Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/4723AD34F4E611EFA757474E762E951A.roa
File: 4723AD34F4E611EFA757474E762E951A.roa (raw, json)
Hash identifier: KfEPfzhXKK/6DVCb4DgZ37REa64n+zTXsc4X7cICWtU=
Subject key identifier: 9A:D0:1F:2C:4E:64:19:20:EC:E0:2C:A5:13:A4:66:47:3D:10:C9:B4
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0166F7
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/4723AD34F4E611EFA757474E762E951A.roa
Signing time: Thu 27 Feb 2025 08:38:55 +0000
ROA not before: Thu 27 Feb 2025 08:38:51 +0000
ROA not after: Wed 26 Mar 2025 08:38:51 +0000
asID: 62240
IP address blocks: 154.195.188.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 91895 (0x166f7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Feb 27 08:38:51 2025 GMT
Not After : Mar 26 08:38:51 2025 GMT
Subject: CN=67c0249e-ad64
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:5b:c3:f8:02:5e:8b:b2:4a:9d:e8:c2:f1:d1:
7b:a3:d3:e6:c5:cd:83:1b:94:e2:28:b9:b6:92:84:
90:04:4f:22:15:81:a8:00:f7:e1:11:e8:33:65:b4:
a4:92:60:1e:b6:8d:cf:82:34:21:08:af:17:cc:95:
af:c1:02:5a:23:84:7f:3f:70:aa:3f:98:88:3f:b2:
f3:e1:da:f0:e7:26:a4:b4:2a:63:5c:cc:c4:9d:40:
1e:f7:7a:c0:9d:43:ea:c9:37:7c:7b:7b:3e:d5:d1:
79:49:c9:fa:c9:4b:76:38:ab:7c:fc:aa:ae:05:8c:
a8:15:9d:88:64:5e:b6:bb:04:42:84:76:d2:13:ad:
3b:41:28:78:d3:cd:f8:7a:4c:18:1b:fa:0e:1d:7e:
8a:cb:f3:03:98:13:bd:6c:8f:62:66:c7:d1:2f:69:
0d:09:25:45:dd:53:90:a6:af:62:6a:46:52:31:79:
6b:aa:34:7b:8a:45:85:a3:bf:35:15:16:7e:4b:a7:
fb:aa:ea:f0:a5:4f:6f:69:d2:f2:50:dd:08:db:4b:
36:a5:91:bd:d9:62:32:41:dc:f4:d7:84:e6:d3:cf:
5b:96:68:43:2e:3c:9d:1f:7f:ed:77:f4:c2:d5:2c:
4d:e7:d5:a6:af:65:a8:9c:6e:71:b6:d5:68:9d:b8:
f3:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:D0:1F:2C:4E:64:19:20:EC:E0:2C:A5:13:A4:66:47:3D:10:C9:B4
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/4723AD34F4E611EFA757474E762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.195.188.0/24
Signature Algorithm: sha256WithRSAEncryption
7c:7d:e3:62:9a:92:1b:c4:f3:f9:a5:2c:0b:0d:7c:41:12:ee:
b7:c4:97:2a:89:bd:3a:f4:54:3b:f7:b1:24:18:38:02:4d:ba:
7a:a9:46:60:37:48:72:fa:04:4a:45:7a:d1:4d:33:26:2f:9a:
20:eb:90:8e:bf:67:c8:96:0e:63:8e:1f:13:cb:36:cc:85:96:
30:d1:ac:8e:51:da:bf:b4:58:6a:64:5e:11:96:94:7a:db:1f:
4c:3b:94:ff:aa:28:f6:14:24:58:84:81:97:2f:93:aa:a0:10:
61:4e:6a:a2:fa:4f:97:b9:ee:90:34:4e:68:90:45:5e:5e:d2:
a6:05:6d:38:58:f7:70:b8:d1:7f:c8:b8:e2:04:2b:87:23:a7:
63:d2:76:e5:ea:22:4f:3b:7c:9f:53:89:65:bd:c7:30:c3:63:
b9:11:61:c0:2c:39:79:11:f3:d6:45:b0:12:43:93:d0:33:34:
94:92:23:c4:26:b0:1c:d0:a1:f2:a3:2e:99:f2:e2:87:ce:30:
68:76:4c:ba:d6:89:16:89:23:95:72:c6:33:61:92:8c:92:5e:
1e:c2:7a:bf:2b:da:3b:ab:29:3a:aa:06:30:94:d0:1f:0b:cd:
a4:6c:c7:4c:84:56:94:74:f9:ad:f2:c9:be:2d:00:ad:6f:58:
b3:eb:87:2c
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAWb3MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMjI3MDgzODUxWhcNMjUwMzI2MDgzODUxWjAYMRYw
FAYDVQQDEw02N2MwMjQ5ZS1hZDY0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAnVvD+AJei7JKnejC8dF7o9Pmxc2DG5TiKLm2koSQBE8iFYGoAPfhEegz
ZbSkkmAeto3PgjQhCK8XzJWvwQJaI4R/P3CqP5iIP7Lz4drw5yaktCpjXMzEnUAe
93rAnUPqyTd8e3s+1dF5Scn6yUt2OKt8/KquBYyoFZ2IZF62uwRChHbSE607QSh4
0834ekwYG/oOHX6Ky/MDmBO9bI9iZsfRL2kNCSVF3VOQpq9iakZSMXlrqjR7ikWF
o781FRZ+S6f7qurwpU9vadLyUN0I20s2pZG92WIyQdz014Tm089blmhDLjydH3/t
d/TC1SxN59Wmr2WonG5xttVonbjzkQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFJrQ
HyxOZBkg7OAspROkZkc9EMm0MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC80NzIzQUQzNEY0RTYxMUVGQTc1NzQ3NEU3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmsO8MA0GCSqGSIb3DQEB
CwUAA4IBAQB8feNimpIbxPP5pSwLDXxBEu63xJcqib069FQ797EkGDgCTbp6qUZg
N0hy+gRKRXrRTTMmL5og65COv2fIlg5jjh8TyzbMhZYw0ayOUdq/tFhqZF4RlpR6
2x9MO5T/qij2FCRYhIGXL5OqoBBhTmqi+k+Xue6QNE5okEVeXtKmBW04WPdwuNF/
yLjiBCuHI6dj0nbl6iJPO3yfU4llvccww2O5EWHALDl5EfPWRbASQ5PQMzSUkiPE
JrAc0KHyoy6Z8uKHzjBodky61okWiSOVcsYzYZKMkl4ewnq/K9o7qyk6qgYwlNAf
C82kbMdMhFaUdPmt8sm+LQCtb1iz64cs
-----END CERTIFICATE-----
Generated at Fri May 9 21:55:12 2025 by rpki-client