Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/27AC18DCF51E11EFA99D734A762E951A.roa
File: 27AC18DCF51E11EFA99D734A762E951A.roa (raw, json)
Hash identifier: tD1dlIGrum4D++eGBz0u5LL8sbjZO2tuQYMYg+hp5r0=
Subject key identifier: 3B:1F:C4:E9:CD:1E:D4:BD:B8:A5:F6:8B:DE:81:CA:70:D1:17:D2:2E
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0168F9
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/27AC18DCF51E11EFA99D734A762E951A.roa
Signing time: Thu 27 Feb 2025 15:18:54 +0000
ROA not before: Thu 27 Feb 2025 15:18:50 +0000
ROA not after: Wed 26 Mar 2025 15:18:50 +0000
asID: 62240
IP address blocks: 154.196.64.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 92409 (0x168f9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Feb 27 15:18:50 2025 GMT
Not After : Mar 26 15:18:50 2025 GMT
Subject: CN=67c0825d-da99
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:fe:bb:d9:23:23:a5:d5:c2:98:64:96:c3:3f:
2f:98:0f:78:07:1c:30:78:95:ce:f9:ae:aa:5d:53:
78:4d:61:6e:6d:98:6b:f3:ab:f9:56:f4:32:c3:a7:
5d:d4:2a:f8:b9:3e:3f:1c:8c:d2:39:91:5c:ec:f8:
69:c1:f1:e4:4a:d9:06:4f:15:d5:f1:44:7d:43:dc:
16:ae:3c:76:44:ac:90:32:d2:3e:91:7e:1f:63:01:
5b:2d:8b:d5:1e:79:16:5a:4c:de:9e:d7:59:ad:e4:
92:c9:50:6e:39:5d:c2:62:da:3a:1c:5a:83:84:05:
de:26:48:59:8b:c5:a6:d6:71:13:cf:06:2e:2c:52:
a0:a0:3e:bf:57:df:73:b0:e3:f4:0a:8b:56:1d:bc:
e2:6b:f0:33:67:3f:84:cb:d0:13:f1:2f:33:10:3a:
4f:5a:60:0c:90:5e:ed:48:1f:d8:e6:f0:f6:a4:51:
a5:ff:86:d7:b8:40:36:f8:1d:0e:93:67:f2:9c:94:
6e:ff:de:bb:49:21:7d:cf:6b:f7:1d:05:5e:ed:9d:
9d:59:88:31:54:86:42:59:f7:ef:ab:ff:28:31:2f:
f9:fd:1f:2c:50:83:1d:89:ec:89:b3:17:88:19:0d:
4b:77:d1:6d:4a:69:d1:1d:73:b2:1f:b2:69:98:09:
81:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:1F:C4:E9:CD:1E:D4:BD:B8:A5:F6:8B:DE:81:CA:70:D1:17:D2:2E
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/27AC18DCF51E11EFA99D734A762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.196.64.0/24
Signature Algorithm: sha256WithRSAEncryption
81:8f:8d:92:68:68:a5:7b:bd:28:3a:db:20:9c:0a:a3:58:fa:
ac:c3:09:43:75:26:de:5f:a9:be:09:03:ea:1e:ef:40:75:22:
93:ca:bb:0f:ec:52:6b:13:7a:99:5a:25:a0:61:55:d9:7e:13:
83:44:ca:3c:1c:15:d1:e8:42:cc:1f:28:55:61:7a:d6:bf:75:
a0:6d:c8:b8:7c:4c:85:34:3e:80:e9:fd:3f:59:1b:4e:85:22:
20:ce:6d:b7:c2:ed:45:5e:62:a7:ef:16:27:0b:60:20:96:48:
ac:20:aa:7a:fd:bd:02:57:c6:b3:38:ec:28:42:86:2e:fd:23:
e7:6b:1d:18:ca:4c:f7:a6:bb:6f:63:05:28:95:fa:db:23:26:
be:93:ff:65:57:09:a0:35:95:95:91:89:b5:93:b8:d6:54:44:
fd:3d:97:89:a0:49:86:48:42:b5:f8:bf:d2:eb:73:ed:e9:90:
39:a0:dd:9d:aa:fc:10:3d:ec:cc:48:27:81:da:84:e0:9f:79:
91:0d:78:7a:56:42:8e:82:03:5f:4a:0e:85:f7:32:a8:64:11:
bd:cc:92:3d:93:24:e7:85:5d:61:65:f3:85:81:0c:e3:e2:f9:
d4:fd:62:cd:b4:8a:d1:2d:a2:ad:b0:03:c0:83:5a:56:4a:ae:
0d:6e:29:f1
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAWj5MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMjI3MTUxODUwWhcNMjUwMzI2MTUxODUwWjAYMRYw
FAYDVQQDEw02N2MwODI1ZC1kYTk5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA4f672SMjpdXCmGSWwz8vmA94BxwweJXO+a6qXVN4TWFubZhr86v5VvQy
w6dd1Cr4uT4/HIzSOZFc7PhpwfHkStkGTxXV8UR9Q9wWrjx2RKyQMtI+kX4fYwFb
LYvVHnkWWkzentdZreSSyVBuOV3CYto6HFqDhAXeJkhZi8Wm1nETzwYuLFKgoD6/
V99zsOP0CotWHbzia/AzZz+Ey9AT8S8zEDpPWmAMkF7tSB/Y5vD2pFGl/4bXuEA2
+B0Ok2fynJRu/967SSF9z2v3HQVe7Z2dWYgxVIZCWffvq/8oMS/5/R8sUIMdieyJ
sxeIGQ1Ld9FtSmnRHXOyH7JpmAmBCQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFDsf
xOnNHtS9uKX2i96BynDRF9IuMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8yN0FDMThEQ0Y1MUUxMUVGQTk5RDczNEE3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmsRAMA0GCSqGSIb3DQEB
CwUAA4IBAQCBj42SaGile70oOtsgnAqjWPqswwlDdSbeX6m+CQPqHu9AdSKTyrsP
7FJrE3qZWiWgYVXZfhODRMo8HBXR6ELMHyhVYXrWv3Wgbci4fEyFND6A6f0/WRtO
hSIgzm23wu1FXmKn7xYnC2AglkisIKp6/b0CV8azOOwoQoYu/SPnax0Yykz3prtv
YwUolfrbIya+k/9lVwmgNZWVkYm1k7jWVET9PZeJoEmGSEK1+L/S63Pt6ZA5oN2d
qvwQPezMSCeB2oTgn3mRDXh6VkKOggNfSg6F9zKoZBG9zJI9kyTnhV1hZfOFgQzj
4vnU/WLNtIrRLaKtsAPAg1pWSq4Nbinx
-----END CERTIFICATE-----
Generated at Fri May 9 12:05:22 2025 by rpki-client