Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/28D207C2F59F11EF86EEEA43762E951A.roa
File: 28D207C2F59F11EF86EEEA43762E951A.roa (raw, json)
Hash identifier: uW10LfwUDaMHx7kfs/Uqi5FU/1koLPfmg28fWZ5ENjo=
Subject key identifier: B7:8F:AA:30:DB:37:E8:95:72:B7:C7:CC:1C:F3:05:95:83:08:62:B2
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0169D5
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/28D207C2F59F11EF86EEEA43762E951A.roa
Signing time: Fri 28 Feb 2025 06:42:21 +0000
ROA not before: Fri 28 Feb 2025 06:42:09 +0000
ROA not after: Sat 29 Mar 2025 06:42:09 +0000
asID: 174
IP address blocks: 154.88.35.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 92629 (0x169d5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Feb 28 06:42:09 2025 GMT
Not After : Mar 29 06:42:09 2025 GMT
Subject: CN=67c15acc-6383
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:0b:3a:e8:1c:9a:f2:bf:7b:a4:9a:55:63:b5:
67:88:93:de:f7:e9:39:71:cc:69:df:8d:de:1b:fd:
77:e0:41:bd:9f:76:38:3a:b3:ea:dc:4a:1e:d9:a6:
17:3b:1d:8d:49:25:01:31:06:ea:d4:3b:ff:d3:aa:
ea:f5:79:42:fb:24:ee:65:a2:f2:3c:8d:4e:fe:8d:
95:60:20:f5:a1:3d:cf:af:a1:35:c2:90:27:74:27:
53:78:9b:f8:8e:b6:b4:7c:df:7d:27:46:8a:75:bd:
59:5f:0e:5f:26:89:4f:0e:30:6d:6c:25:0b:ca:a8:
a2:9b:cc:48:e8:44:c2:7e:85:00:17:82:9d:00:46:
fd:c5:c1:5c:3d:47:72:0e:12:11:5f:48:cb:90:f3:
1c:09:80:6d:06:e7:89:2d:dd:0c:9b:2c:3f:b8:52:
80:65:22:d2:f6:6f:51:31:5a:61:3f:0b:f7:c6:1a:
0c:54:a8:3a:0c:1b:5d:6b:82:61:64:b7:b4:a5:3c:
75:89:97:01:4d:58:69:1b:6a:55:c5:d8:6a:9b:c8:
44:e8:2a:07:68:58:2b:b0:07:49:66:96:28:3a:7a:
ea:b1:e8:09:e8:ef:fd:bf:59:93:57:78:70:db:3e:
84:d7:d4:98:24:be:8d:67:0d:c1:ad:ec:bd:c2:99:
f0:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:8F:AA:30:DB:37:E8:95:72:B7:C7:CC:1C:F3:05:95:83:08:62:B2
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/28D207C2F59F11EF86EEEA43762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.88.35.0/24
Signature Algorithm: sha256WithRSAEncryption
66:75:58:f4:e3:f7:15:a6:28:36:0d:04:3a:fe:3e:73:7b:08:
75:58:e0:b3:43:c5:a4:06:ee:15:28:24:7d:ff:37:38:5a:45:
6a:e0:bd:84:81:f7:c1:d9:e9:ca:43:61:36:f1:46:7c:0e:96:
ff:ff:2c:16:5f:0f:27:f6:2d:b3:ca:62:e7:80:7b:21:24:a0:
e8:10:b6:78:05:59:89:b3:1f:de:27:8d:66:d9:8d:6a:c1:ba:
0d:5c:ce:f9:ad:11:a5:f7:a9:5e:61:63:c9:f1:78:7c:7b:24:
7b:a1:3a:c9:76:b1:83:0c:0e:a6:74:1d:46:91:04:e0:63:bc:
03:de:20:6a:a3:4e:23:0a:99:a6:ac:95:11:10:d2:fb:60:de:
97:78:c5:b9:20:7f:88:f0:bc:d6:d3:fd:a7:46:54:f2:83:cc:
ec:83:2b:cb:27:ca:db:02:af:37:bf:33:4f:95:6c:11:18:8c:
86:15:89:9d:64:21:17:61:b4:a7:2f:06:52:fc:c7:4d:72:1a:
89:98:8c:9d:59:8b:6a:55:fa:3a:a8:70:01:52:e4:e1:50:40:
9c:51:78:d7:e9:4a:c6:61:75:a9:6a:04:2f:66:a9:32:9b:b9:
93:03:bf:c3:95:d2:49:fb:72:e3:6b:f6:fb:69:d3:6a:42:03:
74:25:1a:75
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAWnVMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMjI4MDY0MjA5WhcNMjUwMzI5MDY0MjA5WjAYMRYw
FAYDVQQDEw02N2MxNWFjYy02MzgzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA1Qs66Bya8r97pJpVY7VniJPe9+k5ccxp343eG/134EG9n3Y4OrPq3Eoe
2aYXOx2NSSUBMQbq1Dv/06rq9XlC+yTuZaLyPI1O/o2VYCD1oT3Pr6E1wpAndCdT
eJv4jra0fN99J0aKdb1ZXw5fJolPDjBtbCULyqiim8xI6ETCfoUAF4KdAEb9xcFc
PUdyDhIRX0jLkPMcCYBtBueJLd0Mmyw/uFKAZSLS9m9RMVphPwv3xhoMVKg6DBtd
a4JhZLe0pTx1iZcBTVhpG2pVxdhqm8hE6CoHaFgrsAdJZpYoOnrqsegJ6O/9v1mT
V3hw2z6E19SYJL6NZw3Brey9wpnwqwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFLeP
qjDbN+iVcrfHzBzzBZWDCGKyMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8yOEQyMDdDMkY1OUYxMUVGODZFRUVBNDM3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmlgjMA0GCSqGSIb3DQEB
CwUAA4IBAQBmdVj04/cVpig2DQQ6/j5zewh1WOCzQ8WkBu4VKCR9/zc4WkVq4L2E
gffB2enKQ2E28UZ8Dpb//ywWXw8n9i2zymLngHshJKDoELZ4BVmJsx/eJ41m2Y1q
wboNXM75rRGl96leYWPJ8Xh8eyR7oTrJdrGDDA6mdB1GkQTgY7wD3iBqo04jCpmm
rJURENL7YN6XeMW5IH+I8LzW0/2nRlTyg8zsgyvLJ8rbAq83vzNPlWwRGIyGFYmd
ZCEXYbSnLwZS/MdNchqJmIydWYtqVfo6qHABUuThUECcUXjX6UrGYXWpagQvZqky
m7mTA7/DldJJ+3Lja/b7adNqQgN0JRp1
-----END CERTIFICATE-----
Generated at Fri May 9 06:46:23 2025 by rpki-client