Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/3145CE4AF4DF11EF869FBD9C762E951A.roa
File: 3145CE4AF4DF11EF869FBD9C762E951A.roa (raw, json)
Hash identifier: pZGS+DAu1okFgXUZ8AXKaxFMPbXdUSt2vOAqU1cWw+I=
Subject key identifier: DE:C0:4E:DA:F3:AC:5B:61:B9:A5:60:49:D0:14:F1:34:1C:89:20:C2
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0166BB
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/3145CE4AF4DF11EF869FBD9C762E951A.roa
Signing time: Thu 27 Feb 2025 07:48:11 +0000
ROA not before: Thu 27 Feb 2025 07:48:08 +0000
ROA not after: Wed 26 Mar 2025 07:48:08 +0000
asID: 62240
IP address blocks: 154.195.170.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 91835 (0x166bb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Feb 27 07:48:08 2025 GMT
Not After : Mar 26 07:48:08 2025 GMT
Subject: CN=67c018bb-a6fc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:8a:cd:6e:30:24:68:26:f5:e0:2b:97:01:d3:
36:b8:b8:83:7c:16:1f:04:30:16:29:f0:60:c9:72:
dc:bf:63:79:6d:75:48:14:a4:dc:10:e1:5a:34:b8:
3c:79:58:38:8f:5b:b4:4e:c3:76:11:30:cc:32:5c:
8e:ce:bd:e8:ca:1c:9c:06:de:37:f5:76:73:e1:77:
4c:df:d4:58:fc:c3:12:e0:96:7a:c7:6e:3f:f8:a1:
d2:bd:4d:09:7f:15:dc:17:66:0d:98:d7:1d:c0:06:
29:00:1a:63:69:ea:5f:1f:ff:59:47:01:db:40:0e:
3f:75:54:89:08:a9:3a:87:63:1f:9c:9a:c0:d0:13:
1e:6f:17:26:e5:93:ff:a6:94:f0:93:48:a2:45:ca:
02:fd:81:67:58:c7:5e:30:cc:e3:cd:a6:f1:59:10:
53:3d:09:46:aa:0f:06:90:ee:7e:1c:38:62:03:cb:
eb:5c:b2:e3:e9:e7:20:75:35:38:11:ff:df:c3:3a:
98:19:8c:f3:81:c9:26:4e:90:e5:f7:c4:bd:dc:f3:
d1:da:05:23:76:c4:b4:5a:1c:0b:81:95:0d:5a:e0:
bb:67:78:74:f1:f4:16:61:01:2a:83:75:d1:12:bb:
50:c6:d8:54:e5:20:67:51:53:13:c1:36:96:82:08:
1a:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:C0:4E:DA:F3:AC:5B:61:B9:A5:60:49:D0:14:F1:34:1C:89:20:C2
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/3145CE4AF4DF11EF869FBD9C762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.195.170.0/24
Signature Algorithm: sha256WithRSAEncryption
00:64:2f:68:ab:74:14:b6:05:92:9d:83:a2:cd:1e:70:a8:c5:
d1:02:04:7f:4a:d2:03:24:f8:2e:3d:8b:22:a7:4b:5a:83:8a:
28:85:e1:0a:8d:8d:14:be:71:25:8d:64:f4:f4:42:d0:89:6b:
e1:54:b8:52:a1:59:75:8e:4f:2b:65:7a:f6:28:a3:9c:fe:c4:
1b:97:08:5b:ee:fe:ab:71:dc:1f:45:05:6e:e6:db:76:75:b7:
63:30:42:35:95:df:29:2f:8f:93:0d:24:c5:f5:46:40:fa:cb:
45:59:a3:95:1c:4d:34:1f:51:d0:9f:30:bb:52:ea:6e:0b:11:
b8:4a:74:46:0b:53:96:5e:95:26:d2:d7:d5:9d:61:35:cf:cf:
81:2b:1f:0e:54:40:5b:42:fa:f2:2a:c8:ed:27:61:ae:c3:42:
dd:11:7e:84:49:5b:b2:4b:b9:ec:b8:ae:cd:8b:6e:3b:36:c9:
d7:37:c5:be:6a:25:4d:6a:f1:43:b9:48:a3:06:04:a5:1d:a7:
13:a8:cd:15:6e:f9:fd:78:3e:eb:41:69:0c:12:0d:67:26:b5:
66:08:55:17:68:5a:cc:2a:df:23:dd:96:ed:79:cb:96:3b:a7:
6d:c5:d4:32:79:ac:e3:54:5d:83:56:1c:30:11:6d:97:10:92:
13:c7:0d:94
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAWa7MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMjI3MDc0ODA4WhcNMjUwMzI2MDc0ODA4WjAYMRYw
FAYDVQQDEw02N2MwMThiYi1hNmZjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAz4rNbjAkaCb14CuXAdM2uLiDfBYfBDAWKfBgyXLcv2N5bXVIFKTcEOFa
NLg8eVg4j1u0TsN2ETDMMlyOzr3oyhycBt439XZz4XdM39RY/MMS4JZ6x24/+KHS
vU0JfxXcF2YNmNcdwAYpABpjaepfH/9ZRwHbQA4/dVSJCKk6h2MfnJrA0BMebxcm
5ZP/ppTwk0iiRcoC/YFnWMdeMMzjzabxWRBTPQlGqg8GkO5+HDhiA8vrXLLj6ecg
dTU4Ef/fwzqYGYzzgckmTpDl98S93PPR2gUjdsS0WhwLgZUNWuC7Z3h08fQWYQEq
g3XRErtQxthU5SBnUVMTwTaWgggaswIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFN7A
TtrzrFthuaVgSdAU8TQciSDCMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8zMTQ1Q0U0QUY0REYxMUVGODY5RkJEOUM3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmsOqMA0GCSqGSIb3DQEB
CwUAA4IBAQAAZC9oq3QUtgWSnYOizR5wqMXRAgR/StIDJPguPYsip0tag4ooheEK
jY0UvnEljWT09ELQiWvhVLhSoVl1jk8rZXr2KKOc/sQblwhb7v6rcdwfRQVu5tt2
dbdjMEI1ld8pL4+TDSTF9UZA+stFWaOVHE00H1HQnzC7UupuCxG4SnRGC1OWXpUm
0tfVnWE1z8+BKx8OVEBbQvryKsjtJ2Guw0LdEX6ESVuyS7nsuK7Ni247NsnXN8W+
aiVNavFDuUijBgSlHacTqM0Vbvn9eD7rQWkMEg1nJrVmCFUXaFrMKt8j3ZbtecuW
O6dtxdQyeazjVF2DVhwwEW2XEJITxw2U
-----END CERTIFICATE-----
Generated at Fri May 9 06:09:31 2025 by rpki-client