlfHZUD
/DMtrw1mAjbDsYoqK1u4Ob3XGq2sCzvMPn29vuHl+45qa1ob+Pof3jJfqvZir4my
WdeVK1zaLB08fKgQqwFiA4XOuYtN27rNXp/jt9P6/89Vr4ypLMo2MpG2cXv27rMf
ugurO0I8R6a0BnVsYMDiP4TwZltGNQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFG37
zbG+BWFwp0sB682zxfT1iRIPMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9EQ0VGMTRDQUY3RjcxMUVGQkEzOUQyQkQ3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmsSlMA0GCSqGSIb3DQEB
CwUAA4IBAQBCkq1CXTPeRq416Fx1VArJLDtnrid2CkLVyueijDeQvHW9AlfdKvT8
aRDYdtvwdkA1jmiV37dNiM0hRUc2QH/VjbStUKMFI/SiaR8JmLn18ImIXsRAhMow
5HdSrFly6lO4cCMcJGIQsz9yymErNRhITFIR9a2e1/Lnocpadd0vLVPD3+q3LS+g
iF05/iyBbbfjZD1El3iA2bRP6aFFXdlEecmcdR0vfpf+GMwS9FyvsF6iQ8i+FO5l
MxJ0hamiKZvN00CeYGUcdqqLMnP6b318C18b0Hl/x3E8F1AWEfPg2H3mlbE8ZMEy
w2qXXKIdWxzwhWiFEDXZ1LTMOPjyuWou
-----END CERTIFICATE-----
Generated at Fri May 9 11:27:31 2025 by rpki-client