Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/1F21FBD6F50611EF8F7166A6762E951A.roa
File: 1F21FBD6F50611EF8F7166A6762E951A.roa (raw, json)
Hash identifier: V7wRXuPOa26wJUQm9GL/z9OhV+nYr9cclyJPLRDse64=
Subject key identifier: 76:99:6F:31:3D:69:D8:37:4E:5A:12:91:AE:EE:C1:F0:86:0E:45:91
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01683F
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/1F21FBD6F50611EF8F7166A6762E951A.roa
Signing time: Thu 27 Feb 2025 12:26:51 +0000
ROA not before: Thu 27 Feb 2025 12:26:47 +0000
ROA not after: Wed 26 Mar 2025 12:26:47 +0000
asID: 62240
IP address blocks: 154.196.31.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 92223 (0x1683f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Feb 27 12:26:47 2025 GMT
Not After : Mar 26 12:26:47 2025 GMT
Subject: CN=67c05a0b-9f2a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:e8:c1:e4:86:12:e3:20:0d:5d:0e:25:9e:42:
6e:1f:26:48:3c:73:ae:c2:7f:73:8e:9d:12:c9:a7:
18:c3:85:25:3c:92:ba:30:71:c5:36:92:3b:8e:f6:
ae:be:19:70:12:4a:08:cb:c4:23:2d:e1:fb:96:11:
e0:af:d7:80:9b:de:4c:e1:14:83:af:12:f5:0b:39:
e3:4f:32:7f:c5:d4:5f:9d:5d:ee:86:ef:8d:74:c8:
46:21:c1:6f:89:00:e2:1e:91:7e:77:10:15:fb:23:
a1:d1:fa:04:0d:24:36:80:47:5e:7b:5d:bd:90:6d:
b3:a9:72:d7:38:cf:e6:bd:b7:ba:05:9a:97:51:9d:
3d:04:8e:86:93:60:01:48:27:af:0b:7a:49:24:ff:
d6:11:2a:8e:a0:ea:c1:c7:85:95:ae:d0:b8:c3:4e:
dd:f4:50:41:4e:ff:98:50:26:9f:16:8f:30:8d:02:
06:18:d5:60:cf:f0:b0:80:bc:17:22:52:68:c7:af:
62:dd:95:81:3e:fd:9d:72:bf:e2:7f:6d:a7:b5:a4:
a2:81:63:d6:64:de:f7:3e:93:91:c0:1b:73:e6:54:
b0:de:ce:00:b2:8c:d9:05:f6:d8:83:de:02:b1:1b:
95:1d:e2:06:e3:27:58:e8:21:19:41:e8:e8:34:15:
20:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:99:6F:31:3D:69:D8:37:4E:5A:12:91:AE:EE:C1:F0:86:0E:45:91
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/1F21FBD6F50611EF8F7166A6762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.196.31.0/24
Signature Algorithm: sha256WithRSAEncryption
7e:b0:f9:46:12:46:fc:c1:ae:1d:82:d8:96:ae:86:ee:15:fb:
b1:98:7a:bd:a6:18:4b:40:02:45:69:d1:37:9c:e5:3f:ff:89:
57:85:e7:2e:95:ce:44:65:61:71:6e:d2:21:48:e4:26:f9:3b:
1f:f8:94:28:74:5f:63:d7:7f:53:e6:f8:2b:29:fa:72:32:f4:
a8:d5:30:47:eb:a3:6c:33:f0:91:a0:f8:c2:d0:4e:76:e0:97:
6b:3b:ef:7e:2b:53:0c:83:a9:41:dd:06:aa:a8:8d:13:e8:64:
90:0a:c0:1c:f2:b0:dd:53:e7:8f:10:04:9c:44:a0:d3:11:f3:
e4:5e:79:9b:23:ec:9a:2c:31:f2:12:9a:3c:78:3e:4f:27:34:
67:d1:3d:05:08:64:70:bb:6c:08:60:e8:1b:ac:63:b7:bb:f1:
a7:12:e6:ee:34:bb:09:40:ff:cf:df:73:8d:6a:33:d1:25:c8:
77:84:ce:60:c8:24:fe:a6:4d:aa:41:ad:90:3b:32:e7:fc:26:
e8:03:d1:7c:61:b1:ff:88:a4:db:ab:3f:68:bf:04:74:fb:51:
8f:6a:46:23:82:36:ee:d4:7b:d0:cf:9d:60:eb:89:c6:5d:7b:
ab:e2:bb:d1:de:3a:b3:8a:56:81:91:83:4b:56:3d:38:ef:cd:
25:6a:3f:00
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAWg/MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMjI3MTIyNjQ3WhcNMjUwMzI2MTIyNjQ3WjAYMRYw
FAYDVQQDEw02N2MwNWEwYi05ZjJhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAwOjB5IYS4yANXQ4lnkJuHyZIPHOuwn9zjp0SyacYw4UlPJK6MHHFNpI7
jvauvhlwEkoIy8QjLeH7lhHgr9eAm95M4RSDrxL1CznjTzJ/xdRfnV3uhu+NdMhG
IcFviQDiHpF+dxAV+yOh0foEDSQ2gEdee129kG2zqXLXOM/mvbe6BZqXUZ09BI6G
k2ABSCevC3pJJP/WESqOoOrBx4WVrtC4w07d9FBBTv+YUCafFo8wjQIGGNVgz/Cw
gLwXIlJox69i3ZWBPv2dcr/if22ntaSigWPWZN73PpORwBtz5lSw3s4AsozZBfbY
g94CsRuVHeIG4ydY6CEZQejoNBUgxQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFHaZ
bzE9adg3TloSka7uwfCGDkWRMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8xRjIxRkJENkY1MDYxMUVGOEY3MTY2QTY3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmsQfMA0GCSqGSIb3DQEB
CwUAA4IBAQB+sPlGEkb8wa4dgtiWrobuFfuxmHq9phhLQAJFadE3nOU//4lXhecu
lc5EZWFxbtIhSOQm+Tsf+JQodF9j139T5vgrKfpyMvSo1TBH66NsM/CRoPjC0E52
4JdrO+9+K1MMg6lB3QaqqI0T6GSQCsAc8rDdU+ePEAScRKDTEfPkXnmbI+yaLDHy
Epo8eD5PJzRn0T0FCGRwu2wIYOgbrGO3u/GnEubuNLsJQP/P33ONajPRJch3hM5g
yCT+pk2qQa2QOzLn/CboA9F8YbH/iKTbqz9ovwR0+1GPakYjgjbu1HvQz51g64nG
XXur4rvR3jqzilaBkYNLVj04780laj8A
-----END CERTIFICATE-----
Generated at Fri May 9 06:27:41 2025 by rpki-client