Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/42F30474F5D311EF8767CCA3762E951A.roa
File: 42F30474F5D311EF8767CCA3762E951A.roa (raw, json)
Hash identifier: TqtadQqJ347VytANpSb3TP+XtLUd0dSYVRcY4It6iFg=
Subject key identifier: 3A:18:2C:73:17:DF:EC:C8:89:D5:AF:DE:61:79:EA:5D:F9:CB:81:B5
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 016B3F
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/42F30474F5D311EF8767CCA3762E951A.roa
Signing time: Fri 28 Feb 2025 12:55:18 +0000
ROA not before: Fri 28 Feb 2025 12:55:15 +0000
ROA not after: Mon 31 Mar 2025 12:55:15 +0000
asID: 394432
IP address blocks: 154.90.224.0/19 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 92991 (0x16b3f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Feb 28 12:55:15 2025 GMT
Not After : Mar 31 12:55:15 2025 GMT
Subject: CN=67c1b236-76ec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:5b:f1:87:f3:58:12:4f:62:66:da:77:71:c6:
f0:a8:72:c9:10:d0:58:b3:97:64:ce:1f:db:05:cd:
68:7b:a2:df:c7:9f:1b:31:76:d1:54:26:95:93:35:
3f:e0:0e:09:f5:aa:64:97:be:c2:a5:ed:2b:2e:e5:
33:28:49:49:cd:c2:ca:39:62:f5:e1:9b:5e:e1:04:
b1:e4:db:1e:d1:00:bd:c9:56:d6:c9:a4:dc:53:6f:
44:a6:61:56:cf:60:7b:1e:43:be:0d:77:2e:06:cc:
cc:b5:c7:ab:03:42:9c:a0:ac:fa:2b:15:54:11:db:
fc:ff:28:42:c3:0e:56:20:6d:2c:3c:3c:77:8e:da:
e7:b7:29:b8:f7:50:60:20:47:bf:5c:a6:26:f9:e9:
3d:68:4d:e5:dd:9d:53:68:72:c5:a4:aa:43:fa:62:
6d:e6:8c:62:51:de:fc:dd:1f:f6:b3:1e:3f:91:53:
a8:7b:c9:6e:01:ea:57:12:79:13:d9:91:72:2a:cd:
2f:ca:bc:64:5a:6f:f1:68:c4:c1:d0:5a:e2:91:0c:
8b:fd:c1:ca:62:32:0f:22:bd:b4:04:b8:a5:73:73:
ad:fc:20:52:45:38:e3:42:66:f4:d3:a3:bc:d6:ff:
d4:28:f8:4e:e4:9d:21:6d:25:66:18:4e:3a:ea:2c:
49:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:18:2C:73:17:DF:EC:C8:89:D5:AF:DE:61:79:EA:5D:F9:CB:81:B5
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/42F30474F5D311EF8767CCA3762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.90.224.0/19
Signature Algorithm: sha256WithRSAEncryption
6e:b4:d4:81:13:0d:e1:3d:5b:16:82:ab:ca:e7:e7:ae:bc:d2:
39:c3:ed:c5:10:f6:36:89:fd:13:70:11:32:d0:48:1f:68:74:
7e:fe:7e:46:c7:70:08:15:43:c9:ac:4e:35:0f:28:c6:af:23:
a4:43:54:e9:85:5d:fe:c8:1c:ee:c2:e0:f9:e0:28:8d:5d:42:
10:3c:de:d7:a0:67:ac:36:b3:84:e1:85:1e:dd:3c:63:e6:1b:
18:54:d6:f7:6e:ac:fd:72:9d:be:ec:ce:8b:39:a1:4a:1e:3d:
a4:d0:18:19:1a:30:0e:51:11:96:5f:c2:7a:0d:ef:e9:66:df:
07:6c:07:ce:07:cf:d3:3f:93:0b:35:8b:f3:f8:04:d7:88:e6:
1f:10:e2:3e:22:db:ee:29:9c:e6:5b:30:53:ab:e8:7b:09:48:
21:74:b4:8a:3a:4d:91:aa:fe:a1:7a:30:92:88:10:96:79:0d:
2e:9b:76:6d:dc:89:9a:5f:34:77:20:dd:45:ca:09:41:87:1b:
25:c3:86:a6:7a:ea:3c:56:67:f4:f9:77:5b:14:72:dc:04:57:
10:cc:62:d1:02:4d:d7:8c:c8:88:7c:f0:6f:09:36:4b:f7:4d:
ae:6b:74:6f:bf:e8:7e:5f:7b:22:c9:79:19:53:f3:14:05:93:
ed:46:9d:d9
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAWs/MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMjI4MTI1NTE1WhcNMjUwMzMxMTI1NTE1WjAYMRYw
FAYDVQQDEw02N2MxYjIzNi03NmVjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEApFvxh/NYEk9iZtp3ccbwqHLJENBYs5dkzh/bBc1oe6Lfx58bMXbRVCaV
kzU/4A4J9apkl77Cpe0rLuUzKElJzcLKOWL14Zte4QSx5Nse0QC9yVbWyaTcU29E
pmFWz2B7HkO+DXcuBszMtcerA0KcoKz6KxVUEdv8/yhCww5WIG0sPDx3jtrntym4
91BgIEe/XKYm+ek9aE3l3Z1TaHLFpKpD+mJt5oxiUd783R/2sx4/kVOoe8luAepX
EnkT2ZFyKs0vyrxkWm/xaMTB0FrikQyL/cHKYjIPIr20BLilc3Ot/CBSRTjjQmb0
06O81v/UKPhO5J0hbSVmGE466ixJpwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFDoY
LHMX3+zIidWv3mF56l35y4G1MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC80MkYzMDQ3NEY1RDMxMUVGODc2N0NDQTM3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQFmlrgMA0GCSqGSIb3DQEB
CwUAA4IBAQButNSBEw3hPVsWgqvK5+euvNI5w+3FEPY2if0TcBEy0EgfaHR+/n5G
x3AIFUPJrE41DyjGryOkQ1TphV3+yBzuwuD54CiNXUIQPN7XoGesNrOE4YUe3Txj
5hsYVNb3bqz9cp2+7M6LOaFKHj2k0BgZGjAOURGWX8J6De/pZt8HbAfOB8/TP5ML
NYvz+ATXiOYfEOI+ItvuKZzmWzBTq+h7CUghdLSKOk2Rqv6hejCSiBCWeQ0um3Zt
3ImaXzR3IN1FyglBhxslw4ameuo8Vmf0+XdbFHLcBFcQzGLRAk3XjMiIfPBvCTZL
902ua3Rvv+h+X3siyXkZU/MUBZPtRp3Z
-----END CERTIFICATE-----
Generated at Fri Apr 11 11:32:05 2025 by rpki-client