Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/027B2A7EF4E911EFA49EDF60762E951A.roa
File: 027B2A7EF4E911EFA49EDF60762E951A.roa (raw, json)
Hash identifier: OAFWv2zEhMNbWe15ykpVub8UJSBHGkabTd4v8OJTOX0=
Subject key identifier: EC:0F:A7:88:F8:BD:54:6D:C7:22:44:EA:14:74:58:1A:97:FA:68:2A
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 016709
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/027B2A7EF4E911EFA49EDF60762E951A.roa
Signing time: Thu 27 Feb 2025 08:58:28 +0000
ROA not before: Thu 27 Feb 2025 08:58:24 +0000
ROA not after: Wed 26 Mar 2025 08:58:24 +0000
asID: 62240
IP address blocks: 154.195.19.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 91913 (0x16709)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Feb 27 08:58:24 2025 GMT
Not After : Mar 26 08:58:24 2025 GMT
Subject: CN=67c02934-80c1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:e9:6f:07:fd:d6:c4:7f:06:39:75:1c:5f:7c:
b8:b1:91:85:e0:88:5c:42:bd:aa:e7:04:4e:39:ed:
5f:e5:d5:bf:02:5e:75:3b:7e:dc:6e:82:ee:c8:ce:
a1:43:3e:56:29:6f:29:e7:1e:c8:65:af:0b:3e:0b:
61:65:19:0f:e2:4f:4e:54:11:a7:21:42:8a:51:4d:
58:d7:81:35:bb:da:bb:70:4c:a1:51:be:f2:0d:78:
90:d6:15:75:fc:39:44:b3:3f:cc:a8:01:ec:ab:97:
12:3a:3b:97:ad:df:c5:59:41:52:90:83:4e:1e:bf:
fe:3c:97:ef:e6:2d:b4:f8:d0:b9:79:68:e6:81:a0:
47:de:10:ca:8b:aa:f2:b4:be:5e:1b:f9:60:e6:a6:
2d:31:2a:17:94:aa:ca:80:b6:aa:39:b8:c5:50:5d:
b5:14:00:0b:07:55:30:c1:5b:ad:8a:84:a8:61:47:
1d:38:02:a1:1e:80:15:05:60:90:49:d5:50:36:94:
0c:2e:bc:1d:fb:8d:41:a2:c8:81:e1:15:52:b3:7d:
0e:17:86:2d:c4:fc:c2:3f:a1:af:98:d3:18:8b:46:
f4:09:39:21:54:73:c7:de:ac:fa:18:e3:d4:fe:93:
ae:04:37:7a:a4:e7:90:d8:3c:4f:af:fa:e5:d8:3c:
9b:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:0F:A7:88:F8:BD:54:6D:C7:22:44:EA:14:74:58:1A:97:FA:68:2A
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/027B2A7EF4E911EFA49EDF60762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.195.19.0/24
Signature Algorithm: sha256WithRSAEncryption
a1:48:61:70:e4:73:0f:45:bc:1e:9f:41:fc:a9:34:17:ee:1e:
77:d3:14:3d:a2:4f:8b:fc:5b:0f:b2:f3:33:64:77:c8:2c:e2:
37:e7:48:41:eb:6f:c1:f9:33:eb:af:67:84:c1:38:9c:fa:0b:
7d:68:1e:9b:ac:5e:e6:4b:19:31:dd:9c:4c:51:5f:5c:45:30:
71:ef:66:84:ab:cb:22:33:a9:db:38:fe:42:35:0f:da:7d:da:
79:6a:79:e6:e2:ed:2c:cb:38:2e:25:a7:3b:b2:e2:95:93:07:
17:79:b7:2f:99:d3:8d:43:61:49:80:92:c1:b9:d8:c8:71:a2:
e8:b8:84:22:01:05:c8:ef:6c:3f:d3:5c:ce:cc:0d:f7:c6:0c:
14:50:31:90:a9:b2:bd:17:fe:40:78:d9:ef:5e:fa:16:c9:40:
05:20:21:77:be:e6:c3:bb:5e:c2:ce:1f:d3:44:16:da:bc:a4:
96:b7:bd:31:be:68:74:7c:5d:25:c1:bc:b1:27:9c:9d:bd:22:
90:4b:de:80:99:67:db:d0:1f:05:9a:8f:98:69:70:bb:91:fe:
c4:ed:77:66:bf:46:14:98:cf:9a:06:4b:42:ff:ef:18:31:84:
7c:d3:84:1c:2e:87:e0:10:ac:b3:22:9d:16:21:fa:01:79:f8:
ae:48:54:72
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAWcJMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMjI3MDg1ODI0WhcNMjUwMzI2MDg1ODI0WjAYMRYw
FAYDVQQDEw02N2MwMjkzNC04MGMxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAu+lvB/3WxH8GOXUcX3y4sZGF4IhcQr2q5wROOe1f5dW/Al51O37cboLu
yM6hQz5WKW8p5x7IZa8LPgthZRkP4k9OVBGnIUKKUU1Y14E1u9q7cEyhUb7yDXiQ
1hV1/DlEsz/MqAHsq5cSOjuXrd/FWUFSkINOHr/+PJfv5i20+NC5eWjmgaBH3hDK
i6rytL5eG/lg5qYtMSoXlKrKgLaqObjFUF21FAALB1UwwVutioSoYUcdOAKhHoAV
BWCQSdVQNpQMLrwd+41BosiB4RVSs30OF4YtxPzCP6GvmNMYi0b0CTkhVHPH3qz6
GOPU/pOuBDd6pOeQ2DxPr/rl2Dyb/wIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFOwP
p4j4vVRtxyJE6hR0WBqX+mgqMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8wMjdCMkE3RUY0RTkxMUVGQTQ5RURGNjA3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmsMTMA0GCSqGSIb3DQEB
CwUAA4IBAQChSGFw5HMPRbwen0H8qTQX7h530xQ9ok+L/FsPsvMzZHfILOI350hB
62/B+TPrr2eEwTic+gt9aB6brF7mSxkx3ZxMUV9cRTBx72aEq8siM6nbOP5CNQ/a
fdp5annm4u0syzguJac7suKVkwcXebcvmdONQ2FJgJLBudjIcaLouIQiAQXI72w/
01zOzA33xgwUUDGQqbK9F/5AeNnvXvoWyUAFICF3vubDu17Czh/TRBbavKSWt70x
vmh0fF0lwbyxJ5ydvSKQS96AmWfb0B8Fmo+YaXC7kf7E7Xdmv0YUmM+aBktC/+8Y
MYR804QcLofgEKyzIp0WIfoBefiuSFRy
-----END CERTIFICATE-----
Generated at Fri May 9 12:19:08 2025 by rpki-client