Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/48FA5994F5B511EFAFDB8958762E951A.roa
File: 48FA5994F5B511EFAFDB8958762E951A.roa (raw, json)
Hash identifier: GNdD/DFsPl9O/230ZuEAWILzrPEbYYrcmphFb0sLZ54=
Subject key identifier: 4A:8F:9F:19:BA:D6:61:5E:4E:19:AF:F6:7A:C6:65:82:11:1F:8A:76
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 016A3F
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/48FA5994F5B511EFAFDB8958762E951A.roa
Signing time: Fri 28 Feb 2025 09:20:43 +0000
ROA not before: Fri 28 Feb 2025 09:20:40 +0000
ROA not after: Sat 29 Mar 2025 09:20:40 +0000
asID: 209242
IP address blocks: 154.206.12.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 92735 (0x16a3f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Feb 28 09:20:40 2025 GMT
Not After : Mar 29 09:20:40 2025 GMT
Subject: CN=67c17feb-9f92
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:5d:6d:3a:1e:4b:3d:d4:10:f9:da:32:f2:eb:
41:5e:db:b8:fb:02:3f:54:0b:73:db:b7:70:e5:0d:
dd:b3:3d:3b:cc:8f:c3:d8:87:be:45:8c:fc:72:b1:
97:46:5a:16:54:65:63:aa:89:b5:cf:b0:cd:e9:66:
4c:0d:12:85:02:74:c7:92:4f:e0:99:5d:f6:e6:c7:
86:22:5c:95:94:00:a5:0d:67:ad:ba:be:a1:c6:b7:
dc:93:4d:70:4b:78:bd:aa:aa:3d:fa:62:76:f3:16:
6b:37:83:c1:b5:0a:e5:f6:f9:d3:00:90:d8:6e:10:
00:c1:dd:85:7d:d7:4b:3c:da:62:55:53:1f:b6:9a:
bb:00:fc:89:e1:15:ca:8e:35:ee:10:04:ea:0f:db:
5d:9c:df:5f:e6:29:f6:d2:8a:df:ba:62:be:28:12:
d2:82:64:e8:32:43:d0:cf:fd:a5:6a:81:89:fe:98:
e0:01:53:f8:da:4d:e0:cc:02:3c:0d:32:c8:3a:ee:
f3:27:52:d0:ad:42:67:52:4b:f1:6b:a8:93:a2:77:
c1:30:3f:d1:82:ed:03:7a:81:f5:57:b3:dd:48:84:
0b:34:e7:81:41:d9:0e:c3:fa:49:fc:2f:e7:60:33:
e0:e8:99:61:c7:3e:bf:60:aa:13:59:23:26:45:90:
5d:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:8F:9F:19:BA:D6:61:5E:4E:19:AF:F6:7A:C6:65:82:11:1F:8A:76
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/48FA5994F5B511EFAFDB8958762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.206.12.0/24
Signature Algorithm: sha256WithRSAEncryption
15:a2:24:a7:68:c0:ca:47:e2:35:fc:6d:22:0a:76:32:f6:a7:
82:22:4e:13:c8:ce:a3:21:e5:86:e0:6f:11:6c:a3:f2:03:ee:
0f:75:e6:b6:ed:e2:bc:98:75:b9:a3:48:e5:4f:ab:ea:ec:8d:
93:a5:d0:81:9f:43:84:2d:42:32:1c:21:c8:8f:58:43:2b:88:
a0:a3:00:21:18:55:92:6f:27:0c:ba:e7:d3:25:e1:11:3c:89:
c6:2d:d2:df:b4:d0:02:ca:eb:a7:ee:9c:11:80:21:cf:49:e5:
86:48:20:3d:89:2e:b4:b4:ef:01:de:36:19:3c:15:d1:cd:82:
2d:1e:5f:49:57:03:8e:ab:df:9b:f5:1b:c6:86:79:b8:21:07:
ef:ce:d7:69:b8:3b:5f:45:cc:6e:35:50:42:a3:16:2e:96:c8:
cd:c6:b9:f2:59:fb:29:55:43:5b:ce:b7:91:14:7c:d2:6e:29:
fc:ab:e0:4a:60:d8:5f:44:b3:cc:c3:99:96:83:43:d8:ba:30:
30:34:9d:9e:d0:ca:65:41:68:3b:3e:06:51:b9:fc:21:b3:df:
0e:24:95:72:25:64:8c:9e:81:be:c5:09:de:ae:20:aa:99:dd:
41:d4:bc:85:fe:a2:eb:4c:ef:aa:88:ff:c1:63:1b:7c:81:49:
3b:b5:11:b5
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAWo/MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMjI4MDkyMDQwWhcNMjUwMzI5MDkyMDQwWjAYMRYw
FAYDVQQDEw02N2MxN2ZlYi05ZjkyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA4V1tOh5LPdQQ+doy8utBXtu4+wI/VAtz27dw5Q3dsz07zI/D2Ie+RYz8
crGXRloWVGVjqom1z7DN6WZMDRKFAnTHkk/gmV325seGIlyVlAClDWetur6hxrfc
k01wS3i9qqo9+mJ28xZrN4PBtQrl9vnTAJDYbhAAwd2FfddLPNpiVVMftpq7APyJ
4RXKjjXuEATqD9tdnN9f5in20orfumK+KBLSgmToMkPQz/2laoGJ/pjgAVP42k3g
zAI8DTLIOu7zJ1LQrUJnUkvxa6iTonfBMD/Rgu0DeoH1V7PdSIQLNOeBQdkOw/pJ
/C/nYDPg6Jlhxz6/YKoTWSMmRZBdWwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFEqP
nxm61mFeThmv9nrGZYIRH4p2MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC80OEZBNTk5NEY1QjUxMUVGQUZEQjg5NTg3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAms4MMA0GCSqGSIb3DQEB
CwUAA4IBAQAVoiSnaMDKR+I1/G0iCnYy9qeCIk4TyM6jIeWG4G8RbKPyA+4Pdea2
7eK8mHW5o0jlT6vq7I2TpdCBn0OELUIyHCHIj1hDK4igowAhGFWSbycMuufTJeER
PInGLdLftNACyuun7pwRgCHPSeWGSCA9iS60tO8B3jYZPBXRzYItHl9JVwOOq9+b
9RvGhnm4IQfvztdpuDtfRcxuNVBCoxYulsjNxrnyWfspVUNbzreRFHzSbin8q+BK
YNhfRLPMw5mWg0PYujAwNJ2e0MplQWg7PgZRufwhs98OJJVyJWSMnoG+xQneriCq
md1B1LyF/qLrTO+qiP/BYxt8gUk7tRG1
-----END CERTIFICATE-----
Generated at Fri May 9 06:57:11 2025 by rpki-client