Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/027FA2D2F5B811EF8F3E066B762E951A.roa
File: 027FA2D2F5B811EF8F3E066B762E951A.roa (raw, json)
Hash identifier: 4dsUXdWmPzHvS0e8CsVuP28k3a3yxD2MqjqtjVsBYN8=
Subject key identifier: 47:1A:F6:03:88:2D:4B:A6:E9:1A:D3:EE:C3:71:2F:B8:66:E0:FF:D5
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 016A57
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/027FA2D2F5B811EF8F3E066B762E951A.roa
Signing time: Fri 28 Feb 2025 09:40:14 +0000
ROA not before: Fri 28 Feb 2025 09:40:10 +0000
ROA not after: Mon 31 Mar 2025 09:40:10 +0000
asID: 399195
IP address blocks: 154.193.112.0/20 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 92759 (0x16a57)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Feb 28 09:40:10 2025 GMT
Not After : Mar 31 09:40:10 2025 GMT
Subject: CN=67c1847e-cb65
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:48:d0:e0:e8:20:d7:62:06:df:04:f3:4e:dd:
10:21:88:e1:65:90:b7:c3:79:0e:a5:ec:96:00:d8:
37:b4:cf:1c:90:4e:b2:1e:5e:e1:51:30:4a:9f:70:
58:aa:4f:ad:03:19:37:95:ac:08:1d:83:a1:f8:23:
2e:04:89:01:e3:fa:bb:55:9c:6d:84:78:1e:6d:f9:
22:f0:38:46:f5:a4:8f:e7:d1:53:f9:01:ea:9b:cd:
28:81:8b:13:a4:86:1b:e4:94:5a:14:db:20:97:c2:
a0:cf:54:3f:2b:1d:2e:dc:2b:6d:08:ae:23:fa:cb:
b8:5e:f3:0a:6f:bf:69:01:ba:1c:49:b1:e9:23:89:
96:67:85:db:47:e8:85:ba:24:1f:8b:12:5f:30:54:
f3:ca:64:3e:6e:7e:c8:97:8c:d1:ab:ab:68:d3:dd:
09:d6:40:12:22:52:e5:74:f9:c5:45:da:73:43:27:
af:66:9b:ff:da:9b:77:2f:93:09:84:c0:21:fa:e3:
aa:df:a9:fa:b5:89:96:da:39:f9:39:d9:3d:c2:38:
64:df:8d:33:06:c6:6b:eb:61:3b:88:f9:11:4d:2f:
05:42:23:5a:bb:04:f7:05:b8:cb:24:62:dd:39:c5:
3f:03:9b:63:49:38:af:7a:11:e4:b2:24:18:3c:e5:
0b:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:1A:F6:03:88:2D:4B:A6:E9:1A:D3:EE:C3:71:2F:B8:66:E0:FF:D5
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/027FA2D2F5B811EF8F3E066B762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.193.112.0/20
Signature Algorithm: sha256WithRSAEncryption
60:57:da:cc:03:49:2b:f0:5c:46:59:9b:bd:6c:1d:e7:d7:be:
20:d1:c7:e4:60:49:e3:4f:cd:76:6c:66:fe:53:39:f8:25:c3:
8b:99:90:39:d4:6e:8a:b5:1f:f1:46:76:e1:91:e3:40:9d:86:
22:eb:03:91:0a:8f:f0:1a:d5:61:d2:89:1e:d9:38:c2:8e:60:
22:d6:1b:4d:c4:0d:fd:86:44:30:66:20:b0:e1:5c:29:a1:c3:
16:ff:d6:3a:13:b9:7e:67:97:7c:6d:2b:03:1e:88:98:e7:b4:
ef:52:06:e9:0e:f4:64:d7:16:42:e3:e8:c0:91:e7:83:b0:8b:
e1:48:d2:48:45:b0:e7:ae:23:80:62:b3:a0:cf:3c:e3:c8:48:
79:5a:49:7a:0c:1c:d5:36:c4:12:c2:55:e2:6d:f7:07:7e:77:
24:cc:29:d1:a9:1c:5a:27:b6:24:44:03:48:1f:f0:8d:53:c2:
23:b5:cc:2d:e0:9f:d9:70:1c:f9:91:9a:cc:a3:d6:4d:1b:97:
75:5a:a9:b3:2a:6f:39:00:41:9e:5f:3c:f3:e8:85:55:69:5c:
b4:f4:b8:5d:15:ef:10:d3:05:d9:1e:12:c7:6a:fd:9d:11:7d:
fd:d9:bc:33:cf:01:7e:e6:e0:5c:6b:ef:1c:29:af:2e:90:c1:
0e:e0:d3:86
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAWpXMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMjI4MDk0MDEwWhcNMjUwMzMxMDk0MDEwWjAYMRYw
FAYDVQQDEw02N2MxODQ3ZS1jYjY1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAuEjQ4Ogg12IG3wTzTt0QIYjhZZC3w3kOpeyWANg3tM8ckE6yHl7hUTBK
n3BYqk+tAxk3lawIHYOh+CMuBIkB4/q7VZxthHgebfki8DhG9aSP59FT+QHqm80o
gYsTpIYb5JRaFNsgl8Kgz1Q/Kx0u3CttCK4j+su4XvMKb79pAbocSbHpI4mWZ4Xb
R+iFuiQfixJfMFTzymQ+bn7Il4zRq6to090J1kASIlLldPnFRdpzQyevZpv/2pt3
L5MJhMAh+uOq36n6tYmW2jn5Odk9wjhk340zBsZr62E7iPkRTS8FQiNauwT3BbjL
JGLdOcU/A5tjSTivehHksiQYPOUL2QIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFEca
9gOILUum6RrT7sNxL7hm4P/VMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8wMjdGQTJEMkY1QjgxMUVGOEYzRTA2NkI3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEmsFwMA0GCSqGSIb3DQEB
CwUAA4IBAQBgV9rMA0kr8FxGWZu9bB3n174g0cfkYEnjT812bGb+Uzn4JcOLmZA5
1G6KtR/xRnbhkeNAnYYi6wORCo/wGtVh0oke2TjCjmAi1htNxA39hkQwZiCw4Vwp
ocMW/9Y6E7l+Z5d8bSsDHoiY57TvUgbpDvRk1xZC4+jAkeeDsIvhSNJIRbDnriOA
YrOgzzzjyEh5Wkl6DBzVNsQSwlXibfcHfnckzCnRqRxaJ7YkRANIH/CNU8Ijtcwt
4J/ZcBz5kZrMo9ZNG5d1WqmzKm85AEGeXzzz6IVVaVy09LhdFe8Q0wXZHhLHav2d
EX392bwzzwF+5uBca+8cKa8ukMEO4NOG
-----END CERTIFICATE-----
Generated at Fri May 9 11:45:23 2025 by rpki-client