Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/479464A4F5E811EFBBB279B3762E951A.roa
File: 479464A4F5E811EFBBB279B3762E951A.roa (raw, json)
Hash identifier: KoQc4pYhz3bRD12zHFsTh7qnx4vCX0CZYiESCFh8Nfc=
Subject key identifier: 72:F3:11:AE:E5:92:6E:6D:A0:5F:64:6A:71:BF:13:C8:4C:3F:2F:33
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 016BAE
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/479464A4F5E811EFBBB279B3762E951A.roa
Signing time: Fri 28 Feb 2025 15:25:45 +0000
ROA not before: Fri 28 Feb 2025 15:25:42 +0000
ROA not after: Wed 26 Mar 2025 15:25:42 +0000
asID: 62240
IP address blocks: 154.194.97.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 93102 (0x16bae)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Feb 28 15:25:42 2025 GMT
Not After : Mar 26 15:25:42 2025 GMT
Subject: CN=67c1d579-95eb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:81:b7:fc:18:31:c7:93:a6:99:9e:28:5c:64:
04:0c:75:4f:33:c9:ed:13:f9:42:ac:5b:fb:10:60:
46:4d:dc:df:af:72:31:ed:9c:10:7d:0a:a3:70:05:
2b:aa:cb:56:7d:e4:a7:0e:c0:86:59:e5:4c:ae:43:
a6:b2:2b:aa:70:af:c6:b4:05:6a:53:23:36:cf:c2:
6d:46:c3:0f:18:c8:c7:43:ee:8b:2c:dc:68:fe:f3:
58:3f:f8:20:c3:4e:4e:e2:80:d5:db:b6:1a:02:9c:
2c:ff:e2:aa:37:0e:80:7e:29:a7:0b:ee:fd:f1:74:
8e:98:e6:2f:1c:fe:9b:1b:f1:ea:f9:9e:0e:fe:2e:
8a:91:11:d5:2a:8c:1c:b3:90:bf:f2:ce:b7:f5:d2:
35:20:23:7d:18:74:c6:d0:1f:74:3c:be:8a:a8:6e:
78:67:e4:31:c4:dc:ad:70:f7:e0:bb:fe:11:0e:cf:
79:89:8b:0f:df:b6:21:91:21:26:ab:08:36:4d:82:
b1:d1:88:4a:4a:86:65:32:f1:9b:d2:a4:c0:c3:fe:
c3:83:12:87:e3:aa:c0:39:b6:58:53:ad:fa:06:46:
a2:28:af:77:ea:63:92:15:82:ac:d2:96:be:ad:82:
a6:b1:bc:30:c7:52:c9:70:4b:78:f9:2a:51:a6:4f:
c3:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:F3:11:AE:E5:92:6E:6D:A0:5F:64:6A:71:BF:13:C8:4C:3F:2F:33
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/479464A4F5E811EFBBB279B3762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.194.97.0/24
Signature Algorithm: sha256WithRSAEncryption
9a:c4:e6:91:f3:86:ea:a0:98:68:9d:ec:5a:15:21:7e:c9:33:
14:2c:4a:22:90:d6:e1:35:d0:99:f4:14:32:b9:10:69:3d:64:
01:b9:e0:20:d1:f3:46:88:a6:6b:42:d2:7f:13:00:d8:10:86:
f5:35:62:8e:60:0c:5f:2a:d3:12:7c:e8:1b:b1:fd:ac:21:d9:
70:c5:99:a3:de:5c:8f:1f:53:e7:bc:3b:31:59:5e:9e:79:bc:
66:a3:84:05:d7:75:df:80:dc:68:be:c3:89:f6:29:30:a2:48:
39:07:83:9c:fb:6d:68:07:f6:1a:6b:c4:25:30:00:3b:58:92:
e0:d4:03:41:31:20:fc:2c:0c:04:f3:e5:ed:95:9a:8c:fb:30:
4d:16:5a:36:ca:98:3a:16:bd:d8:e8:1f:f0:cb:6a:ff:45:df:
81:35:e1:55:5d:60:7a:0c:18:c6:3f:1e:26:83:4e:52:26:61:
fa:de:f0:c9:af:f6:29:41:20:66:35:73:7a:ee:41:81:73:e5:
de:c0:e1:14:91:f2:52:85:62:1c:09:03:b5:6c:c2:d8:7c:5f:
22:73:b5:28:a4:d9:9a:31:96:63:76:4e:6f:66:f3:53:2d:17:
5f:db:13:de:6b:92:0c:40:f4:5b:8c:38:9b:8e:f7:f3:b0:a6:
a9:54:98:18
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAWuuMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMjI4MTUyNTQyWhcNMjUwMzI2MTUyNTQyWjAYMRYw
FAYDVQQDEw02N2MxZDU3OS05NWViMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAuYG3/Bgxx5OmmZ4oXGQEDHVPM8ntE/lCrFv7EGBGTdzfr3Ix7ZwQfQqj
cAUrqstWfeSnDsCGWeVMrkOmsiuqcK/GtAVqUyM2z8JtRsMPGMjHQ+6LLNxo/vNY
P/ggw05O4oDV27YaApws/+KqNw6AfimnC+798XSOmOYvHP6bG/Hq+Z4O/i6KkRHV
Kowcs5C/8s639dI1ICN9GHTG0B90PL6KqG54Z+QxxNytcPfgu/4RDs95iYsP37Yh
kSEmqwg2TYKx0YhKSoZlMvGb0qTAw/7DgxKH46rAObZYU636BkaiKK936mOSFYKs
0pa+rYKmsbwwx1LJcEt4+SpRpk/DWQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFHLz
Ea7lkm5toF9kanG/E8hMPy8zMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC80Nzk0NjRBNEY1RTgxMUVGQkJCMjc5QjM3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmsJhMA0GCSqGSIb3DQEB
CwUAA4IBAQCaxOaR84bqoJhonexaFSF+yTMULEoikNbhNdCZ9BQyuRBpPWQBueAg
0fNGiKZrQtJ/EwDYEIb1NWKOYAxfKtMSfOgbsf2sIdlwxZmj3lyPH1PnvDsxWV6e
ebxmo4QF13XfgNxovsOJ9ikwokg5B4Oc+21oB/Yaa8QlMAA7WJLg1ANBMSD8LAwE
8+XtlZqM+zBNFlo2ypg6Fr3Y6B/wy2r/Rd+BNeFVXWB6DBjGPx4mg05SJmH63vDJ
r/YpQSBmNXN67kGBc+XewOEUkfJShWIcCQO1bMLYfF8ic7UopNmaMZZjdk5vZvNT
LRdf2xPea5IMQPRbjDibjvfzsKapVJgY
-----END CERTIFICATE-----
Generated at Fri May 9 13:41:15 2025 by rpki-client