Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/2DCBD222F62A11EFBF077F71762E951A.roa
File: 2DCBD222F62A11EFBF077F71762E951A.roa (raw, json)
Hash identifier: BUeheKHvuXhBC1cniw8+cTmNnAsraf7QZ7SaZ02SLYU=
Subject key identifier: 93:2B:E1:F3:75:48:37:49:3D:29:37:7E:88:E2:8C:4A:5A:67:E7:16
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 016CC1
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/2DCBD222F62A11EFBF077F71762E951A.roa
Signing time: Fri 28 Feb 2025 23:17:29 +0000
ROA not before: Fri 28 Feb 2025 23:17:25 +0000
ROA not after: Wed 26 Mar 2025 23:17:25 +0000
asID: 62240
IP address blocks: 154.194.125.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 93377 (0x16cc1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Feb 28 23:17:25 2025 GMT
Not After : Mar 26 23:17:25 2025 GMT
Subject: CN=67c24409-4616
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f0:12:fd:e1:4b:0f:a7:ea:56:74:bf:34:37:87:
9c:14:51:d7:de:ff:93:f4:ba:18:3c:98:ab:df:4c:
07:da:46:2e:96:fd:94:d6:d3:46:f8:e7:be:2e:05:
3a:1b:18:1d:ca:f8:af:f7:04:80:34:85:c4:f9:42:
f8:04:c6:d5:91:ec:07:9a:90:49:20:99:5d:6f:1e:
53:ec:a7:c0:e2:7d:88:57:95:a4:b7:2b:11:ec:19:
07:03:eb:75:38:63:98:11:13:d1:25:53:e2:a1:c6:
d0:fa:88:2e:6d:b7:f7:72:96:0f:f5:47:24:84:ab:
b9:22:64:44:46:41:a9:73:50:8c:1b:9d:5e:53:47:
a5:02:86:30:ff:e2:79:77:a3:d7:39:e7:1d:fa:92:
6e:85:6e:64:97:21:fc:15:3a:f1:2c:2c:f4:84:07:
08:3c:af:b4:a0:12:52:63:58:81:24:7f:6f:02:29:
3f:17:7d:4f:cb:b6:b4:9d:71:dc:41:4d:33:fd:5c:
45:cd:e3:a4:e8:86:29:6a:b3:b9:7a:79:eb:96:34:
7b:a7:56:4a:d0:14:98:e1:f4:13:f3:ce:9a:36:05:
65:e0:b1:98:f4:06:31:41:88:de:e2:8c:b8:f3:8f:
40:64:1a:25:dc:75:85:42:6e:a8:18:a1:d3:e6:8c:
ab:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:2B:E1:F3:75:48:37:49:3D:29:37:7E:88:E2:8C:4A:5A:67:E7:16
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/2DCBD222F62A11EFBF077F71762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.194.125.0/24
Signature Algorithm: sha256WithRSAEncryption
53:59:30:3f:66:d2:a0:01:61:78:e2:7d:f9:79:ad:ff:4b:c4:
66:50:05:d3:c3:0e:ef:30:94:8a:20:b0:e7:5b:dc:f6:7a:cb:
58:22:08:39:66:07:8b:3c:fd:ec:0d:90:8c:85:4d:d1:1a:96:
eb:89:f4:a6:63:75:86:29:18:85:5e:94:29:b5:e2:02:13:0a:
6d:72:03:9c:22:1b:98:5b:1d:85:09:50:22:3e:1d:1e:25:9e:
62:45:ea:53:c7:c6:da:3f:1b:eb:0c:35:d9:50:77:18:31:42:
47:75:6b:29:b0:fb:9d:ea:77:1e:5a:59:80:d1:a8:11:70:e3:
cf:81:09:34:a5:cb:26:6a:b1:6f:d9:89:6e:68:36:6d:54:0f:
7d:75:89:ca:0c:10:67:9a:40:0b:8c:6f:8d:e5:e3:73:e3:23:
9f:a8:6b:43:d6:29:b9:ca:49:90:1c:25:82:38:d2:b1:79:a6:
56:36:8f:3d:ca:26:07:79:59:bb:91:81:5b:d4:c1:db:b9:45:
06:61:58:68:8e:a1:4d:fc:28:13:29:8f:4d:9b:e2:60:ea:df:
10:90:cb:f5:b4:be:bf:62:e0:19:6a:8e:32:76:d3:da:0e:42:
38:50:4c:66:b6:80:81:86:01:45:b6:b2:03:ef:18:46:96:98:
cb:ab:49:dd
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAWzBMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMjI4MjMxNzI1WhcNMjUwMzI2MjMxNzI1WjAYMRYw
FAYDVQQDEw02N2MyNDQwOS00NjE2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA8BL94UsPp+pWdL80N4ecFFHX3v+T9LoYPJir30wH2kYulv2U1tNG+Oe+
LgU6Gxgdyviv9wSANIXE+UL4BMbVkewHmpBJIJldbx5T7KfA4n2IV5WktysR7BkH
A+t1OGOYERPRJVPiocbQ+ogubbf3cpYP9UckhKu5ImRERkGpc1CMG51eU0elAoYw
/+J5d6PXOecd+pJuhW5klyH8FTrxLCz0hAcIPK+0oBJSY1iBJH9vAik/F31Py7a0
nXHcQU0z/VxFzeOk6IYparO5ennrljR7p1ZK0BSY4fQT886aNgVl4LGY9AYxQYje
4oy4849AZBol3HWFQm6oGKHT5oyrqwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFJMr
4fN1SDdJPSk3fojijEpaZ+cWMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8yRENCRDIyMkY2MkExMUVGQkYwNzdGNzE3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmsJ9MA0GCSqGSIb3DQEB
CwUAA4IBAQBTWTA/ZtKgAWF44n35ea3/S8RmUAXTww7vMJSKILDnW9z2estYIgg5
ZgeLPP3sDZCMhU3RGpbrifSmY3WGKRiFXpQpteICEwptcgOcIhuYWx2FCVAiPh0e
JZ5iRepTx8baPxvrDDXZUHcYMUJHdWspsPud6nceWlmA0agRcOPPgQk0pcsmarFv
2YluaDZtVA99dYnKDBBnmkALjG+N5eNz4yOfqGtD1im5ykmQHCWCONKxeaZWNo89
yiYHeVm7kYFb1MHbuUUGYVhojqFN/CgTKY9Nm+Jg6t8QkMv1tL6/YuAZao4ydtPa
DkI4UExmtoCBhgFFtrID7xhGlpjLq0nd
-----END CERTIFICATE-----
Generated at Fri May 9 12:00:17 2025 by rpki-client