Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/6567435CF62911EF9B99DF6C762E951A.roa
File: 6567435CF62911EF9B99DF6C762E951A.roa (raw, json)
Hash identifier: he897Abg1qZrKkBMVcZzHeDQhyYnYy10tX5yeWYDD10=
Subject key identifier: 2D:82:27:0C:F7:AA:98:A1:1D:41:9B:B9:B6:A7:53:4B:A0:28:11:FB
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 016CB9
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/6567435CF62911EF9B99DF6C762E951A.roa
Signing time: Fri 28 Feb 2025 23:11:53 +0000
ROA not before: Fri 28 Feb 2025 23:11:49 +0000
ROA not after: Wed 26 Mar 2025 23:11:49 +0000
asID: 62240
IP address blocks: 154.194.123.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 93369 (0x16cb9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Feb 28 23:11:49 2025 GMT
Not After : Mar 26 23:11:49 2025 GMT
Subject: CN=67c242b9-4cd5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:d1:b8:dd:bd:d0:e6:08:85:a6:06:fe:d8:4a:
ba:71:86:5e:4c:77:3d:af:23:96:b6:16:5f:fc:7e:
c7:e4:e1:40:4a:aa:f5:69:4f:36:9b:c9:c5:47:b3:
9b:5f:c6:9f:a0:42:9b:b8:f7:a0:f7:2c:20:17:49:
ea:38:fb:f8:7d:fe:4e:3e:cf:e4:8f:97:c5:9d:3d:
53:af:f0:de:69:a9:0f:84:81:71:68:fb:0e:47:c9:
66:03:1a:a0:bf:94:0c:84:51:98:cd:ca:4e:88:68:
84:33:2f:53:59:32:bc:2e:7c:db:a0:a1:cf:e6:19:
ef:bd:c4:2b:b6:c5:df:c8:16:81:a8:50:1a:79:e6:
9f:f2:8b:83:e5:99:e7:21:23:56:90:79:f9:1b:55:
9b:af:81:35:c6:fe:ac:1a:4e:e8:2e:c0:a0:e0:e7:
24:e1:f1:e2:9a:13:fd:be:91:a1:4d:d1:d0:de:59:
1e:e6:e0:2b:4b:ea:9b:88:60:9e:14:ff:85:db:ca:
b7:a0:16:69:a8:ce:b2:b8:78:5a:5c:58:04:3b:8b:
33:32:17:ad:a3:48:d5:ce:d0:19:10:26:fc:54:f8:
e4:4f:7e:7a:49:11:fd:b1:e3:bc:00:ae:9e:cd:95:
d8:b2:8b:4a:ec:14:c0:a0:48:f5:54:13:95:41:fe:
e4:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:82:27:0C:F7:AA:98:A1:1D:41:9B:B9:B6:A7:53:4B:A0:28:11:FB
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/6567435CF62911EF9B99DF6C762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.194.123.0/24
Signature Algorithm: sha256WithRSAEncryption
c9:b2:d1:b7:13:03:68:3f:82:94:ae:65:37:32:13:d6:9c:6a:
25:88:cd:64:a0:74:5c:b3:85:5d:0b:44:9c:ee:d7:d6:cb:62:
65:04:ef:16:9f:49:1c:81:d3:c2:b9:75:c1:83:45:9b:19:a6:
f7:2b:08:0b:5e:e4:ad:45:b7:9f:fa:0a:bc:97:8d:c1:0b:1d:
3d:14:5e:f1:19:c4:7f:dd:34:06:d8:38:40:cd:1e:85:3d:d1:
50:45:98:c7:d4:c0:98:85:ef:2e:97:76:fc:16:d9:e6:cf:b8:
f7:45:a7:43:ee:bc:f6:77:73:df:33:1c:67:9c:97:96:ad:aa:
6e:16:ab:f7:19:83:5b:83:c7:20:32:c9:b1:fb:eb:d1:84:0c:
f0:78:be:2a:43:8f:00:82:28:80:76:84:df:f3:64:89:fe:ad:
0e:68:22:89:c7:6c:25:8c:63:84:ac:20:80:4f:03:6a:26:cb:
50:b0:58:d2:45:0a:1a:ff:96:9d:9a:18:76:8b:9f:cc:60:f7:
c7:20:a2:47:62:e6:ad:06:9e:8b:7a:52:a8:07:91:85:c1:45:
6f:52:4c:7e:11:5d:40:9d:4c:c3:bf:05:6d:df:ca:8f:6b:01:
00:5e:97:6e:ed:ed:cd:26:05:6f:94:cc:db:3b:ef:4c:0d:c4:
d9:2f:35:7d
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAWy5MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMjI4MjMxMTQ5WhcNMjUwMzI2MjMxMTQ5WjAYMRYw
FAYDVQQDEw02N2MyNDJiOS00Y2Q1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA0NG43b3Q5giFpgb+2Eq6cYZeTHc9ryOWthZf/H7H5OFASqr1aU82m8nF
R7ObX8afoEKbuPeg9ywgF0nqOPv4ff5OPs/kj5fFnT1Tr/DeaakPhIFxaPsOR8lm
Axqgv5QMhFGYzcpOiGiEMy9TWTK8LnzboKHP5hnvvcQrtsXfyBaBqFAaeeaf8ouD
5ZnnISNWkHn5G1Wbr4E1xv6sGk7oLsCg4Ock4fHimhP9vpGhTdHQ3lke5uArS+qb
iGCeFP+F28q3oBZpqM6yuHhaXFgEO4szMheto0jVztAZECb8VPjkT356SRH9seO8
AK6ezZXYsotK7BTAoEj1VBOVQf7kCwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFC2C
Jwz3qpihHUGbubanU0ugKBH7MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC82NTY3NDM1Q0Y2MjkxMUVGOUI5OURGNkM3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmsJ7MA0GCSqGSIb3DQEB
CwUAA4IBAQDJstG3EwNoP4KUrmU3MhPWnGoliM1koHRcs4VdC0Sc7tfWy2JlBO8W
n0kcgdPCuXXBg0WbGab3KwgLXuStRbef+gq8l43BCx09FF7xGcR/3TQG2DhAzR6F
PdFQRZjH1MCYhe8ul3b8Ftnmz7j3RadD7rz2d3PfMxxnnJeWrapuFqv3GYNbg8cg
Msmx++vRhAzweL4qQ48AgiiAdoTf82SJ/q0OaCKJx2wljGOErCCATwNqJstQsFjS
RQoa/5admhh2i5/MYPfHIKJHYuatBp6LelKoB5GFwUVvUkx+EV1AnUzDvwVt38qP
awEAXpdu7e3NJgVvlMzbO+9MDcTZLzV9
-----END CERTIFICATE-----
Generated at Fri May 9 07:06:02 2025 by rpki-client