Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/ED1FE6E2F67811EF8455C994762E951A.roa
File: ED1FE6E2F67811EF8455C994762E951A.roa (raw, json)
Hash identifier: 5mtxU7sPErdkfgHOv7PjZWdFYHGV/+9XaYeBZi7Cn/k=
Subject key identifier: CF:33:33:57:68:3B:6B:1A:9E:05:F7:F3:64:3B:AA:98:A5:7F:3A:1F
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 016D67
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/ED1FE6E2F67811EF8455C994762E951A.roa
Signing time: Sat 01 Mar 2025 08:41:11 +0000
ROA not before: Sat 01 Mar 2025 08:41:07 +0000
ROA not after: Mon 31 Mar 2025 08:41:07 +0000
asID: 202656
IP address blocks: 154.219.253.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 93543 (0x16d67)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Mar 1 08:41:07 2025 GMT
Not After : Mar 31 08:41:07 2025 GMT
Subject: CN=67c2c827-47b4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:bf:f1:12:a4:6d:e3:e7:b3:dc:94:5d:f2:2f:
47:6d:a6:a6:20:3f:69:98:2d:f0:32:01:80:36:9d:
07:0c:91:f1:fa:6d:8c:63:33:b5:81:be:08:af:fc:
9e:d7:75:0b:4b:8e:c7:dc:6e:0f:da:d1:c6:2d:fa:
d8:58:8c:af:01:a3:24:b2:bd:9a:c0:42:04:08:30:
80:c7:82:6f:d5:69:ce:db:90:d4:8d:0c:dd:d4:f8:
26:5a:e9:21:2f:0f:bd:d2:bf:ed:52:b3:20:83:90:
2f:00:be:8f:fb:ec:03:54:97:cb:3d:b4:55:2b:5e:
7c:db:5d:7a:1e:40:5a:c1:c4:2b:d0:03:66:53:b8:
5b:e7:2a:99:f6:52:64:d6:7e:ab:34:e4:b8:bf:78:
ad:f4:99:12:c6:e9:37:9b:9e:0d:c1:74:49:c2:e2:
80:c4:16:8b:81:9c:07:38:ea:ec:67:72:8f:c7:d4:
38:96:80:9b:7e:57:64:cf:cf:73:4f:5f:58:8e:b5:
ae:84:ac:4f:2a:8b:be:dd:58:66:33:bd:15:29:a6:
4e:85:85:77:9e:8c:d2:af:32:32:4c:57:eb:4e:bd:
cb:af:6f:d1:af:98:0a:32:da:d7:65:05:9c:5a:a7:
bf:60:d9:d2:c2:67:c0:37:ed:2d:4d:c5:4e:1f:fa:
6e:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:33:33:57:68:3B:6B:1A:9E:05:F7:F3:64:3B:AA:98:A5:7F:3A:1F
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/ED1FE6E2F67811EF8455C994762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.219.253.0/24
Signature Algorithm: sha256WithRSAEncryption
80:20:f2:08:dd:c5:a1:73:65:8b:45:dc:c5:14:71:63:81:8b:
96:9c:19:ce:2c:d9:83:a5:26:b3:e5:40:a7:50:e8:39:47:93:
87:72:f8:37:3f:a0:2f:c1:1d:ba:99:26:05:79:df:44:94:0c:
0f:a2:c3:99:96:b7:19:22:49:fd:7a:50:e3:2b:fb:3a:16:a1:
31:f7:50:3b:5f:fc:0a:46:64:ac:44:58:6a:1b:5f:ba:90:f7:
c2:70:11:1d:0b:2a:8f:d9:f2:13:fe:2e:1e:ca:1e:ae:0c:9c:
30:54:89:c4:b6:1b:2c:fe:87:89:c7:7d:a8:62:97:73:5d:96:
22:94:3f:63:78:c9:d4:bc:59:0b:a3:c5:56:2d:57:dd:0b:b0:
78:a9:e7:5c:36:6b:73:e1:f6:3f:a5:b3:4f:47:bf:ba:82:9d:
88:52:d8:8e:78:15:8f:9d:9c:a5:e3:43:b5:51:94:55:41:69:
12:f2:ab:37:21:a2:50:81:52:8e:fc:40:30:1d:e9:df:82:2f:
d9:8d:da:26:07:71:35:4f:26:94:00:ea:a0:6b:74:98:63:2b:
94:d6:75:a3:b3:4e:0b:5f:28:27:fa:6d:fa:27:df:96:e9:97:
8a:2e:bf:1b:01:90:09:52:4f:88:76:a4:3d:a2:ba:1a:c3:21:
b8:11:cf:bb
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAW1nMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMzAxMDg0MTA3WhcNMjUwMzMxMDg0MTA3WjAYMRYw
FAYDVQQDEw02N2MyYzgyNy00N2I0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAtr/xEqRt4+ez3JRd8i9HbaamID9pmC3wMgGANp0HDJHx+m2MYzO1gb4I
r/ye13ULS47H3G4P2tHGLfrYWIyvAaMksr2awEIECDCAx4Jv1WnO25DUjQzd1Pgm
WukhLw+90r/tUrMgg5AvAL6P++wDVJfLPbRVK1582116HkBawcQr0ANmU7hb5yqZ
9lJk1n6rNOS4v3it9JkSxuk3m54NwXRJwuKAxBaLgZwHOOrsZ3KPx9Q4loCbfldk
z89zT19YjrWuhKxPKou+3VhmM70VKaZOhYV3nozSrzIyTFfrTr3Lr2/Rr5gKMtrX
ZQWcWqe/YNnSwmfAN+0tTcVOH/puFwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFM8z
M1doO2sangX382Q7qpilfzofMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9FRDFGRTZFMkY2NzgxMUVGODQ1NUM5OTQ3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmtv9MA0GCSqGSIb3DQEB
CwUAA4IBAQCAIPII3cWhc2WLRdzFFHFjgYuWnBnOLNmDpSaz5UCnUOg5R5OHcvg3
P6AvwR26mSYFed9ElAwPosOZlrcZIkn9elDjK/s6FqEx91A7X/wKRmSsRFhqG1+6
kPfCcBEdCyqP2fIT/i4eyh6uDJwwVInEthss/oeJx32oYpdzXZYilD9jeMnUvFkL
o8VWLVfdC7B4qedcNmtz4fY/pbNPR7+6gp2IUtiOeBWPnZyl40O1UZRVQWkS8qs3
IaJQgVKO/EAwHenfgi/ZjdomB3E1TyaUAOqga3SYYyuU1nWjs04LXygn+m36J9+W
6ZeKLr8bAZAJUk+IdqQ9oroawyG4Ec+7
-----END CERTIFICATE-----
Generated at Fri May 9 06:15:07 2025 by rpki-client