Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/4B08B4B8273511F0AD8B11CCDAE4EC9C.roa
File: 4B08B4B8273511F0AD8B11CCDAE4EC9C.roa (raw, json)
Hash identifier: pcODGpCsp+4i5+Hy+yvCAE6W7Dz4sy+Fueerxa6Us14=
Subject key identifier: CA:CD:38:CA:AD:D2:D4:FA:22:62:A2:58:17:65:45:64:BB:FF:F5:82
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 017E52
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/4B08B4B8273511F0AD8B11CCDAE4EC9C.roa
Signing time: Fri 02 May 2025 09:10:30 +0000
ROA not before: Fri 02 May 2025 09:10:24 +0000
ROA not after: Sun 11 May 2025 09:10:24 +0000
asID: 138678
IP address blocks: 154.196.1.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 97874 (0x17e52)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: May 2 09:10:24 2025 GMT
Not After : May 11 09:10:24 2025 GMT
Subject: CN=68148c06-00d1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:8d:74:c5:2a:a7:87:0e:ab:ba:e0:e8:20:48:
32:08:72:49:a8:b1:83:2d:1b:03:9a:7b:50:8f:0c:
0c:fe:45:72:1a:39:62:f7:36:0c:98:2d:f7:13:2d:
dd:25:8a:00:9c:09:4a:24:3b:6a:68:08:3d:26:d2:
00:7e:25:07:40:0f:38:13:ea:e0:5c:80:eb:e1:7a:
81:ee:58:04:fd:30:9e:63:a7:87:1a:85:bb:01:4c:
c4:1a:f4:44:a1:0a:32:66:e2:ce:93:24:4b:9d:56:
03:27:91:06:42:bd:06:12:68:f4:58:21:79:93:9a:
08:6f:e8:8b:37:68:c7:05:7e:e9:15:74:19:41:a1:
22:db:42:6b:f6:70:d8:3e:07:23:d7:ae:42:a7:62:
c6:e3:00:15:a2:a6:1d:76:06:60:96:0d:17:b0:b6:
70:1b:86:27:5e:35:d3:b5:b6:ac:d0:c5:7d:3e:25:
38:5e:c7:7b:f5:53:b7:11:4a:5b:61:05:aa:1e:a0:
4d:35:68:31:da:fb:46:90:2d:2d:6f:8f:24:fb:96:
6b:7e:03:17:f2:f9:a6:a9:2d:f0:23:95:49:33:6c:
d4:ff:f3:93:28:1f:f0:7f:ae:eb:dc:6c:9e:15:12:
ea:62:b8:af:26:1a:77:c9:ce:5c:b5:c4:96:72:5f:
03:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:CD:38:CA:AD:D2:D4:FA:22:62:A2:58:17:65:45:64:BB:FF:F5:82
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/4B08B4B8273511F0AD8B11CCDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.196.1.0/24
Signature Algorithm: sha256WithRSAEncryption
22:e6:ab:63:94:d8:b5:49:b4:a4:f2:55:7e:9c:0e:be:b3:26:
7b:e0:3b:34:0e:a4:38:d2:d7:5f:88:67:72:65:dd:45:a2:6a:
c9:9c:fa:91:8d:c0:3f:2b:02:54:0d:a2:ea:0f:7e:8a:2a:91:
a8:53:90:30:46:b5:a7:da:62:9f:23:47:4a:96:51:78:2b:f6:
25:13:8c:3d:a0:8a:66:fa:87:fa:06:d5:d7:e8:52:38:fd:fb:
0c:cd:81:30:47:40:20:43:fc:8c:96:52:8f:64:69:7f:85:76:
3c:b6:c6:b2:5b:a5:4f:47:55:f3:54:34:d5:0e:6c:54:65:49:
35:65:7a:a0:70:0d:c7:4d:9f:49:3b:0f:32:91:01:7c:94:5d:
f3:8c:19:5f:d7:86:03:a5:87:63:1c:83:ba:92:51:17:7a:46:
95:33:2b:06:86:03:b7:b1:c7:fc:f9:33:c9:f0:2c:14:e7:6c:
50:10:a9:d1:4c:a0:54:15:58:42:8c:ca:1b:fc:14:4c:c0:5c:
9d:7d:0b:21:71:f6:e0:f0:02:71:86:74:e0:b1:52:5f:b7:77:
1e:19:4a:4e:67:b1:57:0e:72:ef:6b:d6:03:00:94:ea:d2:7f:
b2:25:c0:4d:90:32:32:9b:bb:7a:d7:30:df:cf:d7:f9:34:c2:
3f:f2:64:d1
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAX5SMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNTAyMDkxMDI0WhcNMjUwNTExMDkxMDI0WjAYMRYw
FAYDVQQDEw02ODE0OGMwNi0wMGQxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAwY10xSqnhw6ruuDoIEgyCHJJqLGDLRsDmntQjwwM/kVyGjli9zYMmC33
Ey3dJYoAnAlKJDtqaAg9JtIAfiUHQA84E+rgXIDr4XqB7lgE/TCeY6eHGoW7AUzE
GvREoQoyZuLOkyRLnVYDJ5EGQr0GEmj0WCF5k5oIb+iLN2jHBX7pFXQZQaEi20Jr
9nDYPgcj165Cp2LG4wAVoqYddgZglg0XsLZwG4YnXjXTtbas0MV9PiU4Xsd79VO3
EUpbYQWqHqBNNWgx2vtGkC0tb48k+5ZrfgMX8vmmqS3wI5VJM2zU//OTKB/wf67r
3GyeFRLqYrivJhp3yc5ctcSWcl8DKwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFMrN
OMqt0tT6ImKiWBdlRWS7//WCMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC80QjA4QjRCODI3MzUxMUYwQUQ4QjExQ0NEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmsQBMA0GCSqGSIb3DQEB
CwUAA4IBAQAi5qtjlNi1SbSk8lV+nA6+syZ74Ds0DqQ40tdfiGdyZd1FomrJnPqR
jcA/KwJUDaLqD36KKpGoU5AwRrWn2mKfI0dKllF4K/YlE4w9oIpm+of6BtXX6FI4
/fsMzYEwR0AgQ/yMllKPZGl/hXY8tsayW6VPR1XzVDTVDmxUZUk1ZXqgcA3HTZ9J
Ow8ykQF8lF3zjBlf14YDpYdjHIO6klEXekaVMysGhgO3scf8+TPJ8CwU52xQEKnR
TKBUFVhCjMob/BRMwFydfQshcfbg8AJxhnTgsVJft3ceGUpOZ7FXDnLva9YDAJTq
0n+yJcBNkDIym7t61zDfz9f5NMI/8mTR
-----END CERTIFICATE-----
Generated at Wed May 14 15:55:17 2025 by rpki-client