Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/28BEAAF6DA4711EFB58B0A97762E951A.roa
File: 28BEAAF6DA4711EFB58B0A97762E951A.roa (raw, json)
Hash identifier: W3d2wqjcsCyfIje9MSEBTAUOGHaM3BAPEmNpyvaZy/4=
Subject key identifier: 86:39:2B:96:95:11:ED:38:CB:1F:43:24:8A:C8:E4:69:05:D0:45:E4
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01461F
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/28BEAAF6DA4711EFB58B0A97762E951A.roa
Signing time: Fri 24 Jan 2025 11:34:23 +0000
ROA not before: Fri 24 Jan 2025 11:34:20 +0000
ROA not after: Wed 05 Mar 2025 11:34:20 +0000
asID: 49505
IP address blocks: 154.212.29.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 83487 (0x1461f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Jan 24 11:34:20 2025 GMT
Not After : Mar 5 11:34:20 2025 GMT
Subject: CN=67937abf-d301
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:63:4d:e5:14:b2:5d:bf:b0:6c:2e:af:c1:9d:
50:4d:03:6c:83:71:98:d1:4c:2f:14:86:58:d7:ab:
f0:db:3d:eb:a4:82:a2:9f:c9:d5:f1:83:ca:8f:9c:
7f:87:fa:e6:97:72:6b:33:2d:3f:47:af:b8:a1:cf:
ec:d7:05:30:26:52:6e:3f:6a:2f:48:7b:7b:b5:1a:
cb:d8:dc:d8:80:73:e9:a7:51:f9:cc:bd:d8:1a:e4:
93:3d:c3:5e:bd:00:ef:69:c0:ed:b2:d1:b0:54:15:
82:bb:9c:50:57:2a:5f:73:a6:9a:83:9a:0d:9c:38:
d7:9c:92:31:de:f2:8a:c4:d8:2f:08:3e:ba:1b:d2:
a0:ab:6e:e1:4f:71:a9:d5:48:66:67:cb:fb:44:da:
b9:33:0b:09:f7:0f:1b:3e:ce:e4:c3:c1:5b:19:11:
e3:17:7d:d8:03:1c:53:ad:4c:96:29:1e:c6:06:67:
02:69:5f:74:8b:75:c1:a1:68:fe:94:f0:d3:a4:ce:
af:1e:b6:5d:07:b6:38:9c:ab:0f:c3:8a:1a:11:b3:
14:96:47:fc:86:56:8a:2b:0a:21:c0:53:26:5f:11:
88:5c:a7:27:6c:ee:67:66:85:67:61:c5:c2:92:5c:
11:80:44:75:ba:d6:28:e9:60:88:68:61:0f:9c:cc:
1b:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:39:2B:96:95:11:ED:38:CB:1F:43:24:8A:C8:E4:69:05:D0:45:E4
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/28BEAAF6DA4711EFB58B0A97762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.212.29.0/24
Signature Algorithm: sha256WithRSAEncryption
47:d7:83:93:0a:59:fc:c2:c5:3a:e2:9c:95:c1:e2:d7:8c:04:
77:dc:48:05:a1:d7:59:a8:98:38:cd:61:a6:41:85:f1:ef:87:
b5:57:d8:68:00:f3:81:24:dd:12:0c:1e:cd:e3:75:8d:bc:69:
61:fc:81:21:0c:18:0f:44:cb:bc:95:df:0f:b1:2e:ab:44:d9:
99:76:50:1e:c4:5e:07:1b:b2:ea:64:b8:d2:ec:19:d8:e1:05:
f2:a7:a2:b9:53:8c:a8:59:48:f9:c2:83:db:13:d3:f7:19:c7:
16:8e:a1:1e:ea:05:43:fc:db:f0:9e:b1:62:40:98:a3:ce:1c:
fe:50:33:64:77:b9:3e:c5:d0:83:01:75:82:b1:94:a1:15:48:
15:ad:b6:88:12:c6:ab:d9:b8:22:62:03:9a:2b:df:03:c1:7c:
f8:47:c6:1e:4e:d9:c9:21:5f:96:5b:b8:94:dd:e9:04:da:14:
91:cf:22:26:e7:bd:00:e9:70:66:e9:3b:eb:3e:bb:58:e2:0b:
c0:eb:e6:9e:e8:60:fc:3b:ce:47:84:b5:b7:49:81:4b:b2:8f:
62:41:a9:d3:83:20:b8:7f:fb:e4:c6:8c:59:01:b6:af:4a:51:
c3:b3:5d:85:39:dd:71:eb:96:60:88:a8:bd:ee:d2:b7:84:26:
94:3d:c3:9f
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAUYfMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTI0MTEzNDIwWhcNMjUwMzA1MTEzNDIwWjAYMRYw
FAYDVQQDEw02NzkzN2FiZi1kMzAxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAuWNN5RSyXb+wbC6vwZ1QTQNsg3GY0UwvFIZY16vw2z3rpIKin8nV8YPK
j5x/h/rml3JrMy0/R6+4oc/s1wUwJlJuP2ovSHt7tRrL2NzYgHPpp1H5zL3YGuST
PcNevQDvacDtstGwVBWCu5xQVypfc6aag5oNnDjXnJIx3vKKxNgvCD66G9Kgq27h
T3Gp1UhmZ8v7RNq5MwsJ9w8bPs7kw8FbGRHjF33YAxxTrUyWKR7GBmcCaV90i3XB
oWj+lPDTpM6vHrZdB7Y4nKsPw4oaEbMUlkf8hlaKKwohwFMmXxGIXKcnbO5nZoVn
YcXCklwRgER1utYo6WCIaGEPnMwbbQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFIY5
K5aVEe04yx9DJIrI5GkF0EXkMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8yOEJFQUFGNkRBNDcxMUVGQjU4QjBBOTc3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmtQdMA0GCSqGSIb3DQEB
CwUAA4IBAQBH14OTCln8wsU64pyVweLXjAR33EgFoddZqJg4zWGmQYXx74e1V9ho
APOBJN0SDB7N43WNvGlh/IEhDBgPRMu8ld8PsS6rRNmZdlAexF4HG7LqZLjS7BnY
4QXyp6K5U4yoWUj5woPbE9P3GccWjqEe6gVD/NvwnrFiQJijzhz+UDNkd7k+xdCD
AXWCsZShFUgVrbaIEsar2bgiYgOaK98DwXz4R8YeTtnJIV+WW7iU3ekE2hSRzyIm
570A6XBm6TvrPrtY4gvA6+ae6GD8O85HhLW3SYFLso9iQanTgyC4f/vkxoxZAbav
SlHDs12FOd1x65ZgiKi97tK3hCaUPcOf
-----END CERTIFICATE-----
Generated at Thu Mar 13 17:40:16 2025 by rpki-client