Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/3C223B08F53611EFBC1ACB6A762E951A.roa
File: 3C223B08F53611EFBC1ACB6A762E951A.roa (raw, json)
Hash identifier: k2sAmWzzGmeyN5JH7WgqiNHqSGAT8ZMQbf+E5HGSktc=
Subject key identifier: 68:AF:FA:E1:2F:11:F8:CA:0C:F9:A7:D1:53:28:D3:9E:51:8D:DD:4A
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 016972
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/3C223B08F53611EFBC1ACB6A762E951A.roa
Signing time: Thu 27 Feb 2025 18:11:16 +0000
ROA not before: Thu 27 Feb 2025 18:11:12 +0000
ROA not after: Wed 26 Mar 2025 18:11:12 +0000
asID: 62240
IP address blocks: 154.196.67.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 92530 (0x16972)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Feb 27 18:11:12 2025 GMT
Not After : Mar 26 18:11:12 2025 GMT
Subject: CN=67c0aac4-c3de
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:73:82:22:8c:54:e2:18:fc:f4:10:30:b9:e0:
ef:fa:ab:91:27:cb:72:4e:0e:25:ee:ae:6e:c7:6a:
65:e0:e0:3e:1b:35:df:d2:22:35:a3:5f:53:16:cd:
c9:d8:1b:53:bd:3b:f2:1f:eb:b2:1b:7f:73:13:0b:
87:8e:d4:57:1a:61:d6:15:d0:ef:6f:b2:7f:26:ef:
54:a3:ec:02:a7:45:f3:88:65:be:cc:43:6d:9b:74:
b9:2f:43:6b:10:d0:82:f1:42:e2:99:f2:d4:9a:c2:
d8:39:b6:76:ca:cf:1f:b3:f1:9f:f3:78:6d:f1:35:
08:90:45:93:4d:07:b9:5d:9a:a7:45:a1:3d:95:7d:
0a:ae:21:fd:2d:ec:1f:2b:ba:e4:d6:6d:7c:6b:c6:
df:bb:29:df:d2:1b:95:82:e8:62:6d:ec:89:64:36:
0c:bc:1b:65:37:21:79:c1:71:9c:fc:9c:3a:50:51:
55:73:6d:81:f5:91:bf:3e:00:4b:dd:74:c7:33:59:
cb:8b:b2:23:ae:48:19:3b:82:86:72:ac:d7:14:5c:
8e:c5:5c:31:7e:e7:ce:fc:37:f4:fa:c4:91:49:eb:
df:9e:00:b8:7a:2b:8c:d6:68:10:05:a3:22:05:2d:
aa:89:fa:a4:59:64:65:35:32:e3:dd:d6:30:6e:ce:
ae:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:AF:FA:E1:2F:11:F8:CA:0C:F9:A7:D1:53:28:D3:9E:51:8D:DD:4A
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/3C223B08F53611EFBC1ACB6A762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.196.67.0/24
Signature Algorithm: sha256WithRSAEncryption
70:93:3a:3d:a6:db:22:51:ce:45:2d:bc:c0:a5:e5:05:13:a5:
40:2e:62:86:11:6e:7c:55:90:f0:33:61:9f:63:90:3a:f0:00:
73:6d:44:a5:a0:e0:da:c9:3e:84:8c:88:a9:95:cd:db:71:5a:
93:3c:45:b4:8f:65:12:73:58:a6:f0:bd:85:86:6e:0d:b7:a1:
f6:06:06:d0:c4:38:58:27:9a:5e:c2:6a:86:58:57:af:45:45:
c2:57:78:ea:a4:57:4e:cf:ce:e4:56:7e:a2:ad:3c:ba:68:cb:
d6:1d:ec:7f:32:f6:24:fb:ba:03:46:10:4c:61:e1:63:4d:c2:
ee:39:f5:06:4e:6e:62:1a:41:72:c3:48:d9:7b:79:16:00:03:
7d:e9:00:17:56:85:cd:a8:48:00:16:15:9f:5c:5b:6f:95:58:
dc:e9:79:5e:c9:eb:45:ac:8c:d4:31:b5:81:1f:f2:29:1f:f0:
fc:dc:39:4b:1c:71:75:7e:66:3d:64:c1:88:3e:ac:8e:85:79:
4f:ed:f8:de:81:61:c4:2f:f2:b9:75:74:60:65:c6:5d:ec:75:
ea:3b:13:fa:a7:d3:a7:03:99:71:d5:15:ac:ce:5f:e9:b7:24:
8a:f1:4e:df:6f:22:f4:cf:8f:78:70:88:dc:03:7d:fa:77:2b:
6d:e0:dc:19
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAWlyMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMjI3MTgxMTEyWhcNMjUwMzI2MTgxMTEyWjAYMRYw
FAYDVQQDEw02N2MwYWFjNC1jM2RlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA1nOCIoxU4hj89BAwueDv+quRJ8tyTg4l7q5ux2pl4OA+GzXf0iI1o19T
Fs3J2BtTvTvyH+uyG39zEwuHjtRXGmHWFdDvb7J/Ju9Uo+wCp0XziGW+zENtm3S5
L0NrENCC8ULimfLUmsLYObZ2ys8fs/Gf83ht8TUIkEWTTQe5XZqnRaE9lX0KriH9
LewfK7rk1m18a8bfuynf0huVguhibeyJZDYMvBtlNyF5wXGc/Jw6UFFVc22B9ZG/
PgBL3XTHM1nLi7IjrkgZO4KGcqzXFFyOxVwxfufO/Df0+sSRSevfngC4eiuM1mgQ
BaMiBS2qifqkWWRlNTLj3dYwbs6u+wIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFGiv
+uEvEfjKDPmn0VMo055Rjd1KMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8zQzIyM0IwOEY1MzYxMUVGQkMxQUNCNkE3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmsRDMA0GCSqGSIb3DQEB
CwUAA4IBAQBwkzo9ptsiUc5FLbzApeUFE6VALmKGEW58VZDwM2GfY5A68ABzbUSl
oODayT6EjIiplc3bcVqTPEW0j2USc1im8L2Fhm4Nt6H2BgbQxDhYJ5pewmqGWFev
RUXCV3jqpFdOz87kVn6irTy6aMvWHex/MvYk+7oDRhBMYeFjTcLuOfUGTm5iGkFy
w0jZe3kWAAN96QAXVoXNqEgAFhWfXFtvlVjc6XleyetFrIzUMbWBH/IpH/D83DlL
HHF1fmY9ZMGIPqyOhXlP7fjegWHEL/K5dXRgZcZd7HXqOxP6p9OnA5lx1RWszl/p
tySK8U7fbyL0z494cIjcA336dytt4NwZ
-----END CERTIFICATE-----
Generated at Fri May 9 11:25:05 2025 by rpki-client