Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/5D2E2C3AF29811EF8F37B486762E951A.roa
File: 5D2E2C3AF29811EF8F37B486762E951A.roa (raw, json)
Hash identifier: A0KGSO6TYizhMtP5v2faZHVEtgC/1M1NHqXVQTZ+gMs=
Subject key identifier: CE:2F:70:6E:FE:8F:7A:43:56:52:CB:89:8C:F7:7D:07:31:78:3C:92
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 015BA6
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/5D2E2C3AF29811EF8F37B486762E951A.roa
Signing time: Mon 24 Feb 2025 10:16:08 +0000
ROA not before: Mon 24 Feb 2025 10:16:04 +0000
ROA not after: Wed 26 Mar 2025 10:16:04 +0000
asID: 21859
IP address blocks: 154.94.49.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 88998 (0x15ba6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Feb 24 10:16:04 2025 GMT
Not After : Mar 26 10:16:04 2025 GMT
Subject: CN=67bc46e8-efb9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:fd:84:3e:71:69:08:e4:48:d4:eb:63:b7:39:
ec:04:5f:b9:52:b7:6c:f4:79:4a:f4:d3:57:fc:72:
1c:f9:5b:55:f2:ab:1b:95:24:c7:e0:5e:21:5e:39:
9a:69:cd:bf:1b:8f:ed:56:c5:c8:d2:5f:c4:a4:9f:
37:1c:17:0f:73:be:2e:7f:0d:a0:37:ec:c5:c0:49:
8c:3d:1e:f1:d2:16:de:d0:be:76:ab:47:ad:cc:41:
f9:c2:0c:5d:00:cd:fd:cc:68:c3:ea:e3:36:c1:74:
3f:e0:94:a0:d0:50:d4:6a:c4:34:05:3a:02:ea:00:
a6:ee:8a:0d:71:38:84:d8:e2:69:bc:ad:60:cf:8c:
49:50:74:f0:bf:99:78:7e:6b:3a:e8:ca:ea:70:ab:
5e:8c:19:f2:88:88:84:24:54:f2:26:7d:25:ab:c0:
34:0c:45:ab:85:74:2b:5d:99:27:c7:55:e9:1b:2d:
15:8a:96:77:bd:7d:3b:d9:37:41:22:b0:c0:ad:2d:
1f:95:64:6b:80:5f:88:4e:98:ed:d5:2e:5e:83:21:
66:bd:06:84:5c:cb:b6:78:4b:cd:f3:13:47:94:63:
6a:7a:89:73:95:a2:82:12:ce:34:23:23:be:39:3d:
c5:01:6a:cd:33:d5:c0:6f:a2:f8:ad:c4:9e:71:6f:
90:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:2F:70:6E:FE:8F:7A:43:56:52:CB:89:8C:F7:7D:07:31:78:3C:92
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/5D2E2C3AF29811EF8F37B486762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.94.49.0/24
Signature Algorithm: sha256WithRSAEncryption
1d:bf:3a:91:24:1f:ff:81:11:b5:3f:0b:f8:00:38:74:95:0f:
1f:1e:ac:a2:3f:49:2c:80:c7:64:5f:12:07:78:42:2b:6a:b2:
83:77:f6:07:f7:63:c7:56:49:f2:a0:ac:aa:db:19:fd:22:f7:
9e:09:be:71:ad:fc:9e:54:d5:82:b9:c6:8c:37:ea:89:84:25:
bb:58:a5:9c:6c:e1:d8:69:c5:44:80:0c:ee:15:03:b2:82:a5:
b3:e5:2f:18:b1:f1:98:0d:23:28:aa:81:8d:60:1e:d2:5e:ce:
b9:1c:ce:68:14:71:11:1c:cb:1b:75:b1:ad:69:fb:c6:a6:76:
4b:bd:97:8d:87:e1:2f:b2:7d:40:ca:4e:d5:0e:19:1a:8b:93:
5e:15:5f:55:ce:30:e1:4f:c6:13:65:47:f5:92:4c:f5:74:62:
21:68:b3:4a:11:57:03:47:b2:52:24:4a:1b:99:60:ef:c8:d9:
c0:eb:77:9a:94:e5:76:1f:39:49:d5:43:1a:f3:b3:eb:af:d3:
2b:e2:e2:e2:84:f7:d1:73:f6:79:7d:6f:95:1d:54:ba:2b:56:
88:4a:78:73:c1:d1:39:3a:71:5a:b3:eb:12:61:e1:de:5e:79:
f6:ec:aa:06:fb:03:8b:fe:ef:5f:d1:a8:51:8b:c7:62:1a:9a:
90:38:58:91
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAVumMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMjI0MTAxNjA0WhcNMjUwMzI2MTAxNjA0WjAYMRYw
FAYDVQQDEw02N2JjNDZlOC1lZmI5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAn/2EPnFpCORI1OtjtznsBF+5Urds9HlK9NNX/HIc+VtV8qsblSTH4F4h
Xjmaac2/G4/tVsXI0l/EpJ83HBcPc74ufw2gN+zFwEmMPR7x0hbe0L52q0etzEH5
wgxdAM39zGjD6uM2wXQ/4JSg0FDUasQ0BToC6gCm7ooNcTiE2OJpvK1gz4xJUHTw
v5l4fms66MrqcKtejBnyiIiEJFTyJn0lq8A0DEWrhXQrXZknx1XpGy0VipZ3vX07
2TdBIrDArS0flWRrgF+ITpjt1S5egyFmvQaEXMu2eEvN8xNHlGNqeolzlaKCEs40
IyO+OT3FAWrNM9XAb6L4rcSecW+QhQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFM4v
cG7+j3pDVlLLiYz3fQcxeDySMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC81RDJFMkMzQUYyOTgxMUVGOEYzN0I0ODY3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAml4xMA0GCSqGSIb3DQEB
CwUAA4IBAQAdvzqRJB//gRG1Pwv4ADh0lQ8fHqyiP0ksgMdkXxIHeEIrarKDd/YH
92PHVknyoKyq2xn9IveeCb5xrfyeVNWCucaMN+qJhCW7WKWcbOHYacVEgAzuFQOy
gqWz5S8YsfGYDSMoqoGNYB7SXs65HM5oFHERHMsbdbGtafvGpnZLvZeNh+Evsn1A
yk7VDhkai5NeFV9VzjDhT8YTZUf1kkz1dGIhaLNKEVcDR7JSJEobmWDvyNnA63ea
lOV2HzlJ1UMa87Prr9Mr4uLihPfRc/Z5fW+VHVS6K1aISnhzwdE5OnFas+sSYeHe
Xnn27KoG+wOL/u9f0ahRi8diGpqQOFiR
-----END CERTIFICATE-----
Generated at Fri May 9 12:15:07 2025 by rpki-client