Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/4C5D1B08DC1011EFB6339FA3762E951A.roa
File: 4C5D1B08DC1011EFB6339FA3762E951A.roa (raw, json)
Hash identifier: o4Qf/s1BaOjOtUwX9WJAQB4kXtqG4fPX7oALAxwxgiE=
Subject key identifier: 6A:09:82:F5:12:F8:EF:53:CB:E6:8E:60:DF:43:48:7F:8C:73:2A:F0
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 014B42
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/4C5D1B08DC1011EFB6339FA3762E951A.roa
Signing time: Sun 26 Jan 2025 18:06:43 +0000
ROA not before: Sun 26 Jan 2025 18:06:39 +0000
ROA not after: Tue 01 Apr 2025 18:06:39 +0000
asID: 63139
IP address blocks: 154.94.91.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 84802 (0x14b42)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Jan 26 18:06:39 2025 GMT
Not After : Apr 1 18:06:39 2025 GMT
Subject: CN=679679b3-bff2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:d6:21:0d:98:c8:77:b0:22:37:a6:db:be:ea:
26:ee:2e:ca:d2:eb:ae:c8:1b:0f:06:50:55:55:4a:
c2:75:c7:2b:95:f1:a1:5f:0a:87:55:dc:d7:16:b4:
43:b9:44:2f:ce:db:16:84:74:ab:45:8c:16:e9:2e:
a8:14:dd:34:d3:a4:ad:22:09:40:a6:ef:07:3e:30:
b8:d0:78:9a:72:61:97:ed:39:b8:7e:9b:ac:33:85:
54:e1:56:4e:ae:ff:9a:14:f6:57:66:4b:26:09:ad:
97:53:3b:80:d4:eb:ab:1a:43:4a:60:35:74:5f:bd:
57:34:38:e5:73:8b:eb:50:fb:6f:da:93:d0:54:d8:
89:15:e5:41:47:fb:de:6f:24:f7:d1:ec:20:fe:72:
13:4a:98:52:3e:a6:82:9f:f6:a4:7f:bc:c6:ac:f1:
b8:da:73:cc:3d:f8:91:fd:00:fa:a4:69:d2:44:48:
e9:2c:dd:fa:0e:ff:0c:61:97:17:6a:2c:85:39:b4:
32:24:ce:f1:b3:36:17:0d:72:31:f8:bd:96:d1:14:
59:c5:ac:53:4f:dd:39:86:ab:47:36:57:ee:88:10:
38:fc:31:c1:11:c5:29:af:90:a5:f8:43:7f:f7:33:
f6:a8:83:85:ef:91:26:59:60:50:3e:67:ee:83:03:
51:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:09:82:F5:12:F8:EF:53:CB:E6:8E:60:DF:43:48:7F:8C:73:2A:F0
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/4C5D1B08DC1011EFB6339FA3762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.94.91.0/24
Signature Algorithm: sha256WithRSAEncryption
24:13:5e:c4:67:9f:8e:62:e6:db:51:54:a0:1f:45:d1:21:fa:
7e:9a:ee:54:33:cb:ca:b6:d7:a8:3c:cb:8d:d6:62:f4:8a:cc:
3f:48:1a:15:07:e1:09:4f:99:b3:2e:11:7b:f1:22:88:1c:1a:
9c:21:3d:52:3e:a1:da:a9:4c:a4:af:31:7f:eb:e1:04:76:77:
62:10:ea:92:bd:d3:b7:4c:43:59:62:ac:4d:55:3a:6f:d6:39:
10:bb:d1:f0:1a:fa:a7:2e:9f:b4:3d:c0:5f:35:d8:4d:e7:50:
b2:a3:d9:c3:d4:9a:cb:6a:a8:04:26:4a:73:e5:02:dc:76:c3:
60:87:38:7e:52:16:ee:3e:6f:c8:36:11:d2:18:15:48:e3:78:
74:d9:7c:48:9d:be:d2:b8:8f:b6:fb:15:2f:a7:1d:96:f9:c3:
9e:1e:9a:ef:08:85:67:8b:1e:89:58:fd:2e:7a:c4:1e:01:fe:
18:fc:1c:54:67:b0:e8:ed:6c:8b:e9:aa:81:f3:01:73:c1:e3:
cd:9f:19:b2:d1:a1:5c:da:ce:5a:b9:04:07:22:92:a0:c6:4a:
7f:02:0e:94:ec:a8:5a:60:99:89:48:66:95:59:82:d0:ba:c7:
35:fd:b3:e5:47:35:7e:86:00:3e:3d:0b:06:f1:2e:9a:98:1a:
74:ad:0f:f9
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAUtCMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTI2MTgwNjM5WhcNMjUwNDAxMTgwNjM5WjAYMRYw
FAYDVQQDEw02Nzk2NzliMy1iZmYyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAvNYhDZjId7AiN6bbvuom7i7K0uuuyBsPBlBVVUrCdccrlfGhXwqHVdzX
FrRDuUQvztsWhHSrRYwW6S6oFN0006StIglApu8HPjC40HiacmGX7Tm4fpusM4VU
4VZOrv+aFPZXZksmCa2XUzuA1OurGkNKYDV0X71XNDjlc4vrUPtv2pPQVNiJFeVB
R/vebyT30ewg/nITSphSPqaCn/akf7zGrPG42nPMPfiR/QD6pGnSREjpLN36Dv8M
YZcXaiyFObQyJM7xszYXDXIx+L2W0RRZxaxTT905hqtHNlfuiBA4/DHBEcUpr5Cl
+EN/9zP2qIOF75EmWWBQPmfugwNRbwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFGoJ
gvUS+O9Ty+aOYN9DSH+McyrwMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC80QzVEMUIwOERDMTAxMUVGQjYzMzlGQTM3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAml5bMA0GCSqGSIb3DQEB
CwUAA4IBAQAkE17EZ5+OYubbUVSgH0XRIfp+mu5UM8vKtteoPMuN1mL0isw/SBoV
B+EJT5mzLhF78SKIHBqcIT1SPqHaqUykrzF/6+EEdndiEOqSvdO3TENZYqxNVTpv
1jkQu9HwGvqnLp+0PcBfNdhN51Cyo9nD1JrLaqgEJkpz5QLcdsNghzh+UhbuPm/I
NhHSGBVI43h02XxInb7SuI+2+xUvpx2W+cOeHprvCIVnix6JWP0uesQeAf4Y/BxU
Z7Do7WyL6aqB8wFzwePNnxmy0aFc2s5auQQHIpKgxkp/Ag6U7KhaYJmJSGaVWYLQ
usc1/bPlRzV+hgA+PQsG8S6amBp0rQ/5
-----END CERTIFICATE-----
Generated at Sat Apr 12 05:00:32 2025 by rpki-client