Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/F75450BCDA5D11EFB129FBB2762E951A.roa
File: F75450BCDA5D11EFB129FBB2762E951A.roa (raw, json)
Hash identifier: +lLhD4E5my0iAXDvD+XlEuJHe1LWZQYRbVh7TDeP/G4=
Subject key identifier: DA:1B:83:41:55:F2:AC:71:9B:47:E8:03:9A:9A:D0:FA:EC:0F:3D:3C
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 014806
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/F75450BCDA5D11EFB129FBB2762E951A.roa
Signing time: Fri 24 Jan 2025 14:17:39 +0000
ROA not before: Fri 24 Jan 2025 14:17:35 +0000
ROA not after: Sat 01 Mar 2025 14:17:35 +0000
asID: 49505
IP address blocks: 154.223.198.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 83974 (0x14806)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Jan 24 14:17:35 2025 GMT
Not After : Mar 1 14:17:35 2025 GMT
Subject: CN=6793a103-b770
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:56:03:4a:79:da:4d:72:24:bf:b6:85:cd:89:
86:0f:c2:7c:f9:34:b8:29:ef:94:1a:19:c3:61:09:
a0:18:9c:66:48:c5:d7:2e:d2:3c:09:a8:af:4b:23:
16:01:92:a1:5b:40:14:d5:cf:d8:61:ec:29:e2:a5:
da:53:9d:78:e0:af:18:f9:8f:8a:2c:8e:44:77:f7:
55:16:9e:24:27:6b:ec:4c:6f:cb:ec:a9:a4:b4:89:
f4:09:9e:5b:36:d1:3d:64:00:56:30:2a:e6:41:85:
35:b9:1c:32:51:a1:51:d5:f2:f6:63:76:ac:b7:30:
9f:b6:46:59:98:f4:08:a8:94:f8:af:f0:d3:c7:e7:
9c:38:a0:bf:9f:d9:4f:fb:87:60:57:51:88:1d:17:
f3:c5:a5:08:8e:ea:89:95:56:5d:80:16:d0:d1:82:
ff:fa:85:4a:f6:62:40:a5:30:79:e3:40:9f:85:90:
9e:81:2f:89:07:e8:d2:34:17:10:47:20:10:a7:57:
74:94:fe:5d:55:88:64:d2:74:1f:ff:aa:c1:91:06:
08:e4:fb:44:de:23:2c:21:38:17:94:52:3e:d7:47:
41:fb:cd:e0:04:40:c2:6d:b9:9d:1c:3e:e5:ed:20:
14:d6:95:03:81:3c:3c:0f:4f:a3:6c:9d:08:9d:26:
22:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:1B:83:41:55:F2:AC:71:9B:47:E8:03:9A:9A:D0:FA:EC:0F:3D:3C
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/F75450BCDA5D11EFB129FBB2762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.223.198.0/24
Signature Algorithm: sha256WithRSAEncryption
58:1e:5f:80:2d:aa:c1:24:76:58:13:60:06:75:d4:6f:9d:40:
8d:16:35:48:a1:17:b4:2c:94:8a:82:dd:b3:4f:07:47:f8:95:
d0:a2:ac:92:52:e5:15:a5:91:50:db:01:a0:50:d8:b5:fc:c2:
bf:ba:c5:f7:53:01:14:13:08:ac:d7:0c:dd:8e:52:02:b9:b6:
43:a3:1b:3c:00:81:31:8d:6c:9b:4d:27:e6:79:2f:14:44:5a:
80:94:54:b9:be:df:65:cb:f3:bd:89:1f:9c:b4:86:f3:ed:73:
17:16:83:f7:2a:8e:bd:e8:a5:13:5b:93:59:26:fe:75:9d:ec:
e0:ce:20:c2:dd:52:5a:4a:dd:1d:7e:f5:b5:b7:44:a0:be:fe:
bf:0e:39:af:f3:ea:75:70:78:a3:f7:e2:f0:fe:ae:a7:27:75:
62:c3:c7:16:15:99:25:91:9d:28:3d:8c:f1:be:3f:0a:40:a5:
7a:7b:27:a3:f7:25:50:87:b8:f5:e2:42:2e:13:05:c6:a1:11:
17:96:6b:f6:1a:34:34:af:06:70:e1:99:18:35:88:74:cd:05:
ab:73:81:5d:d2:f3:0a:28:46:c2:18:0f:37:21:83:70:f3:82:
40:90:26:eb:51:a9:1b:07:25:7b:47:dd:ac:e9:78:55:11:a1:
4c:e3:51:f1
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAUgGMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTI0MTQxNzM1WhcNMjUwMzAxMTQxNzM1WjAYMRYw
FAYDVQQDEw02NzkzYTEwMy1iNzcwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA01YDSnnaTXIkv7aFzYmGD8J8+TS4Ke+UGhnDYQmgGJxmSMXXLtI8Caiv
SyMWAZKhW0AU1c/YYewp4qXaU5144K8Y+Y+KLI5Ed/dVFp4kJ2vsTG/L7KmktIn0
CZ5bNtE9ZABWMCrmQYU1uRwyUaFR1fL2Y3astzCftkZZmPQIqJT4r/DTx+ecOKC/
n9lP+4dgV1GIHRfzxaUIjuqJlVZdgBbQ0YL/+oVK9mJApTB540CfhZCegS+JB+jS
NBcQRyAQp1d0lP5dVYhk0nQf/6rBkQYI5PtE3iMsITgXlFI+10dB+83gBEDCbbmd
HD7l7SAU1pUDgTw8D0+jbJ0InSYibwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFNob
g0FV8qxxm0foA5qa0PrsDz08MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9GNzU0NTBCQ0RBNUQxMUVGQjEyOUZCQjI3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmt/GMA0GCSqGSIb3DQEB
CwUAA4IBAQBYHl+ALarBJHZYE2AGddRvnUCNFjVIoRe0LJSKgt2zTwdH+JXQoqyS
UuUVpZFQ2wGgUNi1/MK/usX3UwEUEwis1wzdjlICubZDoxs8AIExjWybTSfmeS8U
RFqAlFS5vt9ly/O9iR+ctIbz7XMXFoP3Ko696KUTW5NZJv51nezgziDC3VJaSt0d
fvW1t0Sgvv6/Djmv8+p1cHij9+Lw/q6nJ3Viw8cWFZklkZ0oPYzxvj8KQKV6eyej
9yVQh7j14kIuEwXGoREXlmv2GjQ0rwZw4ZkYNYh0zQWrc4Fd0vMKKEbCGA83IYNw
84JAkCbrUakbByV7R92s6XhVEaFM41Hx
-----END CERTIFICATE-----
Generated at Mon Mar 24 19:57:29 2025 by rpki-client