Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/5615614EF81911EF8AB400A1762E951A.roa
File: 5615614EF81911EF8AB400A1762E951A.roa (raw, json)
Hash identifier: iyFbeFY446U6Qfh1FesH4xpNJY/1rrxC58RTgMah0yg=
Subject key identifier: B3:BF:9A:67:FD:4A:EE:C9:4E:8E:60:FC:67:6A:61:85:CA:25:63:B4
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01700C
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/5615614EF81911EF8AB400A1762E951A.roa
Signing time: Mon 03 Mar 2025 10:21:57 +0000
ROA not before: Mon 03 Mar 2025 10:21:53 +0000
ROA not after: Wed 26 Mar 2025 10:21:53 +0000
asID: 62240
IP address blocks: 154.195.3.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 94220 (0x1700c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Mar 3 10:21:53 2025 GMT
Not After : Mar 26 10:21:53 2025 GMT
Subject: CN=67c582c5-352e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:ae:b8:72:49:90:c4:34:08:d9:a1:29:47:ca:
64:6a:43:73:ef:b9:57:83:bd:dc:2d:35:12:ca:25:
13:ad:4e:d4:5d:e9:7d:05:00:b3:37:f7:45:0f:5b:
15:78:fb:ff:f5:7b:43:56:d4:b8:5f:f8:61:c2:ca:
f1:8c:d7:c9:b5:47:6d:19:70:89:af:a6:7e:9b:54:
3b:00:8c:91:b7:f9:1f:45:af:f2:0c:48:09:2e:ff:
68:2b:45:60:c7:a6:44:64:a0:41:02:48:71:d4:69:
e7:71:c3:ea:45:e0:79:be:86:59:33:5c:1e:0b:6a:
5c:aa:a2:cf:55:4d:27:a5:53:0d:6a:2a:f4:fa:2f:
8b:65:29:61:06:94:f6:8d:2e:cb:cd:d4:7c:b0:6d:
44:f8:87:79:62:e7:fa:3e:49:eb:a3:38:d7:0b:c2:
8b:b8:e2:9c:2b:61:03:37:21:92:e7:5f:95:63:cd:
1b:7a:88:1f:74:2e:8e:81:22:d0:ba:27:bb:7e:91:
39:6d:9e:63:e0:dc:5e:30:5b:43:02:68:48:80:3a:
b7:2c:d8:d3:c9:4c:67:b7:8c:13:08:cc:d3:e4:3a:
d0:fc:81:77:3c:1b:a9:9d:e7:4d:e6:b0:9a:d1:33:
6d:dc:0b:ff:de:1a:60:f9:22:14:8b:13:6c:2b:92:
ba:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:BF:9A:67:FD:4A:EE:C9:4E:8E:60:FC:67:6A:61:85:CA:25:63:B4
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/5615614EF81911EF8AB400A1762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.195.3.0/24
Signature Algorithm: sha256WithRSAEncryption
bd:d6:a1:a3:80:4d:d3:59:8d:38:1f:9c:de:60:b1:06:70:44:
ca:f9:33:4c:bc:b3:c0:75:a9:a2:dc:fc:f1:6a:6c:7a:cf:68:
35:91:15:9d:c7:ea:f6:4b:54:99:92:d0:8a:2e:55:0b:ce:1c:
a5:93:a4:5d:c9:13:86:95:a3:ed:36:35:fc:60:cf:ba:85:fd:
69:c0:93:3a:e6:9f:34:c8:48:89:23:13:e4:9a:e0:b1:bc:0f:
f4:81:ee:50:d8:08:a6:89:af:77:ee:95:ce:6e:56:eb:46:37:
5e:9c:c0:cc:ed:90:09:d8:ac:13:bb:22:5c:90:43:a0:8a:ce:
42:1d:d9:e1:31:a8:66:4d:98:21:78:bf:07:53:04:c8:b0:b7:
f4:3e:b7:15:fa:43:b6:45:ef:af:be:4f:b9:47:ca:e3:d7:0e:
7c:c6:5e:69:48:0c:49:63:d6:88:60:74:a1:0d:39:09:0e:ca:
dc:79:19:1b:08:e2:f8:50:2a:6c:33:82:01:69:c5:ec:68:3e:
6f:15:a0:0a:2e:1e:cd:b9:26:dd:7e:42:93:b8:9e:d4:06:9f:
71:fa:77:bb:22:19:9f:d9:87:a9:cf:b6:41:2c:6f:db:02:03:
07:e9:32:83:7e:34:21:25:21:6a:1a:bd:60:7d:1c:f5:fd:a2:
af:34:56:9e
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAXAMMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMzAzMTAyMTUzWhcNMjUwMzI2MTAyMTUzWjAYMRYw
FAYDVQQDEw02N2M1ODJjNS0zNTJlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAtq64ckmQxDQI2aEpR8pkakNz77lXg73cLTUSyiUTrU7UXel9BQCzN/dF
D1sVePv/9XtDVtS4X/hhwsrxjNfJtUdtGXCJr6Z+m1Q7AIyRt/kfRa/yDEgJLv9o
K0Vgx6ZEZKBBAkhx1GnnccPqReB5voZZM1weC2pcqqLPVU0npVMNair0+i+LZSlh
BpT2jS7LzdR8sG1E+Id5Yuf6PknrozjXC8KLuOKcK2EDNyGS51+VY80beogfdC6O
gSLQuie7fpE5bZ5j4NxeMFtDAmhIgDq3LNjTyUxnt4wTCMzT5DrQ/IF3PBupnedN
5rCa0TNt3Av/3hpg+SIUixNsK5K6WwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFLO/
mmf9Su7JTo5g/GdqYYXKJWO0MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC81NjE1NjE0RUY4MTkxMUVGOEFCNDAwQTE3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmsMDMA0GCSqGSIb3DQEB
CwUAA4IBAQC91qGjgE3TWY04H5zeYLEGcETK+TNMvLPAdami3Pzxamx6z2g1kRWd
x+r2S1SZktCKLlULzhylk6RdyROGlaPtNjX8YM+6hf1pwJM65p80yEiJIxPkmuCx
vA/0ge5Q2Aimia937pXOblbrRjdenMDM7ZAJ2KwTuyJckEOgis5CHdnhMahmTZgh
eL8HUwTIsLf0PrcV+kO2Re+vvk+5R8rj1w58xl5pSAxJY9aIYHShDTkJDsrceRkb
COL4UCpsM4IBacXsaD5vFaAKLh7NuSbdfkKTuJ7UBp9x+ne7Ihmf2Yepz7ZBLG/b
AgMH6TKDfjQhJSFqGr1gfRz1/aKvNFae
-----END CERTIFICATE-----
Generated at Fri May 9 07:16:09 2025 by rpki-client