Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/1412F5ACF4D311EF95356E4B762E951A.roa
File: 1412F5ACF4D311EF95356E4B762E951A.roa (raw, json)
Hash identifier: 2Rc0Ku4j62b0a2L3ey97hQ98mK6vcf9LpEWN4cUqjTQ=
Subject key identifier: 79:0F:75:47:4C:07:BE:AC:66:41:E2:A3:8B:67:BC:D0:50:72:AF:65
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01665C
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/1412F5ACF4D311EF95356E4B762E951A.roa
Signing time: Thu 27 Feb 2025 06:21:28 +0000
ROA not before: Thu 27 Feb 2025 06:21:25 +0000
ROA not after: Wed 26 Mar 2025 06:21:25 +0000
asID: 62240
IP address blocks: 154.195.149.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 91740 (0x1665c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Feb 27 06:21:25 2025 GMT
Not After : Mar 26 06:21:25 2025 GMT
Subject: CN=67c00468-6157
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:59:d5:a9:29:ef:2a:c8:d0:ca:e2:9c:d0:91:
f2:d3:89:6a:66:f6:2e:b4:c0:d3:33:31:4a:fe:ae:
07:c9:4c:b7:e7:46:fa:8b:24:07:2a:30:cb:52:65:
f0:81:e9:4b:ba:6c:ff:0b:ae:db:eb:9a:73:25:73:
c2:ce:57:22:46:68:f1:ff:5f:19:e3:e8:39:3f:d3:
d2:30:e5:54:31:3d:19:4e:61:3c:ce:d6:ba:b8:72:
6c:04:16:e2:2d:a0:2d:12:8b:3a:e1:23:eb:f9:aa:
8b:9e:d9:9b:f8:68:15:ff:75:e3:88:62:39:dd:db:
c1:85:10:ca:60:bf:77:f4:1a:74:ec:08:7b:d9:ca:
4e:a4:96:08:bc:7e:24:2f:83:79:43:99:07:c6:8a:
79:b7:fe:79:cf:b6:ea:78:52:e6:b4:cc:87:b1:9a:
3f:d2:99:ad:cc:c3:4e:f7:fa:3c:61:c6:a9:8b:c8:
bf:ac:9f:e4:2a:19:cd:f4:ed:10:51:a6:f6:1b:8c:
1e:70:e8:17:99:93:0d:7e:d4:65:ad:0c:51:78:5b:
aa:0e:62:d7:4d:c0:7a:9f:70:5f:54:e7:71:4f:c6:
0d:6a:32:b8:e9:7e:8d:ef:2c:fa:e3:69:74:47:d2:
cb:c3:b2:e3:18:48:3b:65:8c:ab:f7:65:bc:c4:a0:
66:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
79:0F:75:47:4C:07:BE:AC:66:41:E2:A3:8B:67:BC:D0:50:72:AF:65
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/1412F5ACF4D311EF95356E4B762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.195.149.0/24
Signature Algorithm: sha256WithRSAEncryption
3f:36:22:2e:10:a5:00:81:6d:21:f5:58:4f:19:49:e2:58:b4:
3f:a5:18:55:d5:f1:95:e9:af:9b:e2:c9:25:e4:b9:02:a5:fa:
e9:66:cf:ad:2a:58:91:f9:a3:cd:5c:4b:70:f0:06:31:16:f5:
46:f9:46:75:99:94:8d:83:10:dc:b2:ff:7b:03:6f:fe:0b:8a:
1e:32:7c:7a:26:eb:f4:59:77:c1:6a:c8:30:d4:4f:61:6d:06:
a7:f2:c4:5d:e6:79:0d:55:25:a6:cd:29:1e:cb:80:5c:e4:3d:
96:aa:5d:58:ef:cd:17:38:08:b7:4f:88:88:c4:cf:89:6a:28:
f9:fc:8e:38:c4:6e:87:f4:22:ef:c4:10:e4:b5:fe:5c:7e:9d:
7e:8f:8a:b2:37:04:7f:37:3c:58:aa:48:d2:6d:4c:79:54:fd:
a6:6e:98:b2:d6:f2:c8:d7:c6:04:e0:a4:40:9c:b0:5d:4e:49:
69:00:ed:15:59:69:84:7c:e9:a1:ce:d2:4f:1b:7c:49:8c:e8:
ff:d4:13:16:a6:01:09:19:3f:64:b4:a3:8d:66:7f:b0:e4:2c:
14:df:52:86:58:61:fb:19:b5:65:cb:62:32:2e:06:22:29:fe:
56:f5:bc:80:8c:4a:f2:dd:0d:76:ae:5d:6d:ec:76:00:c9:0c:
0a:3a:b9:b4
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAWZcMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMjI3MDYyMTI1WhcNMjUwMzI2MDYyMTI1WjAYMRYw
FAYDVQQDEw02N2MwMDQ2OC02MTU3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA41nVqSnvKsjQyuKc0JHy04lqZvYutMDTMzFK/q4HyUy350b6iyQHKjDL
UmXwgelLumz/C67b65pzJXPCzlciRmjx/18Z4+g5P9PSMOVUMT0ZTmE8zta6uHJs
BBbiLaAtEos64SPr+aqLntmb+GgV/3XjiGI53dvBhRDKYL939Bp07Ah72cpOpJYI
vH4kL4N5Q5kHxop5t/55z7bqeFLmtMyHsZo/0pmtzMNO9/o8Ycapi8i/rJ/kKhnN
9O0QUab2G4wecOgXmZMNftRlrQxReFuqDmLXTcB6n3BfVOdxT8YNajK46X6N7yz6
42l0R9LLw7LjGEg7ZYyr92W8xKBm1QIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFHkP
dUdMB76sZkHio4tnvNBQcq9lMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8xNDEyRjVBQ0Y0RDMxMUVGOTUzNTZFNEI3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmsOVMA0GCSqGSIb3DQEB
CwUAA4IBAQA/NiIuEKUAgW0h9VhPGUniWLQ/pRhV1fGV6a+b4skl5LkCpfrpZs+t
KliR+aPNXEtw8AYxFvVG+UZ1mZSNgxDcsv97A2/+C4oeMnx6Juv0WXfBasgw1E9h
bQan8sRd5nkNVSWmzSkey4Bc5D2Wql1Y780XOAi3T4iIxM+Jaij5/I44xG6H9CLv
xBDktf5cfp1+j4qyNwR/NzxYqkjSbUx5VP2mbpiy1vLI18YE4KRAnLBdTklpAO0V
WWmEfOmhztJPG3xJjOj/1BMWpgEJGT9ktKONZn+w5CwU31KGWGH7GbVly2IyLgYi
Kf5W9byAjEry3Q12rl1t7HYAyQwKOrm0
-----END CERTIFICATE-----
Generated at Fri May 9 12:19:54 2025 by rpki-client