Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/499FF378259811F09179BD80DAE4EC9C.roa
File: 499FF378259811F09179BD80DAE4EC9C.roa (raw, json)
Hash identifier: hZJZ/aSqBehnTL0eCvgg6HXqz6oowfpK9Y1+YpLyqzY=
Subject key identifier: D6:8A:15:B5:42:DD:1B:94:B1:12:62:A2:97:2E:A1:BA:7F:96:6B:C8
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 017D1E
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/499FF378259811F09179BD80DAE4EC9C.roa
Signing time: Wed 30 Apr 2025 07:54:05 +0000
ROA not before: Wed 30 Apr 2025 07:54:01 +0000
ROA not after: Fri 09 May 2025 07:54:01 +0000
asID: 9009
IP address blocks: 154.216.194.0/24 maxlen: 24
154.216.202.0/24 maxlen: 24
154.216.207.0/24 maxlen: 24
154.216.208.0/24 maxlen: 24
154.216.209.0/24 maxlen: 24
154.216.214.0/24 maxlen: 24
154.216.223.0/24 maxlen: 24
154.216.228.0/24 maxlen: 24
154.216.234.0/24 maxlen: 24
154.216.250.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 97566 (0x17d1e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Apr 30 07:54:01 2025 GMT
Not After : May 9 07:54:01 2025 GMT
Subject: CN=6811d71d-9a30
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:36:88:8a:4e:de:19:37:4a:87:55:b8:2f:70:
c7:90:26:9b:1c:61:01:00:fb:85:b5:95:21:d7:56:
35:cc:cb:b4:19:e1:73:85:b0:23:5c:7c:9c:26:39:
e7:ca:ff:a3:91:39:c2:ab:7a:70:28:5e:e3:4c:f1:
0a:4b:30:c0:cc:42:b5:8b:8d:73:de:b1:93:25:66:
7c:7d:ca:5b:dd:86:60:36:75:24:41:8b:5e:0c:5f:
00:29:d2:18:45:78:dc:8e:e2:c7:9c:91:a6:9f:59:
91:28:de:f8:fa:5d:90:99:52:89:5c:ca:4b:4a:45:
cd:8f:5d:34:ab:c2:75:6b:cf:59:14:1d:c6:e2:96:
63:6e:ca:6b:95:cc:3a:f7:5e:c7:5b:f3:5d:79:03:
45:b6:3d:64:a1:0f:0b:29:92:68:b2:0f:61:ac:08:
2a:10:f2:eb:09:7e:07:3d:df:16:f1:27:f6:cf:0b:
16:c1:ee:86:ea:1c:fa:6a:f4:be:71:b3:6f:ab:9d:
44:60:86:fd:29:71:57:5d:13:a4:32:88:59:fc:ea:
33:e1:08:5b:2b:cd:79:bc:f5:c5:2c:b4:f4:4f:04:
ef:af:6a:67:4e:c9:17:50:7e:e0:49:61:b4:ea:52:
64:d3:c0:af:af:1a:f1:87:f0:91:71:a2:ff:ee:4b:
27:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:8A:15:B5:42:DD:1B:94:B1:12:62:A2:97:2E:A1:BA:7F:96:6B:C8
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/499FF378259811F09179BD80DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.216.194.0/24
154.216.202.0/24
154.216.207.0-154.216.209.255
154.216.214.0/24
