Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/1401E98EF51311EF90DB907D762E951A.roa
File: 1401E98EF51311EF90DB907D762E951A.roa (raw, json)
Hash identifier: 5X0h8uYpwNmYlc8M4Htv6EBMMOVVq20cnEMYc9FIBxE=
Subject key identifier: F8:5A:8F:89:90:63:B8:FC:FE:DC:4F:B0:DC:3D:81:A9:D7:83:36:78
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0168AA
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/1401E98EF51311EF90DB907D762E951A.roa
Signing time: Thu 27 Feb 2025 13:59:36 +0000
ROA not before: Thu 27 Feb 2025 13:59:33 +0000
ROA not after: Wed 26 Mar 2025 13:59:33 +0000
asID: 62240
IP address blocks: 154.196.27.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 92330 (0x168aa)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Feb 27 13:59:33 2025 GMT
Not After : Mar 26 13:59:33 2025 GMT
Subject: CN=67c06fc8-62d0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:bf:38:d3:d6:75:1d:86:16:26:96:77:d4:a4:
95:14:a8:82:8c:60:d1:db:33:2f:7d:7f:49:db:c5:
08:c0:32:d0:13:57:c8:28:4c:31:d8:dd:71:db:40:
4a:9f:71:d5:23:2b:0b:da:a5:33:9a:0a:b8:fd:08:
72:0c:a2:e3:49:61:60:44:5a:8c:b9:74:65:e8:be:
bf:f8:f5:d4:53:e9:2d:eb:ef:96:63:0a:e5:63:c4:
fb:2a:d0:5a:e7:a2:14:ed:67:7d:2b:3f:f3:38:1b:
df:da:5e:f4:92:24:71:f2:c6:de:45:e5:03:71:e6:
d5:98:0a:61:8a:c2:e3:60:3c:1b:44:79:7c:41:37:
56:7a:79:8a:94:72:70:2b:a4:3f:f3:5f:ea:22:86:
4c:16:90:66:72:a9:43:82:a8:8c:de:bf:f6:48:22:
69:69:59:f4:33:d8:9a:b1:6b:cc:c6:ab:22:f2:22:
32:34:ac:52:ec:54:32:36:b3:36:c2:d5:d9:36:99:
40:32:70:45:dd:95:9a:53:67:1c:b0:38:f7:04:e1:
c9:0c:a5:df:b1:9e:f3:cd:e9:37:cb:c3:20:0e:35:
de:3f:63:4d:60:c3:fa:00:26:89:3e:b0:d5:3d:95:
e2:a2:c1:18:65:2a:6d:3f:78:98:cc:70:60:46:58:
30:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:5A:8F:89:90:63:B8:FC:FE:DC:4F:B0:DC:3D:81:A9:D7:83:36:78
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/1401E98EF51311EF90DB907D762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.196.27.0/24
Signature Algorithm: sha256WithRSAEncryption
30:34:c0:32:0d:01:50:f7:97:91:8e:13:22:32:61:93:64:74:
74:36:77:c3:56:fd:59:d5:69:08:5e:bc:d0:11:db:9d:fa:d4:
ef:22:2e:aa:58:a2:2d:37:95:9a:e9:a2:bb:b8:df:85:6c:c1:
47:1e:14:6a:de:46:05:62:5d:44:ea:47:0a:3a:6d:1b:69:97:
29:e7:0c:eb:9b:ad:8a:ba:e2:1b:e2:9e:32:cc:07:ea:0c:f0:
e7:d3:b3:14:47:a7:b1:b4:25:70:40:3a:48:a8:1e:25:4b:c3:
97:f4:ed:25:bb:53:8e:0e:f1:2f:97:a3:4e:b8:9d:b3:bf:62:
6a:94:96:8a:57:d1:9f:3b:7d:8b:6c:87:3d:2c:94:01:46:93:
c6:75:e7:52:cb:83:b5:32:84:37:ea:de:22:87:f8:0a:9f:99:
60:f1:12:04:eb:3d:cb:82:22:0e:34:95:77:31:d3:28:59:4f:
c4:1f:8e:b5:c1:7b:12:e7:58:90:68:21:e2:8e:7e:02:b4:3b:
54:8e:86:4a:4c:7c:22:b1:1e:df:20:2e:8c:ae:8b:ae:4d:11:
d8:a3:47:51:ac:b0:56:1c:67:80:c4:2c:e8:81:78:31:3d:f8:
9a:08:fe:35:2a:7f:2a:6c:87:30:0f:e1:e4:bd:e4:9d:08:ce:
e8:9f:da:7a
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAWiqMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMjI3MTM1OTMzWhcNMjUwMzI2MTM1OTMzWjAYMRYw
FAYDVQQDEw02N2MwNmZjOC02MmQwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAv78409Z1HYYWJpZ31KSVFKiCjGDR2zMvfX9J28UIwDLQE1fIKEwx2N1x
20BKn3HVIysL2qUzmgq4/QhyDKLjSWFgRFqMuXRl6L6/+PXUU+kt6++WYwrlY8T7
KtBa56IU7Wd9Kz/zOBvf2l70kiRx8sbeReUDcebVmAphisLjYDwbRHl8QTdWenmK
lHJwK6Q/81/qIoZMFpBmcqlDgqiM3r/2SCJpaVn0M9iasWvMxqsi8iIyNKxS7FQy
NrM2wtXZNplAMnBF3ZWaU2ccsDj3BOHJDKXfsZ7zzek3y8MgDjXeP2NNYMP6ACaJ
PrDVPZXiosEYZSptP3iYzHBgRlgw0QIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFPha
j4mQY7j8/txPsNw9ganXgzZ4MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8xNDAxRTk4RUY1MTMxMUVGOTBEQjkwN0Q3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmsQbMA0GCSqGSIb3DQEB
CwUAA4IBAQAwNMAyDQFQ95eRjhMiMmGTZHR0NnfDVv1Z1WkIXrzQEdud+tTvIi6q
WKItN5Wa6aK7uN+FbMFHHhRq3kYFYl1E6kcKOm0baZcp5wzrm62KuuIb4p4yzAfq
DPDn07MUR6extCVwQDpIqB4lS8OX9O0lu1OODvEvl6NOuJ2zv2JqlJaKV9GfO32L
bIc9LJQBRpPGdedSy4O1MoQ36t4ih/gKn5lg8RIE6z3LgiIONJV3MdMoWU/EH461
wXsS51iQaCHijn4CtDtUjoZKTHwisR7fIC6MrouuTRHYo0dRrLBWHGeAxCzogXgx
PfiaCP41Kn8qbIcwD+HkveSdCM7on9p6
-----END CERTIFICATE-----
Generated at Fri May 9 12:07:27 2025 by rpki-client