Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/0D2FDDCCF62711EFBCD9205B762E951A.roa
File: 0D2FDDCCF62711EFBCD9205B762E951A.roa (raw, json)
Hash identifier: mE2BPTZV77yvpqTBNMsnNEc0iL2M637DEvAXI4yeIjA=
Subject key identifier: 6D:18:66:AE:79:83:03:66:6B:21:76:D7:8D:6E:7E:16:02:85:05:41
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 016CA3
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/0D2FDDCCF62711EFBCD9205B762E951A.roa
Signing time: Fri 28 Feb 2025 22:55:06 +0000
ROA not before: Fri 28 Feb 2025 22:55:02 +0000
ROA not after: Wed 26 Mar 2025 22:55:02 +0000
asID: 62240
IP address blocks: 154.194.85.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 93347 (0x16ca3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Feb 28 22:55:02 2025 GMT
Not After : Mar 26 22:55:02 2025 GMT
Subject: CN=67c23eca-6c12
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:75:72:2f:3e:f3:64:13:a9:2c:c9:1c:cc:58:
55:34:5a:a6:bb:14:66:8b:b7:18:d7:1f:db:98:20:
e1:77:fa:18:5a:a5:06:93:f1:21:d5:ea:c8:dc:78:
a1:f6:8c:b3:73:3d:1f:ea:b1:22:da:35:b1:9a:c9:
dd:53:30:b7:03:8b:fc:19:79:a5:66:a6:24:69:5a:
c9:b4:d8:93:e4:dd:91:5f:17:7d:42:d5:52:9f:f1:
b3:a5:20:41:e6:fc:ee:60:9b:fd:7a:1a:10:5c:48:
d4:3b:5f:dc:ff:58:63:c3:ff:5b:81:8d:ed:58:c1:
7f:9d:53:e9:ae:94:db:6c:a9:9f:58:50:84:20:f6:
04:c0:8d:f6:9d:45:16:8b:3d:69:52:00:16:f5:16:
60:5a:c9:14:18:ad:77:cf:35:0d:04:15:f3:51:db:
cc:d9:31:db:f7:67:51:bb:be:17:00:c2:0b:2c:ed:
e1:45:b8:b5:26:fc:9c:15:39:07:a3:86:25:07:ac:
81:b8:3e:91:4b:af:41:54:d0:d2:de:56:65:05:c7:
a4:df:e2:e0:a5:af:34:3f:8c:25:d5:b0:23:34:75:
fc:cc:b1:0f:38:ee:d7:af:3a:9b:d6:f2:da:39:2d:
7e:72:c9:3f:ee:ba:ae:18:3d:ee:2d:1c:3c:63:fe:
6c:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:18:66:AE:79:83:03:66:6B:21:76:D7:8D:6E:7E:16:02:85:05:41
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/0D2FDDCCF62711EFBCD9205B762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.194.85.0/24
Signature Algorithm: sha256WithRSAEncryption
75:aa:91:af:a3:52:d4:f5:1b:f4:42:68:42:c0:b7:c9:7f:b0:
92:ed:9f:cd:c4:65:8f:dc:1f:e7:e5:cb:3e:b3:f5:74:40:db:
c2:c6:af:40:d8:a1:a2:23:38:0d:68:7b:1f:00:e7:ac:b2:40:
f4:2f:b8:ab:e1:03:4b:4d:30:0d:05:dc:83:24:05:e8:f2:68:
12:54:fd:37:44:23:4d:33:92:65:3f:c9:4a:a1:02:0a:e0:cd:
54:49:f2:d7:2b:45:03:8d:47:30:a3:dd:26:ab:ba:2b:48:2d:
90:bd:f2:af:a3:a6:08:93:54:8e:8a:ce:19:0a:9d:e3:da:2a:
6e:b5:de:91:83:ee:57:91:b9:f5:d8:47:4a:2c:3f:95:f3:fe:
95:0d:6d:77:8a:74:f2:e5:62:3a:80:5f:4c:b9:49:57:dc:92:
96:92:53:fc:fa:e3:55:27:ae:1c:90:94:85:aa:04:a8:3b:1a:
3a:6f:42:ab:34:75:cd:b5:bc:99:ee:41:98:de:15:c9:3e:2f:
cd:dc:10:0f:1b:9d:89:bf:f3:9e:eb:4f:9d:c7:c0:04:90:9c:
2f:25:7f:2a:21:1e:f8:72:43:f1:5c:ab:57:55:2d:51:4a:0a:
41:d1:b9:6b:3b:b2:2d:30:ae:45:9b:69:6b:1a:dd:ef:3d:66:
f2:74:b0:3c
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAWyjMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMjI4MjI1NTAyWhcNMjUwMzI2MjI1NTAyWjAYMRYw
FAYDVQQDEw02N2MyM2VjYS02YzEyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA5nVyLz7zZBOpLMkczFhVNFqmuxRmi7cY1x/bmCDhd/oYWqUGk/Eh1erI
3Hih9oyzcz0f6rEi2jWxmsndUzC3A4v8GXmlZqYkaVrJtNiT5N2RXxd9QtVSn/Gz
pSBB5vzuYJv9ehoQXEjUO1/c/1hjw/9bgY3tWMF/nVPprpTbbKmfWFCEIPYEwI32
nUUWiz1pUgAW9RZgWskUGK13zzUNBBXzUdvM2THb92dRu74XAMILLO3hRbi1Jvyc
FTkHo4YlB6yBuD6RS69BVNDS3lZlBcek3+Lgpa80P4wl1bAjNHX8zLEPOO7Xrzqb
1vLaOS1+csk/7rquGD3uLRw8Y/5sbQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFG0Y
Zq55gwNmayF2141ufhYChQVBMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8wRDJGRERDQ0Y2MjcxMUVGQkNEOTIwNUI3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmsJVMA0GCSqGSIb3DQEB
CwUAA4IBAQB1qpGvo1LU9Rv0QmhCwLfJf7CS7Z/NxGWP3B/n5cs+s/V0QNvCxq9A
2KGiIzgNaHsfAOesskD0L7ir4QNLTTANBdyDJAXo8mgSVP03RCNNM5JlP8lKoQIK
4M1USfLXK0UDjUcwo90mq7orSC2QvfKvo6YIk1SOis4ZCp3j2iputd6Rg+5Xkbn1
2EdKLD+V8/6VDW13inTy5WI6gF9MuUlX3JKWklP8+uNVJ64ckJSFqgSoOxo6b0Kr
NHXNtbyZ7kGY3hXJPi/N3BAPG52Jv/Oe60+dx8AEkJwvJX8qIR74ckPxXKtXVS1R
SgpB0blrO7ItMK5Fm2lrGt3vPWbydLA8
-----END CERTIFICATE-----
Generated at Fri May 9 06:05:36 2025 by rpki-client