Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/33D5AB5CF4EA11EF921DD969762E951A.roa
File: 33D5AB5CF4EA11EF921DD969762E951A.roa (raw, json)
Hash identifier: zdflNDmxIhGQBu6KOiLKP4X/9KVYpwSaYQCECue0was=
Subject key identifier: A3:76:97:AD:17:1F:06:F5:A8:BE:BC:7C:0E:D7:CF:01:A6:C1:BF:51
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01670F
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/33D5AB5CF4EA11EF921DD969762E951A.roa
Signing time: Thu 27 Feb 2025 09:07:00 +0000
ROA not before: Thu 27 Feb 2025 09:06:56 +0000
ROA not after: Wed 26 Mar 2025 09:06:56 +0000
asID: 62240
IP address blocks: 154.195.22.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 91919 (0x1670f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Feb 27 09:06:56 2025 GMT
Not After : Mar 26 09:06:56 2025 GMT
Subject: CN=67c02b34-2fb2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:1f:cb:25:93:a1:58:ae:a2:c1:7b:13:b6:bf:
bb:92:8c:d2:67:b0:5e:c9:29:1d:7a:d1:24:f0:7e:
31:58:9a:ef:f0:0c:05:fa:82:92:f3:69:97:20:fc:
c9:66:b8:48:04:af:5b:01:38:0b:9b:d5:4e:5a:cb:
83:dc:88:d1:05:4e:b0:46:aa:7d:08:77:43:a3:08:
ca:71:a1:c9:69:56:c8:83:68:d3:70:92:eb:72:d3:
92:f5:c3:8d:83:32:56:00:a2:79:4f:11:85:9c:62:
5f:6f:ac:ce:4d:aa:7c:87:1b:b8:37:6a:6b:ac:fd:
b4:09:05:d1:f9:29:a7:55:0b:5e:b7:6c:8e:28:b6:
1f:5d:72:c9:7d:e7:3f:54:d2:bf:7c:dc:50:b6:82:
2a:22:8e:30:9e:ce:06:68:82:d3:25:4c:5b:bd:3f:
ba:f0:d7:9e:4a:e0:c3:3f:12:23:91:81:35:d8:71:
c2:b6:ac:9b:73:85:07:72:cc:6d:ab:f5:8a:d2:aa:
31:21:c2:67:13:e7:de:59:35:6b:cc:f4:41:9b:68:
3b:91:3f:5a:da:f5:91:22:4f:90:04:7f:c1:bf:95:
0b:7b:97:1e:fa:70:f6:aa:04:c4:94:38:2f:dc:ae:
58:42:82:0d:ff:32:a4:f1:55:67:a8:8f:56:2b:ae:
48:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:76:97:AD:17:1F:06:F5:A8:BE:BC:7C:0E:D7:CF:01:A6:C1:BF:51
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/33D5AB5CF4EA11EF921DD969762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.195.22.0/24
Signature Algorithm: sha256WithRSAEncryption
3a:9b:e9:92:cf:f0:e6:5c:80:cf:74:56:71:4c:8d:fd:1d:25:
f7:6e:d3:72:cf:c4:f3:76:91:db:66:8d:2f:e7:35:c0:7d:2f:
f5:85:ff:f8:da:aa:48:d8:02:99:ef:ec:73:a2:9e:1b:2e:1e:
e5:85:1a:ac:33:c1:41:0e:1f:eb:79:fb:f6:d3:ae:44:58:32:
0b:8b:42:f2:5c:38:a3:3f:3e:99:ed:48:f0:5b:97:be:c1:d9:
04:c8:c0:ee:eb:59:f3:4f:82:37:f5:53:a0:95:7b:6d:22:75:
1e:b0:d7:70:c1:f8:4b:8a:01:da:2a:00:72:99:15:0f:f8:64:
df:ae:04:43:e4:a5:35:e9:0f:cf:fb:e0:73:94:e6:92:25:6f:
8e:60:95:93:83:c4:94:95:fc:b9:cc:ed:38:af:78:78:44:df:
12:1b:87:f5:cb:21:27:d0:8a:67:ba:7b:1a:6a:53:97:06:76:
9e:ee:4c:a1:c7:9a:ed:20:79:80:5e:5e:9f:b6:72:32:59:26:
74:ee:b6:b1:52:d8:05:51:74:b1:7c:9f:8f:9e:8b:d9:74:72:
c9:0d:2d:8e:fb:f1:6e:ea:3b:d6:a4:ce:be:1a:32:24:62:39:
d5:7a:23:eb:38:73:14:5b:b0:b7:10:0a:d3:88:ed:ba:74:38:
8e:66:e7:47
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAWcPMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMjI3MDkwNjU2WhcNMjUwMzI2MDkwNjU2WjAYMRYw
FAYDVQQDEw02N2MwMmIzNC0yZmIyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA0B/LJZOhWK6iwXsTtr+7kozSZ7BeySkdetEk8H4xWJrv8AwF+oKS82mX
IPzJZrhIBK9bATgLm9VOWsuD3IjRBU6wRqp9CHdDowjKcaHJaVbIg2jTcJLrctOS
9cONgzJWAKJ5TxGFnGJfb6zOTap8hxu4N2prrP20CQXR+SmnVQtet2yOKLYfXXLJ
fec/VNK/fNxQtoIqIo4wns4GaILTJUxbvT+68NeeSuDDPxIjkYE12HHCtqybc4UH
csxtq/WK0qoxIcJnE+feWTVrzPRBm2g7kT9a2vWRIk+QBH/Bv5ULe5ce+nD2qgTE
lDgv3K5YQoIN/zKk8VVnqI9WK65I/QIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFKN2
l60XHwb1qL68fA7XzwGmwb9RMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8zM0Q1QUI1Q0Y0RUExMUVGOTIxREQ5Njk3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmsMWMA0GCSqGSIb3DQEB
CwUAA4IBAQA6m+mSz/DmXIDPdFZxTI39HSX3btNyz8TzdpHbZo0v5zXAfS/1hf/4
2qpI2AKZ7+xzop4bLh7lhRqsM8FBDh/refv2065EWDILi0LyXDijPz6Z7UjwW5e+
wdkEyMDu61nzT4I39VOglXttInUesNdwwfhLigHaKgBymRUP+GTfrgRD5KU16Q/P
++BzlOaSJW+OYJWTg8SUlfy5zO04r3h4RN8SG4f1yyEn0IpnunsaalOXBnae7kyh
x5rtIHmAXl6ftnIyWSZ07raxUtgFUXSxfJ+PnovZdHLJDS2O+/Fu6jvWpM6+GjIk
YjnVeiPrOHMUW7C3EArTiO26dDiOZudH
-----END CERTIFICATE-----
Generated at Fri May 9 07:02:37 2025 by rpki-client