Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/0B8069EAF33111EFBFF8E08B762E951A.roa
File: 0B8069EAF33111EFBFF8E08B762E951A.roa (raw, json)
Hash identifier: yOuAinOIyJ+XULYRj/T5e2WcsmCSz/Z4jPFyOgB6hGY=
Subject key identifier: 35:22:D3:36:1D:EA:5E:96:65:C1:43:62:19:42:6E:37:3C:53:E8:F5
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 015D1C
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/0B8069EAF33111EFBFF8E08B762E951A.roa
Signing time: Tue 25 Feb 2025 04:29:04 +0000
ROA not before: Tue 25 Feb 2025 04:29:00 +0000
ROA not after: Wed 26 Mar 2025 04:29:00 +0000
asID: 212238
IP address blocks: 154.94.39.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 89372 (0x15d1c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Feb 25 04:29:00 2025 GMT
Not After : Mar 26 04:29:00 2025 GMT
Subject: CN=67bd4710-a0ca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:5b:ac:4c:6e:a7:92:7f:41:94:d1:7c:d2:1e:
fc:6f:ed:a2:e3:a5:4f:87:a8:a9:03:87:8a:6c:f4:
73:3a:2d:c2:b1:d3:de:6d:e1:f5:8e:56:d0:ed:80:
aa:2c:0f:d3:7c:43:af:47:cd:79:5a:b1:35:56:ec:
0e:bd:b5:17:bc:f2:46:21:c3:55:1c:4d:5c:1b:3c:
99:46:b2:d4:9e:8e:86:95:bf:16:15:b8:27:52:66:
a6:5a:f2:78:c1:9d:e6:7d:04:fb:9f:cd:52:e0:f1:
e5:72:0d:23:1b:ec:7e:12:68:69:a7:f1:33:34:8b:
38:65:ad:5b:13:0e:1e:8a:8d:e8:3d:8d:e9:98:f5:
18:90:40:79:80:50:25:3b:9f:47:9b:4c:c7:de:d1:
61:07:d2:51:ad:46:fd:e4:05:b5:c8:7b:1a:a8:00:
8e:18:33:bc:e0:e7:6b:cc:fb:40:5e:8c:08:51:2f:
24:85:66:e5:9f:7f:0a:1c:fe:1a:ef:26:fc:ec:66:
d7:1d:21:c0:9d:d1:2f:fa:bb:f3:2b:24:2d:39:c7:
f5:90:ba:80:e4:79:b6:ec:bf:0c:fc:cf:14:4f:f0:
93:cd:a9:d8:8b:92:ed:ba:2b:14:9f:12:4d:ca:d7:
90:c3:42:3c:3b:fa:8f:ce:28:2e:30:bf:d3:96:13:
82:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:22:D3:36:1D:EA:5E:96:65:C1:43:62:19:42:6E:37:3C:53:E8:F5
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/0B8069EAF33111EFBFF8E08B762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.94.39.0/24
Signature Algorithm: sha256WithRSAEncryption
a5:2a:9f:0a:2b:6c:fb:13:12:18:43:b0:0b:95:fc:a5:97:c2:
c7:93:be:a8:db:96:30:e9:74:bf:da:b6:6d:27:17:fd:19:73:
d8:64:71:b9:61:01:0e:09:09:98:89:f8:a8:09:cb:9f:33:91:
62:a0:dd:7c:52:07:ec:03:3e:f7:36:8c:97:25:a7:35:8d:b4:
56:43:f0:15:db:d2:29:eb:0d:84:41:32:f9:e6:96:7c:94:35:
b2:3d:87:76:ea:2d:4f:22:3e:8a:5c:80:bb:d0:97:4d:d6:af:
06:07:73:d6:98:33:3e:13:ab:7a:ec:f4:06:e9:f6:51:cb:82:
e8:f1:5e:a7:42:5e:68:be:f4:a4:30:fd:3a:d8:ba:10:5b:8d:
07:12:00:a1:9f:d7:74:0f:ee:95:3f:d6:3f:d8:55:2a:96:ef:
a0:19:87:be:ba:79:de:34:a8:af:02:af:65:83:e1:10:c6:98:
34:2b:ee:c3:11:41:94:5d:be:49:bd:7e:d0:f1:ab:dc:c2:f5:
43:60:2d:f8:ce:17:ac:3d:05:2e:ee:2a:6d:ee:e1:3e:e7:62:
e6:5a:a7:2c:0f:0c:b8:28:b5:68:ff:9a:fd:98:c1:23:6a:9d:
8e:84:c6:52:47:b5:63:9c:f0:93:36:cf:b3:ff:28:62:61:f7:
78:f7:f0:35
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAV0cMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMjI1MDQyOTAwWhcNMjUwMzI2MDQyOTAwWjAYMRYw
FAYDVQQDEw02N2JkNDcxMC1hMGNhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA6VusTG6nkn9BlNF80h78b+2i46VPh6ipA4eKbPRzOi3CsdPebeH1jlbQ
7YCqLA/TfEOvR815WrE1VuwOvbUXvPJGIcNVHE1cGzyZRrLUno6Glb8WFbgnUmam
WvJ4wZ3mfQT7n81S4PHlcg0jG+x+Emhpp/EzNIs4Za1bEw4eio3oPY3pmPUYkEB5
gFAlO59Hm0zH3tFhB9JRrUb95AW1yHsaqACOGDO84OdrzPtAXowIUS8khWbln38K
HP4a7yb87GbXHSHAndEv+rvzKyQtOcf1kLqA5Hm27L8M/M8UT/CTzanYi5LtuisU
nxJNyteQw0I8O/qPziguML/TlhOCdwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFDUi
0zYd6l6WZcFDYhlCbjc8U+j1MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8wQjgwNjlFQUYzMzExMUVGQkZGOEUwOEI3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAml4nMA0GCSqGSIb3DQEB
CwUAA4IBAQClKp8KK2z7ExIYQ7ALlfyll8LHk76o25Yw6XS/2rZtJxf9GXPYZHG5
YQEOCQmYifioCcufM5FioN18UgfsAz73NoyXJac1jbRWQ/AV29Ip6w2EQTL55pZ8
lDWyPYd26i1PIj6KXIC70JdN1q8GB3PWmDM+E6t67PQG6fZRy4Lo8V6nQl5ovvSk
MP062LoQW40HEgChn9d0D+6VP9Y/2FUqlu+gGYe+unneNKivAq9lg+EQxpg0K+7D
EUGUXb5JvX7Q8avcwvVDYC34zhesPQUu7ipt7uE+52LmWqcsDwy4KLVo/5r9mMEj
ap2OhMZSR7VjnPCTNs+z/yhiYfd49/A1
-----END CERTIFICATE-----
Generated at Fri May 9 07:18:01 2025 by rpki-client