Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/28AD9472F4F611EFAFB136BA762E951A.roa
File: 28AD9472F4F611EFAFB136BA762E951A.roa (raw, json)
Hash identifier: uLhCSHud8j87rbpT8WBzsk+q38DFmz8/n3TfF8BU8rc=
Subject key identifier: 6C:1D:FB:89:D6:CF:00:92:6A:C7:5F:BF:7B:6C:A2:70:21:48:D4:F2
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0167C5
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/28AD9472F4F611EFAFB136BA762E951A.roa
Signing time: Thu 27 Feb 2025 10:32:35 +0000
ROA not before: Thu 27 Feb 2025 10:32:31 +0000
ROA not after: Wed 26 Mar 2025 10:32:31 +0000
asID: 62240
IP address blocks: 154.195.124.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 92101 (0x167c5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Feb 27 10:32:31 2025 GMT
Not After : Mar 26 10:32:31 2025 GMT
Subject: CN=67c03f43-f920
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:b5:a5:91:82:2c:e4:cb:16:4d:2f:85:a4:f4:
05:bd:15:8b:60:89:20:b1:43:19:f4:3c:aa:77:f4:
f6:11:81:6a:ff:bd:79:84:e4:6d:7e:cc:29:c0:46:
35:23:74:c2:55:d1:26:4c:8e:47:f6:29:22:06:a4:
08:2b:3c:a0:0a:95:84:75:5e:de:d8:e6:7b:f6:38:
7d:87:eb:61:5a:8a:46:a2:71:af:4d:8b:a4:56:6c:
c1:cc:56:ae:a0:99:e5:d2:28:fb:fa:0a:a4:6b:64:
85:41:ed:75:60:03:0c:e5:b0:70:cb:c1:e6:7e:93:
a5:1f:d5:43:fe:93:47:cb:76:d7:cd:dc:3f:fa:7c:
1d:10:e7:11:16:b7:c4:82:f8:25:b7:1c:ae:c2:c6:
ba:15:3c:b2:6b:3b:d9:3c:7e:a5:78:45:ee:f1:83:
e5:60:62:52:41:71:80:90:02:b6:78:f0:b5:3d:8b:
a9:37:c6:10:2d:49:cf:f5:30:eb:1c:1b:64:4f:2f:
fa:4d:9b:ab:4d:3a:58:93:b2:19:85:7e:0a:0e:df:
b7:37:1a:51:7a:02:be:59:80:8c:8c:82:26:2d:6e:
d9:57:13:e7:06:47:0d:e6:7c:8c:c6:2b:f9:78:66:
9f:5b:94:55:e9:38:fb:20:06:67:b8:e8:88:89:c0:
4f:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:1D:FB:89:D6:CF:00:92:6A:C7:5F:BF:7B:6C:A2:70:21:48:D4:F2
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/28AD9472F4F611EFAFB136BA762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.195.124.0/24
Signature Algorithm: sha256WithRSAEncryption
1c:5a:45:b3:f4:6c:5f:3a:00:ee:5e:dd:f7:06:57:fb:31:88:
39:5f:f3:8f:85:f7:f5:d1:2d:02:93:04:cc:14:78:36:fa:e6:
c3:39:72:17:fa:3d:15:04:d6:e0:f5:4c:59:5e:01:51:73:60:
db:d9:6c:cf:b1:98:0a:2b:9f:e5:bf:99:d0:16:a3:74:a7:f1:
b0:bc:17:04:bc:64:4d:b2:b2:88:d3:96:25:5d:a4:3d:68:15:
9d:a2:9e:ff:ee:45:3d:8d:c7:cc:69:83:eb:87:2a:45:7b:77:
92:a3:d4:27:ab:13:0d:ba:a5:57:99:17:86:37:89:71:c5:8c:
37:d8:b3:0c:b9:21:7c:d9:f0:21:c4:8a:12:8a:4c:24:40:f0:
f5:61:3a:1c:b7:07:06:3f:23:31:54:af:fb:ce:ef:67:82:46:
0a:b1:36:51:fe:96:63:18:a5:63:9e:0f:69:bc:00:0a:f8:d4:
f4:d0:72:3c:a1:de:04:2d:8d:09:31:ee:4c:fa:d0:36:4b:f7:
a9:dd:a1:82:7a:f1:d0:89:66:ba:ab:aa:62:cc:c7:54:f6:f1:
1a:43:18:ab:2a:f7:7c:f1:0d:7b:8a:50:bc:95:29:8d:77:c2:
42:9d:ca:81:96:88:d7:54:14:67:08:0c:a5:92:e0:01:5a:00:
7e:d4:ed:0f
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAWfFMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMjI3MTAzMjMxWhcNMjUwMzI2MTAzMjMxWjAYMRYw
FAYDVQQDEw02N2MwM2Y0My1mOTIwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAqrWlkYIs5MsWTS+FpPQFvRWLYIkgsUMZ9Dyqd/T2EYFq/715hORtfswp
wEY1I3TCVdEmTI5H9ikiBqQIKzygCpWEdV7e2OZ79jh9h+thWopGonGvTYukVmzB
zFauoJnl0ij7+gqka2SFQe11YAMM5bBwy8HmfpOlH9VD/pNHy3bXzdw/+nwdEOcR
FrfEgvgltxyuwsa6FTyyazvZPH6leEXu8YPlYGJSQXGAkAK2ePC1PYupN8YQLUnP
9TDrHBtkTy/6TZurTTpYk7IZhX4KDt+3NxpRegK+WYCMjIImLW7ZVxPnBkcN5nyM
xiv5eGafW5RV6Tj7IAZnuOiIicBPCwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFGwd
+4nWzwCSasdfv3tsonAhSNTyMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8yOEFEOTQ3MkY0RjYxMUVGQUZCMTM2QkE3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmsN8MA0GCSqGSIb3DQEB
CwUAA4IBAQAcWkWz9GxfOgDuXt33Blf7MYg5X/OPhff10S0CkwTMFHg2+ubDOXIX
+j0VBNbg9UxZXgFRc2Db2WzPsZgKK5/lv5nQFqN0p/GwvBcEvGRNsrKI05YlXaQ9
aBWdop7/7kU9jcfMaYPrhypFe3eSo9QnqxMNuqVXmReGN4lxxYw32LMMuSF82fAh
xIoSikwkQPD1YToctwcGPyMxVK/7zu9ngkYKsTZR/pZjGKVjng9pvAAK+NT00HI8
od4ELY0JMe5M+tA2S/ep3aGCevHQiWa6q6pizMdU9vEaQxirKvd88Q17ilC8lSmN
d8JCncqBlojXVBRnCAylkuABWgB+1O0P
-----END CERTIFICATE-----
Generated at Fri May 9 12:09:28 2025 by rpki-client