Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/449EDEFC266011F0A3A5E5BDDAE4EC9C.roa
File: 449EDEFC266011F0A3A5E5BDDAE4EC9C.roa (raw, json)
Hash identifier: Bp821V2V/CSghTgmpELaLAq4BJhQkizYXFNDG/yKvmI=
Subject key identifier: 6D:43:B6:7C:9B:EB:E6:98:4E:02:7E:8A:63:70:BE:04:F1:7F:74:0F
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 017DDC
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/449EDEFC266011F0A3A5E5BDDAE4EC9C.roa
Signing time: Thu 01 May 2025 07:45:36 +0000
ROA not before: Thu 01 May 2025 07:45:32 +0000
ROA not after: Sat 10 May 2025 07:45:32 +0000
asID: 63888
IP address blocks: 154.207.226.0/23 maxlen: 24
154.207.252.0/23 maxlen: 24
154.209.65.0/24 maxlen: 24
154.209.70.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 97756 (0x17ddc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: May 1 07:45:32 2025 GMT
Not After : May 10 07:45:32 2025 GMT
Subject: CN=681326a0-24ba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:6a:8b:8a:8b:26:2e:c0:88:64:56:c3:1e:ac:
03:68:06:e7:76:86:a4:9c:29:7f:90:53:bb:d3:41:
38:58:8f:2b:00:ac:8c:1d:8b:7f:b3:60:bf:8a:26:
c6:d0:00:56:42:e8:0a:2d:94:d7:eb:06:20:12:98:
f3:c2:16:bb:7a:dd:b2:26:6d:a4:1b:b9:29:4f:9c:
0f:cd:75:4d:cb:81:41:31:a3:1f:4f:46:e5:ee:c7:
d6:cc:99:75:91:3c:d1:23:98:2a:58:13:98:c2:dc:
00:cd:f7:a6:7a:49:7b:30:1b:c2:15:88:98:f8:1a:
a2:eb:8b:9a:33:03:12:f8:ea:f3:61:3d:65:d5:44:
70:53:30:ae:ad:a6:8d:fb:db:ed:1a:0e:cc:68:2f:
ff:d7:6c:47:35:ee:21:bc:ac:f2:07:be:43:04:cf:
dd:80:b7:df:5e:8b:da:42:d8:9f:3d:81:be:5e:f8:
2e:15:09:c4:ed:2c:72:a1:71:f4:e3:d7:2d:df:40:
7f:ef:e3:f1:f4:86:a3:2d:9d:53:fc:b0:37:9d:e1:
dd:20:ac:2c:b7:8c:84:47:77:87:06:d6:c3:d6:b6:
f8:fc:46:c9:c5:49:48:da:1a:eb:97:85:6e:02:d6:
b5:ca:e1:5a:6f:30:fd:5c:4e:df:43:23:21:59:fd:
57:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:43:B6:7C:9B:EB:E6:98:4E:02:7E:8A:63:70:BE:04:F1:7F:74:0F
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/449EDEFC266011F0A3A5E5BDDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.207.226.0/23
154.207.252.0/23
154.209.65.0/24
154.209.70.0/24
Signature Algorithm: sha256WithRSAEncryption
8a:fc:08:d3:5e:31:03:5d:ac:b5:2e:a5:b2:52:3e:df:77:d1:
c7:82:86:bd:ff:ea:0c:b6:30:35:0b:73:57:4c:14:ac:2b:99:
92:88:cb:c3:73:6a:60:ec:1d:f0:28:2d:bf:d3:25:47:2f:9e:
c0:21:de:18:0c:c3:dd:20:24:46:a6:4c:9f:77:bc:02:3f:fb:
ef:62:67:c7:79:7d:5a:c9:e8:d0:9d:6a:74:68:c4:88:5e:eb:
5a:46:e3:59:e0:82:e0:e6:90:aa:c9:22:00:4d:65:f9:78:e2:
59:d9:b5:8a:6c:86:42:d0:c1:6f:f5:a7:b7:fe:54:4e:b8:68:
11:cc:53:9d:19:4e:2e:6e:2a:95:f6:5f:38:a9:32:f5:9c:68:
f0:44:03:fb:a0:03:a9:48:7d:2d:b0:63:89:dd:02:36:27:57:
94:31:12:55:08:c9:e3:ab:d9:06:df:47:8c:3e:e9:97:dc:d0:
28:01:ad:70:89:5f:0f:5f:43:76:d7:88:fb:f2:a5:28:38:1e:
52:db:a6:50:4e:62:eb:64:d3:a2:b6:a1:75:7d:73:73:5c:a4:
56:ef:34:ab:4a:ff:87:a7:f5:d8:17:de:bf:ba:fe:76:2f:e0:
64:69:27:f2:de:17:d4:c8:0e:88:71:3c:e4:91:58:a6:34:f0:
2d:3b:8c:d2
-----BEGIN CERTIFICATE-----
MIIFljCCBH6gAwIBAgIDAX3cMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNTAxMDc0NTMyWhcNMjUwNTEwMDc0NTMyWjAYMRYw
FAYDVQQDEw02ODEzMjZhMC0yNGJhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAvGqLiosmLsCIZFbDHqwDaAbndoaknCl/kFO700E4WI8rAKyMHYt/s2C/
iibG0ABWQugKLZTX6wYgEpjzwha7et2yJm2kG7kpT5wPzXVNy4FBMaMfT0bl7sfW
zJl1kTzRI5gqWBOYwtwAzfemekl7MBvCFYiY+Bqi64uaMwMS+OrzYT1l1URwUzCu
raaN+9vtGg7MaC//12xHNe4hvKzyB75DBM/dgLffXovaQtifPYG+XvguFQnE7Sxy
oXH049ct30B/7+Px9IajLZ1T/LA3neHdIKwst4yER3eHBtbD1rb4/EbJxUlI2hrr
l4VuAta1yuFabzD9XE7fQyMhWf1XQwIDAQABo4ICtzCCArMwHQYDVR0OBBYEFG1D
tnyb6+aYTgJ+imNwvgTxf3QPMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC80NDlFREVGQzI2NjAxMUYwQTNBNUU1QkREQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQBms/iAwQBms/8AwQAmtFB
AwQAmtFGMA0GCSqGSIb3DQEBCwUAA4IBAQCK/AjTXjEDXay1LqWyUj7fd9HHgoa9
/+oMtjA1C3NXTBSsK5mSiMvDc2pg7B3wKC2/0yVHL57AId4YDMPdICRGpkyfd7wC
P/vvYmfHeX1ayejQnWp0aMSIXutaRuNZ4ILg5pCqySIATWX5eOJZ2bWKbIZC0MFv
9ae3/lROuGgRzFOdGU4ubiqV9l84qTL1nGjwRAP7oAOpSH0tsGOJ3QI2J1eUMRJV
CMnjq9kG30eMPumX3NAoAa1wiV8PX0N214j78qUoOB5S26ZQTmLrZNOitqF1fXNz
XKRW7zSrSv+Hp/XYF96/uv52L+BkaSfy3hfUyA6IcTzkkVimNPAtO4zS
-----END CERTIFICATE-----
Generated at Sun May 11 03:20:37 2025 by rpki-client