Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/4A71C938F61911EFBA06EB7D762E951A.roa
File: 4A71C938F61911EFBA06EB7D762E951A.roa (raw, json)
Hash identifier: +mUdq87P6zlD7Cobz0TyKuCU9NiUUlZcnMH9zA5LNJQ=
Subject key identifier: 17:A2:FF:49:D5:C3:B7:85:5E:7B:2F:CD:1F:93:9F:ED:13:02:E8:CE
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 016C2F
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/4A71C938F61911EFBA06EB7D762E951A.roa
Signing time: Fri 28 Feb 2025 21:16:35 +0000
ROA not before: Fri 28 Feb 2025 21:16:32 +0000
ROA not after: Wed 26 Mar 2025 21:16:32 +0000
asID: 62240
IP address blocks: 154.194.101.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 93231 (0x16c2f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Feb 28 21:16:32 2025 GMT
Not After : Mar 26 21:16:32 2025 GMT
Subject: CN=67c227b3-0237
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:dc:0c:e2:5c:66:a2:6f:de:5e:70:6c:85:08:
3f:8a:0e:49:49:92:14:2f:02:6b:6d:70:d4:9e:29:
38:cc:2d:90:f0:b8:53:4a:cc:c6:8b:e6:d8:85:3c:
5b:54:5b:ae:ad:3a:16:0a:9e:1f:6f:52:b7:77:33:
0d:da:ef:d0:76:f2:7a:e6:cb:eb:8b:60:f2:e6:b7:
f9:e0:6f:54:cc:97:50:0a:98:c6:bd:ff:21:d4:f0:
91:2c:9c:e7:75:89:10:fe:44:45:51:dc:01:aa:64:
46:51:ff:99:ae:ef:8e:94:7c:92:f5:9a:e5:cb:11:
d0:06:63:96:46:30:1d:76:b4:3f:e8:1d:fb:19:64:
af:3e:75:a9:3d:f4:fe:cc:73:0c:95:1b:61:68:21:
15:f0:e3:7f:f2:39:53:b2:78:b1:2d:45:71:b6:b2:
d3:dd:5d:04:85:56:e2:85:6f:fb:eb:04:21:ca:23:
35:57:4b:11:8f:4c:7b:bc:81:52:96:e6:61:5b:b6:
71:d3:cd:b8:64:74:4d:0d:2f:22:64:a4:2d:30:e5:
7c:a4:40:2b:27:0f:12:fc:59:59:21:b5:41:aa:5a:
c3:e9:af:a8:20:85:b7:7b:22:b2:46:9c:22:81:ac:
fd:63:27:87:3e:d3:24:ea:f7:2b:65:4a:15:b7:6f:
57:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:A2:FF:49:D5:C3:B7:85:5E:7B:2F:CD:1F:93:9F:ED:13:02:E8:CE
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/4A71C938F61911EFBA06EB7D762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.194.101.0/24
Signature Algorithm: sha256WithRSAEncryption
c7:71:5a:73:4c:4c:9c:dc:1c:7d:d5:b2:d7:a6:52:dc:79:d0:
c1:42:4e:83:3c:d9:c1:03:04:00:bb:df:30:1f:88:d7:5b:00:
3c:f6:ce:96:87:4b:d0:42:5b:38:58:d9:d7:02:d8:27:81:cd:
ef:51:c4:b9:87:f9:b6:bc:61:1e:ee:c3:e0:d6:ab:f4:84:15:
a5:02:b7:17:27:27:9b:e8:1c:d7:6f:95:91:00:ef:ba:1d:93:
e7:22:62:da:0c:d0:b3:ca:0a:d9:ec:9f:e0:78:d1:a9:78:75:
04:7b:b8:f3:d0:61:55:11:3c:64:30:88:5b:24:fa:f5:f3:61:
4f:6b:c9:1a:74:a0:8d:3b:dc:f8:73:1a:9e:05:8e:8a:ec:93:
c5:67:bb:fb:60:7f:d8:74:d7:39:75:f3:f2:e3:01:dd:9f:1c:
96:da:35:67:db:ba:a5:51:13:0c:84:c3:36:0a:da:e5:09:81:
c3:ea:d0:14:5f:a2:cb:d8:51:0f:4a:6b:0d:18:c6:de:11:60:
18:bb:d2:a5:b4:bd:9e:83:05:fc:19:ef:73:1f:d2:ab:69:08:
5e:6f:44:aa:39:ca:1a:1b:b1:b5:25:c8:c1:d7:5e:ce:d7:3f:
67:09:b1:c8:7f:09:35:d4:86:89:68:dc:6a:98:6f:59:eb:fe:
ff:66:8e:f2
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAWwvMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMjI4MjExNjMyWhcNMjUwMzI2MjExNjMyWjAYMRYw
FAYDVQQDEw02N2MyMjdiMy0wMjM3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAsNwM4lxmom/eXnBshQg/ig5JSZIULwJrbXDUnik4zC2Q8LhTSszGi+bY
hTxbVFuurToWCp4fb1K3dzMN2u/QdvJ65svri2Dy5rf54G9UzJdQCpjGvf8h1PCR
LJzndYkQ/kRFUdwBqmRGUf+Zru+OlHyS9ZrlyxHQBmOWRjAddrQ/6B37GWSvPnWp
PfT+zHMMlRthaCEV8ON/8jlTsnixLUVxtrLT3V0EhVbihW/76wQhyiM1V0sRj0x7
vIFSluZhW7Zx0824ZHRNDS8iZKQtMOV8pEArJw8S/FlZIbVBqlrD6a+oIIW3eyKy
Rpwigaz9YyeHPtMk6vcrZUoVt29X3wIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFBei
/0nVw7eFXnsvzR+Tn+0TAujOMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC80QTcxQzkzOEY2MTkxMUVGQkEwNkVCN0Q3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmsJlMA0GCSqGSIb3DQEB
CwUAA4IBAQDHcVpzTEyc3Bx91bLXplLcedDBQk6DPNnBAwQAu98wH4jXWwA89s6W
h0vQQls4WNnXAtgngc3vUcS5h/m2vGEe7sPg1qv0hBWlArcXJyeb6BzXb5WRAO+6
HZPnImLaDNCzygrZ7J/geNGpeHUEe7jz0GFVETxkMIhbJPr182FPa8kadKCNO9z4
cxqeBY6K7JPFZ7v7YH/YdNc5dfPy4wHdnxyW2jVn27qlURMMhMM2CtrlCYHD6tAU
X6LL2FEPSmsNGMbeEWAYu9KltL2egwX8Ge9zH9KraQheb0SqOcoaG7G1JcjB117O
1z9nCbHIfwk11IaJaNxqmG9Z6/7/Zo7y
-----END CERTIFICATE-----
Generated at Fri May 9 06:27:37 2025 by rpki-client