154.216.223.0/24
154.216.228.0/24
154.216.234.0/24
154.216.250.0/24
Signature Algorithm: sha256WithRSAEncryption
83:c7:4d:3e:1e:b3:09:24:24:92:b4:1f:01:38:d5:52:9d:75:
be:a2:7a:2b:92:7c:ec:90:86:85:2d:dc:c8:b0:35:91:40:e3:
09:ae:34:fa:13:64:47:5d:56:9b:6d:66:fe:11:10:b4:03:a6:
45:3b:06:22:da:76:fd:59:93:cb:00:4f:fc:75:ba:f6:93:00:
3f:8e:4d:08:86:57:88:6f:16:23:10:38:06:08:90:7e:f5:d9:
26:a1:ae:0a:f0:43:57:60:93:4b:5c:75:d6:13:f6:c4:d5:3c:
be:68:d7:fa:9c:da:a2:88:0c:c6:7d:12:29:24:b2:cd:05:d7:
77:f1:ad:6b:48:5f:e6:34:1b:1f:55:ab:40:43:a4:91:f1:a9:
4b:3b:06:48:9b:89:ff:d6:c7:e2:09:49:de:de:0f:27:75:d0:
54:cd:c4:7d:3f:18:e7:fd:a6:a3:6c:ea:59:02:ab:9d:46:25:
f9:26:c7:58:6b:93:4b:67:6d:94:24:73:f3:3d:56:f3:71:62:
0f:6e:15:99:bc:1f:63:21:34:ff:14:85:5e:5b:09:9e:ea:77:
5f:0c:ad:e7:b1:57:fb:45:79:cf:8b:0a:be:aa:ef:aa:bc:e0:
99:00:24:f1:07:6c:5f:dc:bc:36:42:11:f6:ab:1f:89:b4:a5:
cd:9e:6c:a3
-----BEGIN CERTIFICATE-----
MIIFtjCCBJ6gAwIBAgIDAX0eMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNDMwMDc1NDAxWhcNMjUwNTA5MDc1NDAxWjAYMRYw
FAYDVQQDEw02ODExZDcxZC05YTMwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA1TaIik7eGTdKh1W4L3DHkCabHGEBAPuFtZUh11Y1zMu0GeFzhbAjXHyc
Jjnnyv+jkTnCq3pwKF7jTPEKSzDAzEK1i41z3rGTJWZ8fcpb3YZgNnUkQYteDF8A
KdIYRXjcjuLHnJGmn1mRKN74+l2QmVKJXMpLSkXNj100q8J1a89ZFB3G4pZjbspr
lcw6917HW/NdeQNFtj1koQ8LKZJosg9hrAgqEPLrCX4HPd8W8Sf2zwsWwe6G6hz6
avS+cbNvq51EYIb9KXFXXROkMohZ/Ooz4QhbK815vPXFLLT0TwTvr2pnTskXUH7g
SWG06lJk08Cvrxrxh/CRcaL/7ksnRwIDAQABo4IC1zCCAtMwHQYDVR0OBBYEFNaK
FbVC3RuUsRJiopcuobp/lmvIMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC80OTlGRjM3ODI1OTgxMUYwOTE3OUJEODBEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMFEGCCsGAQUFBwEHAQH/BEIwQDA+BAIAATA4AwQAmtjCAwQAmtjKMAwDBACa
2M8DBAGa2NADBACa2NYDBACa2N8DBACa2OQDBACa2OoDBACa2PowDQYJKoZIhvcN
AQELBQADggEBAIPHTT4eswkkJJK0HwE41VKddb6ieiuSfOyQhoUt3MiwNZFA4wmu
NPoTZEddVpttZv4RELQDpkU7BiLadv1Zk8sAT/x1uvaTAD+OTQiGV4hvFiMQOAYI
kH712SahrgrwQ1dgk0tcddYT9sTVPL5o1/qc2qKIDMZ9Eikkss0F13fxrWtIX+Y0
Gx9Vq0BDpJHxqUs7Bkibif/Wx+IJSd7eDyd10FTNxH0/GOf9pqNs6lkCq51GJfkm
x1hrk0tnbZQkc/M9VvNxYg9uFZm8H2MhNP8UhV5bCZ7qd18MreexV/tFec+LCr6q
76q84JkAJPEHbF/cvDZCEfarH4m0pc2ebKM=
-----END CERTIFICATE-----
Generated at Mon May 12 19:14:10 2025 by rpki-client