Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/29ECC76CF4F711EFB13661BF762E951A.roa
File: 29ECC76CF4F711EFB13661BF762E951A.roa (raw, json)
Hash identifier: DAC+OeQo+u7r1931JbD6DeXT2j62ukx+LwCBTDn+v/I=
Subject key identifier: A1:2A:98:7A:F2:B1:51:77:3B:DD:98:9C:3F:85:AF:90:72:45:21:BA
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0167D9
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/29ECC76CF4F711EFB13661BF762E951A.roa
Signing time: Thu 27 Feb 2025 10:39:47 +0000
ROA not before: Thu 27 Feb 2025 10:39:43 +0000
ROA not after: Wed 26 Mar 2025 10:39:43 +0000
asID: 62240
IP address blocks: 154.196.29.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 92121 (0x167d9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Feb 27 10:39:43 2025 GMT
Not After : Mar 26 10:39:43 2025 GMT
Subject: CN=67c040f3-7899
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ef:b4:6a:e2:4e:35:d4:ff:f0:7a:de:2d:c5:b9:
23:b6:bc:e9:f7:2a:cb:70:d7:9a:62:73:96:53:c6:
32:1f:99:88:f5:cb:cd:20:d6:e6:51:87:8f:6d:64:
8c:52:67:7b:23:96:20:d7:8e:54:f1:cc:22:66:14:
58:25:eb:a6:6b:a5:92:44:a8:43:61:92:1c:d3:aa:
d9:09:da:5b:38:9f:4e:72:fb:59:ec:35:61:aa:a6:
aa:37:3d:12:e8:b3:af:cf:ae:06:4a:19:57:96:9a:
ac:a0:22:3a:ea:46:81:61:86:84:50:62:a5:ec:2d:
77:55:71:86:33:2d:d3:52:c2:77:13:b4:dd:9f:7e:
ff:c6:17:06:10:47:92:c7:49:69:ce:57:af:40:a9:
ab:2d:8c:be:33:03:c5:00:ed:47:7c:7f:5b:e9:e4:
d9:a0:0f:3b:fd:ce:05:4b:01:5e:93:bc:0d:51:c0:
48:53:fa:5e:f1:7c:70:2f:55:65:97:de:88:8b:1c:
0d:56:2e:07:58:66:d5:fc:86:46:c8:0c:5e:17:3b:
7c:f0:af:b7:95:e9:e2:c5:d1:da:b5:b6:0c:f1:fe:
ec:be:b8:14:37:f5:13:88:dc:e9:4b:0a:6e:f4:84:
12:e9:7d:4d:00:18:eb:55:ed:80:07:2a:86:bd:e9:
1d:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:2A:98:7A:F2:B1:51:77:3B:DD:98:9C:3F:85:AF:90:72:45:21:BA
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/29ECC76CF4F711EFB13661BF762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.196.29.0/24
Signature Algorithm: sha256WithRSAEncryption
34:e5:78:6a:a4:43:e3:2d:2f:91:fb:9e:21:ff:56:21:87:e2:
17:54:5b:a6:ce:5a:15:72:1f:26:c0:65:ec:0b:f1:da:ad:f9:
3c:77:1f:c4:33:03:52:d6:fe:52:4e:f5:23:fc:b8:c2:ca:cc:
95:76:5f:9f:ad:ab:56:a3:41:c5:a8:04:8f:7e:dc:b8:e8:c4:
61:79:87:0e:10:02:7f:2f:e9:a4:19:7f:c4:62:de:09:a8:78:
ba:14:1e:07:58:4b:14:74:e2:33:00:a8:57:ac:bc:02:57:e8:
fe:89:96:87:8c:63:f4:2a:02:8f:55:80:0d:6e:91:e6:75:4a:
7c:94:d5:8b:b1:ee:1b:8c:b7:fa:2e:de:d8:ef:22:cf:96:bf:
2e:45:2a:83:ac:d2:5d:36:37:0e:31:d6:df:00:59:a0:6c:7c:
ff:34:95:3a:67:52:b1:86:2f:60:08:25:08:69:39:72:db:78:
dc:b6:86:48:ed:3d:ee:ac:93:66:9f:04:df:b0:68:3b:5f:a3:
49:19:71:78:1f:e4:3e:8e:17:c4:b6:07:11:8c:3f:d1:14:72:
6c:32:c0:ad:1b:d7:7e:77:bb:99:71:4f:4e:fb:ff:cb:91:80:
16:74:95:6a:0c:13:3f:18:90:c3:a6:fd:3d:bf:5a:21:ef:c1:
43:e9:a7:40
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAWfZMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMjI3MTAzOTQzWhcNMjUwMzI2MTAzOTQzWjAYMRYw
FAYDVQQDEw02N2MwNDBmMy03ODk5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA77Rq4k411P/wet4txbkjtrzp9yrLcNeaYnOWU8YyH5mI9cvNINbmUYeP
bWSMUmd7I5Yg145U8cwiZhRYJeuma6WSRKhDYZIc06rZCdpbOJ9OcvtZ7DVhqqaq
Nz0S6LOvz64GShlXlpqsoCI66kaBYYaEUGKl7C13VXGGMy3TUsJ3E7Tdn37/xhcG
EEeSx0lpzlevQKmrLYy+MwPFAO1HfH9b6eTZoA87/c4FSwFek7wNUcBIU/pe8Xxw
L1Vll96IixwNVi4HWGbV/IZGyAxeFzt88K+3lenixdHatbYM8f7svrgUN/UTiNzp
Swpu9IQS6X1NABjrVe2AByqGvekdpQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFKEq
mHrysVF3O92YnD+Fr5ByRSG6MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8yOUVDQzc2Q0Y0RjcxMUVGQjEzNjYxQkY3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmsQdMA0GCSqGSIb3DQEB
CwUAA4IBAQA05XhqpEPjLS+R+54h/1Yhh+IXVFumzloVch8mwGXsC/Harfk8dx/E
MwNS1v5STvUj/LjCysyVdl+fratWo0HFqASPfty46MRheYcOEAJ/L+mkGX/EYt4J
qHi6FB4HWEsUdOIzAKhXrLwCV+j+iZaHjGP0KgKPVYANbpHmdUp8lNWLse4bjLf6
Lt7Y7yLPlr8uRSqDrNJdNjcOMdbfAFmgbHz/NJU6Z1Kxhi9gCCUIaTly23jctoZI
7T3urJNmnwTfsGg7X6NJGXF4H+Q+jhfEtgcRjD/RFHJsMsCtG9d+d7uZcU9O+//L
kYAWdJVqDBM/GJDDpv09v1oh78FD6adA
-----END CERTIFICATE-----
Generated at Fri May 9 06:19:43 2025 by rpki-client