Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/30F3C6D2F51A11EFBD6828AD762E951A.roa
File: 30F3C6D2F51A11EFBD6828AD762E951A.roa (raw, json)
Hash identifier: BiPPoakeGSasoAsXx6lbLuv2S0S2ZfOnaLTgw9ZK4Ro=
Subject key identifier: 86:7C:49:B7:00:0A:6B:27:4E:CD:CC:73:E1:8F:08:DC:DA:49:62:F3
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0168D0
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/30F3C6D2F51A11EFBD6828AD762E951A.roa
Signing time: Thu 27 Feb 2025 14:50:31 +0000
ROA not before: Thu 27 Feb 2025 14:50:27 +0000
ROA not after: Wed 26 Mar 2025 14:50:27 +0000
asID: 62240
IP address blocks: 154.196.53.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 92368 (0x168d0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Feb 27 14:50:27 2025 GMT
Not After : Mar 26 14:50:27 2025 GMT
Subject: CN=67c07bb7-cc6e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ef:63:10:53:c7:34:9e:6c:0f:e8:18:73:bc:0a:
58:bb:e3:b3:c0:b4:7c:55:c5:30:f0:5a:21:cd:57:
33:00:2f:79:81:d4:38:c0:90:34:21:e9:9f:71:37:
40:42:f0:b5:6e:e8:11:d7:6c:b3:0e:12:d2:db:61:
aa:10:69:ca:dd:2f:86:ca:53:60:5b:6e:7d:fe:2c:
43:46:d6:e2:84:b7:d5:8b:94:cc:19:fb:16:db:2c:
5e:e1:9b:4a:d4:71:8f:08:8f:95:ac:02:0d:69:9c:
4d:3b:15:68:2a:28:45:8e:8c:94:51:38:bf:6e:d2:
ca:ca:56:b1:c6:80:81:79:1a:d1:e3:56:ca:60:0c:
2f:4d:8b:4c:87:4a:91:03:7f:d8:cd:d3:df:63:be:
9a:a6:ae:54:cd:66:ad:7c:e4:1b:a1:23:cd:30:54:
ae:45:23:c2:ae:00:fe:80:cc:0a:16:ac:cb:ce:dd:
33:3c:c1:e8:4f:c4:52:63:d5:24:a1:e1:e2:cf:29:
de:be:1e:85:00:21:7d:e7:19:5c:8d:ce:15:d6:88:
85:e4:4b:5a:67:4e:7e:1a:97:20:eb:17:aa:c9:71:
92:f9:ba:c5:d9:c6:b5:71:43:e2:cb:4b:2e:71:b2:
a4:49:d3:1d:53:f0:5f:81:83:68:7b:f6:38:2b:4b:
8d:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:7C:49:B7:00:0A:6B:27:4E:CD:CC:73:E1:8F:08:DC:DA:49:62:F3
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/30F3C6D2F51A11EFBD6828AD762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.196.53.0/24
Signature Algorithm: sha256WithRSAEncryption
02:45:df:b9:16:b0:c5:60:64:b4:ac:93:91:f3:a3:ea:94:00:
dd:87:23:3e:6c:86:c5:37:ac:6b:62:42:ba:5e:1b:41:65:5e:
d9:30:76:08:be:42:87:4b:b7:13:60:c9:02:c9:32:30:ea:43:
7b:05:69:0a:fd:58:54:b5:c6:40:21:74:e7:81:3d:5b:a1:21:
84:52:29:0c:b9:53:e7:33:e6:4d:f5:e3:d0:fd:cc:62:79:59:
3d:0f:fb:4f:29:5c:a2:ac:b2:c9:5b:fc:a7:e0:9b:b8:5e:30:
b9:94:85:80:5a:ae:be:55:c7:30:33:35:ff:35:dd:65:d8:cb:
03:a3:c7:b7:8a:f0:40:25:e2:a9:cf:be:d1:9f:af:31:72:c4:
55:f2:cb:6a:72:eb:3d:2b:2b:3d:a2:18:65:20:a3:4b:1f:e2:
81:8f:07:29:19:71:0e:ee:c2:3e:ee:95:1a:84:f7:ba:0d:88:
70:99:e5:d7:a0:40:60:99:d3:95:55:06:f6:a4:e4:c7:ea:9c:
5d:e4:7d:39:c5:40:10:01:de:b7:62:0d:38:ef:27:07:2f:64:
77:5c:ac:05:4e:e2:7c:96:7f:eb:e3:8e:d7:21:08:1e:2f:7d:
82:0c:ad:9e:2a:5e:16:9c:53:1b:e8:91:10:8c:7b:68:fb:f7:
9d:7c:36:46
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAWjQMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMjI3MTQ1MDI3WhcNMjUwMzI2MTQ1MDI3WjAYMRYw
FAYDVQQDEw02N2MwN2JiNy1jYzZlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA72MQU8c0nmwP6BhzvApYu+OzwLR8VcUw8FohzVczAC95gdQ4wJA0Iemf
cTdAQvC1bugR12yzDhLS22GqEGnK3S+GylNgW259/ixDRtbihLfVi5TMGfsW2yxe
4ZtK1HGPCI+VrAINaZxNOxVoKihFjoyUUTi/btLKylaxxoCBeRrR41bKYAwvTYtM
h0qRA3/YzdPfY76apq5UzWatfOQboSPNMFSuRSPCrgD+gMwKFqzLzt0zPMHoT8RS
Y9UkoeHizynevh6FACF95xlcjc4V1oiF5EtaZ05+Gpcg6xeqyXGS+brF2ca1cUPi
y0sucbKkSdMdU/BfgYNoe/Y4K0uN+QIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFIZ8
SbcACmsnTs3Mc+GPCNzaSWLzMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8zMEYzQzZEMkY1MUExMUVGQkQ2ODI4QUQ3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmsQ1MA0GCSqGSIb3DQEB
CwUAA4IBAQACRd+5FrDFYGS0rJOR86PqlADdhyM+bIbFN6xrYkK6XhtBZV7ZMHYI
vkKHS7cTYMkCyTIw6kN7BWkK/VhUtcZAIXTngT1boSGEUikMuVPnM+ZN9ePQ/cxi
eVk9D/tPKVyirLLJW/yn4Ju4XjC5lIWAWq6+VccwMzX/Nd1l2MsDo8e3ivBAJeKp
z77Rn68xcsRV8stqcus9Kys9ohhlIKNLH+KBjwcpGXEO7sI+7pUahPe6DYhwmeXX
oEBgmdOVVQb2pOTH6pxd5H05xUAQAd63Yg047ycHL2R3XKwFTuJ8ln/r447XIQge
L32CDK2eKl4WnFMb6JEQjHto+/edfDZG
-----END CERTIFICATE-----
Generated at Fri May 9 06:47:35 2025 by rpki-client