Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/23EBA9C2F52011EF8FDB6058762E951A.roa
File: 23EBA9C2F52011EF8FDB6058762E951A.roa (raw, json)
Hash identifier: yFGbAjXSX6aicyD03hFT9WF4GfXf3UQN7R/5L4OGeVo=
Subject key identifier: 63:FC:40:B0:8A:67:3C:B5:6B:9F:7D:D1:4E:21:47:22:1B:FD:E8:EC
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01690E
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/23EBA9C2F52011EF8FDB6058762E951A.roa
Signing time: Thu 27 Feb 2025 15:33:06 +0000
ROA not before: Thu 27 Feb 2025 15:33:02 +0000
ROA not after: Wed 26 Mar 2025 15:33:02 +0000
asID: 62240
IP address blocks: 154.196.72.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 92430 (0x1690e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Feb 27 15:33:02 2025 GMT
Not After : Mar 26 15:33:02 2025 GMT
Subject: CN=67c085b2-7706
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:b7:34:f5:e1:dc:9f:0a:78:f2:53:32:8d:ad:
7c:d9:06:2a:3d:0b:f3:a1:37:f5:d3:82:ed:bb:29:
77:8e:42:6f:16:5f:d9:98:6f:22:6d:59:0b:39:e7:
4c:26:b3:58:49:5f:e8:fa:05:42:0b:db:e3:18:97:
03:fa:c6:a4:b4:46:e1:3a:54:77:6b:09:28:2e:d0:
29:a7:01:7e:4b:35:4c:37:1d:ad:5d:39:0a:8f:5b:
73:de:fd:00:84:71:60:a7:7e:8c:1c:0f:00:cf:6f:
f8:47:ff:e1:73:64:71:53:b0:07:fb:62:96:ed:7e:
4b:2d:f4:8f:d3:b5:f4:e3:55:2c:e2:a3:3a:f3:68:
cd:e1:55:4f:0a:e0:75:e2:1a:14:09:00:e7:46:3a:
1a:29:83:2b:87:32:aa:02:c8:17:ca:c4:0e:8c:19:
48:da:e9:6e:f3:0b:1a:28:97:d0:61:95:c4:b4:8c:
e6:20:12:dc:55:a8:86:88:ab:54:51:f9:d4:58:db:
d1:f0:5e:83:f8:be:39:e2:cc:76:9e:1a:77:e0:ea:
d7:dc:82:f5:14:e6:80:b6:26:05:25:a4:36:aa:c3:
b5:a7:55:81:96:c3:e7:85:e8:83:b1:48:1c:98:72:
f2:90:a7:7b:f8:3b:d7:8f:b9:7d:0e:bf:c6:a9:4e:
45:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:FC:40:B0:8A:67:3C:B5:6B:9F:7D:D1:4E:21:47:22:1B:FD:E8:EC
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/23EBA9C2F52011EF8FDB6058762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.196.72.0/24
Signature Algorithm: sha256WithRSAEncryption
5e:7b:35:e0:06:f8:d6:bc:bb:c6:99:84:3c:3c:b4:e0:82:e2:
2e:22:dd:98:6f:05:da:3d:8f:0a:bd:da:cc:82:74:6f:98:57:
5a:6b:f5:4f:9e:16:2b:1d:8b:49:90:84:92:e8:ab:5b:3b:ff:
e3:a9:9b:ff:88:7a:ef:4e:ce:5d:ea:a7:1b:b6:a9:e0:48:82:
46:73:b6:04:97:40:f3:77:26:52:42:67:1e:39:34:bc:b5:21:
40:f0:10:1d:7d:e6:da:3d:7a:be:38:f0:0b:0e:94:af:e7:53:
97:35:ca:6a:63:93:6a:ce:02:cb:6b:57:9d:8d:c6:8f:c6:d8:
3d:a5:e4:4f:a4:b9:1f:76:ff:03:54:9d:89:61:c5:fa:53:73:
c5:c5:a9:ed:03:55:66:97:1e:d3:35:0e:8c:3e:e3:fb:ca:a0:
2b:a8:9d:93:d8:57:29:ad:cf:17:0f:db:73:fb:6b:31:4d:f6:
68:19:72:11:03:66:db:d3:cd:75:24:3b:68:5c:a6:42:92:66:
58:20:4d:f3:0e:26:3a:0b:89:2a:96:fd:51:75:32:6a:38:8b:
5c:5d:82:5e:56:4b:5b:3d:5d:bf:39:62:55:43:fe:ba:ae:dd:
3e:74:41:63:2d:1f:27:f5:55:4b:3b:e5:d3:c4:0e:b1:f8:de:
a9:89:80:8e
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAWkOMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMjI3MTUzMzAyWhcNMjUwMzI2MTUzMzAyWjAYMRYw
FAYDVQQDEw02N2MwODViMi03NzA2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAqbc09eHcnwp48lMyja182QYqPQvzoTf104Ltuyl3jkJvFl/ZmG8ibVkL
OedMJrNYSV/o+gVCC9vjGJcD+saktEbhOlR3awkoLtAppwF+SzVMNx2tXTkKj1tz
3v0AhHFgp36MHA8Az2/4R//hc2RxU7AH+2KW7X5LLfSP07X041Us4qM682jN4VVP
CuB14hoUCQDnRjoaKYMrhzKqAsgXysQOjBlI2ulu8wsaKJfQYZXEtIzmIBLcVaiG
iKtUUfnUWNvR8F6D+L454sx2nhp34OrX3IL1FOaAtiYFJaQ2qsO1p1WBlsPnheiD
sUgcmHLykKd7+DvXj7l9Dr/GqU5FJwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFGP8
QLCKZzy1a5990U4hRyIb/ejsMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8yM0VCQTlDMkY1MjAxMUVGOEZEQjYwNTg3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmsRIMA0GCSqGSIb3DQEB
CwUAA4IBAQBeezXgBvjWvLvGmYQ8PLTgguIuIt2YbwXaPY8KvdrMgnRvmFdaa/VP
nhYrHYtJkISS6KtbO//jqZv/iHrvTs5d6qcbtqngSIJGc7YEl0DzdyZSQmceOTS8
tSFA8BAdfebaPXq+OPALDpSv51OXNcpqY5NqzgLLa1edjcaPxtg9peRPpLkfdv8D
VJ2JYcX6U3PFxantA1Vmlx7TNQ6MPuP7yqArqJ2T2Fcprc8XD9tz+2sxTfZoGXIR
A2bb0811JDtoXKZCkmZYIE3zDiY6C4kqlv1RdTJqOItcXYJeVktbPV2/OWJVQ/66
rt0+dEFjLR8n9VVLO+XTxA6x+N6piYCO
-----END CERTIFICATE-----
Generated at Fri May 9 05:57:45 2025 by rpki-client