Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/56709924F53A11EF8DC77586762E951A.roa
File: 56709924F53A11EF8DC77586762E951A.roa (raw, json)
Hash identifier: IwnOZbO/R59V6lypLqLU2ed1ICCVxQp8HB+TM4DqcsQ=
Subject key identifier: C9:2F:03:34:63:DD:7D:2B:E1:CD:C4:5E:10:98:7D:06:45:EF:22:F0
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01697C
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/56709924F53A11EF8DC77586762E951A.roa
Signing time: Thu 27 Feb 2025 18:40:38 +0000
ROA not before: Thu 27 Feb 2025 18:40:34 +0000
ROA not after: Fri 28 Mar 2025 18:40:34 +0000
asID: 395793
IP address blocks: 154.193.99.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 92540 (0x1697c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Feb 27 18:40:34 2025 GMT
Not After : Mar 28 18:40:34 2025 GMT
Subject: CN=67c0b1a6-061a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:fd:5a:db:16:05:97:a2:5e:a5:9a:1d:a3:9b:
0c:90:22:3b:be:29:fc:36:85:a6:8c:74:6b:dd:3e:
cb:31:95:84:d4:02:48:b9:b7:f5:95:c2:3d:77:b5:
dd:3a:11:08:81:9e:7c:ec:60:ce:10:09:85:ee:13:
60:7f:a3:5b:93:3a:16:f1:4b:83:24:5a:1b:4b:e0:
00:8e:c0:83:c0:a6:ce:99:eb:f7:f9:bf:bd:7c:b5:
af:6a:7c:31:ce:3e:e2:7f:c1:ee:65:46:05:4e:44:
11:0b:cb:58:cd:aa:97:1b:b2:ab:2f:5f:bf:01:ae:
74:46:82:0c:68:85:e1:0f:cd:23:12:d8:c7:3b:ce:
2d:74:89:d0:eb:65:34:14:07:e0:f8:de:54:07:c9:
b4:df:81:4a:31:b8:91:b2:49:fd:8f:88:70:8c:de:
f2:95:ed:84:ca:3c:12:2c:ec:04:cb:2d:2c:dc:bc:
68:82:a1:12:3c:2a:dd:dc:7c:ad:11:af:77:81:f3:
1e:93:36:37:a6:60:09:ff:88:db:69:03:21:cd:2d:
ff:2d:a1:3f:2f:82:97:39:d6:95:f7:69:60:f2:cb:
f6:a3:ea:9d:8a:20:98:99:c7:52:63:63:db:49:0b:
a4:a7:54:3a:1f:32:79:9e:22:ee:aa:3a:de:52:6f:
36:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:2F:03:34:63:DD:7D:2B:E1:CD:C4:5E:10:98:7D:06:45:EF:22:F0
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/56709924F53A11EF8DC77586762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.193.99.0/24
Signature Algorithm: sha256WithRSAEncryption
13:ab:0b:39:30:ed:31:19:e1:5f:6d:10:1f:3c:69:7b:40:0f:
7b:44:8a:27:ef:bd:28:f1:77:a0:e5:bd:78:4a:f6:2e:2e:6a:
23:ee:3a:49:a6:02:97:f7:d0:85:d7:d0:af:24:a2:ae:90:d1:
7f:f8:ea:29:70:de:fe:ce:d1:ca:9b:6c:d1:94:d4:49:41:f1:
e4:9c:b2:25:26:9d:31:4d:85:f6:57:d7:00:c2:0b:9d:27:ec:
84:44:1f:1a:94:7e:0d:ae:85:68:43:7b:d3:6a:30:99:d1:a6:
03:3b:5e:4e:34:c4:0d:42:41:ac:7e:d4:2a:19:eb:92:9b:77:
c3:8d:59:84:ca:b1:84:4f:02:40:74:33:4b:2e:dd:70:39:4f:
67:0f:b5:88:26:9d:a1:30:7d:ca:52:2b:bc:f9:ec:32:09:6a:
55:8e:ba:d0:3e:2b:f9:92:bc:57:3f:64:a7:cf:d6:10:8b:80:
49:13:4d:9e:2a:95:4b:d8:57:a3:05:85:d1:b5:1a:c2:67:2e:
b5:de:ac:39:c6:66:51:8f:84:33:65:f9:85:b0:ac:a9:ba:c3:
a8:bd:02:ea:a0:11:0f:93:ce:c7:d1:f7:30:0a:30:ce:80:e5:
14:7f:04:ec:43:34:4e:3b:25:af:d6:e4:75:9c:b8:66:98:aa:
da:d6:5d:a0
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAWl8MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMjI3MTg0MDM0WhcNMjUwMzI4MTg0MDM0WjAYMRYw
FAYDVQQDEw02N2MwYjFhNi0wNjFhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAxf1a2xYFl6JepZodo5sMkCI7vin8NoWmjHRr3T7LMZWE1AJIubf1lcI9
d7XdOhEIgZ587GDOEAmF7hNgf6NbkzoW8UuDJFobS+AAjsCDwKbOmev3+b+9fLWv
anwxzj7if8HuZUYFTkQRC8tYzaqXG7KrL1+/Aa50RoIMaIXhD80jEtjHO84tdInQ
62U0FAfg+N5UB8m034FKMbiRskn9j4hwjN7yle2EyjwSLOwEyy0s3LxogqESPCrd
3HytEa93gfMekzY3pmAJ/4jbaQMhzS3/LaE/L4KXOdaV92lg8sv2o+qdiiCYmcdS
Y2PbSQukp1Q6HzJ5niLuqjreUm823QIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFMkv
AzRj3X0r4c3EXhCYfQZF7yLwMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC81NjcwOTkyNEY1M0ExMUVGOERDNzc1ODY3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmsFjMA0GCSqGSIb3DQEB
CwUAA4IBAQATqws5MO0xGeFfbRAfPGl7QA97RIon770o8Xeg5b14SvYuLmoj7jpJ
pgKX99CF19CvJKKukNF/+OopcN7+ztHKm2zRlNRJQfHknLIlJp0xTYX2V9cAwgud
J+yERB8alH4NroVoQ3vTajCZ0aYDO15ONMQNQkGsftQqGeuSm3fDjVmEyrGETwJA
dDNLLt1wOU9nD7WIJp2hMH3KUiu8+ewyCWpVjrrQPiv5krxXP2Snz9YQi4BJE02e
KpVL2FejBYXRtRrCZy613qw5xmZRj4QzZfmFsKypusOovQLqoBEPk87H0fcwCjDO
gOUUfwTsQzROOyWv1uR1nLhmmKra1l2g
-----END CERTIFICATE-----
Generated at Fri May 9 07:11:59 2025 by rpki-client