Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/6FFD3A74F62E11EFBCBF7B8D762E951A.roa
File: 6FFD3A74F62E11EFBCBF7B8D762E951A.roa (raw, json)
Hash identifier: 6i2ktefs82GVN/om/jcWWnDw4qC1vMbOfu+iiFHWbpw=
Subject key identifier: 72:CD:26:5C:CE:B7:48:BB:99:05:31:53:05:88:57:90:15:48:2C:3D
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 016CE5
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/6FFD3A74F62E11EFBCBF7B8D762E951A.roa
Signing time: Fri 28 Feb 2025 23:47:58 +0000
ROA not before: Fri 28 Feb 2025 23:47:54 +0000
ROA not after: Wed 26 Mar 2025 23:47:54 +0000
asID: 62240
IP address blocks: 154.194.87.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 93413 (0x16ce5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Feb 28 23:47:54 2025 GMT
Not After : Mar 26 23:47:54 2025 GMT
Subject: CN=67c24b2e-f08d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:95:80:29:61:d9:19:fd:e8:08:77:85:70:37:
75:f3:aa:3f:a4:f5:fa:5f:98:3b:d4:ca:15:0f:ab:
dd:0c:40:1a:67:60:6b:5c:4b:05:d7:71:b6:55:9f:
bc:68:65:64:c5:0c:08:d2:9b:8b:76:f1:3f:6d:26:
9e:98:cd:23:95:95:3a:30:e9:61:d2:73:cc:6c:4f:
f9:74:19:8e:74:ff:ec:dd:5f:54:79:fb:fb:4a:98:
ff:ee:ca:a4:9b:e4:52:02:0d:85:f1:4d:19:fe:70:
40:46:1a:14:ab:1b:bc:90:a2:4d:4c:a8:47:b9:8b:
ea:ea:24:20:a3:94:9c:85:93:3b:1e:ba:5c:01:10:
ef:5b:74:d9:73:32:2e:51:78:09:f2:61:5d:da:41:
68:52:a7:ef:bf:3f:fb:ae:1f:90:06:b3:d3:24:c3:
2a:f5:38:a4:ae:fd:fa:9f:41:47:85:0d:a7:89:8a:
e2:a1:4a:3b:8f:7a:f7:ed:ec:f2:27:b7:ad:18:79:
28:a6:18:42:ca:49:90:a5:20:77:91:fa:b3:84:86:
d8:1d:90:0e:39:66:06:1e:09:fb:fa:7f:bc:19:70:
3e:a2:1a:9a:fe:3a:16:06:db:b1:dc:6d:49:67:3e:
3b:c2:44:df:50:6e:5d:3f:e7:db:50:fc:d7:dd:c0:
b6:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:CD:26:5C:CE:B7:48:BB:99:05:31:53:05:88:57:90:15:48:2C:3D
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/6FFD3A74F62E11EFBCBF7B8D762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.194.87.0/24
Signature Algorithm: sha256WithRSAEncryption
2c:db:c3:eb:24:88:a1:4c:fc:21:05:b1:d5:fa:95:cf:85:26:
f4:74:54:46:a6:13:5f:ff:3f:15:d9:22:bc:f2:d7:65:49:6f:
d2:ee:9d:40:58:98:9f:99:76:94:15:49:4f:45:10:05:91:a3:
df:01:3d:5d:00:7c:90:d4:cb:5d:38:8b:63:e6:64:cf:55:aa:
38:c2:e0:ce:66:3e:d2:34:cd:89:b2:92:3d:d3:05:7b:e5:08:
6f:f0:b2:d3:5d:09:e8:19:7d:58:f0:12:e5:75:1c:ba:e8:90:
7a:d7:e1:f5:31:a4:88:d3:c7:74:95:42:55:a9:a1:d9:64:51:
e3:02:a2:77:6b:5a:e7:78:c7:ca:3c:45:44:2a:26:15:63:b0:
45:b8:76:1e:ba:65:a5:d8:ed:3c:1d:ed:8a:97:7a:6c:cd:a7:
c9:a4:cf:4e:12:fe:2d:68:55:cd:34:53:55:37:81:78:9f:8f:
29:97:f6:9c:4c:df:6f:e6:0b:3d:95:9a:5c:c0:42:c5:a5:13:
e4:69:26:78:f1:70:3a:2c:b5:a2:94:89:0b:b5:47:65:b0:31:
cc:dc:bb:49:f8:3f:57:77:e5:d7:2c:83:7b:a2:5b:ef:39:25:
85:a8:17:1f:20:79:f1:d6:77:f0:b6:a8:61:d8:10:af:d2:2c:
59:9f:83:2a
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAWzlMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMjI4MjM0NzU0WhcNMjUwMzI2MjM0NzU0WjAYMRYw
FAYDVQQDEw02N2MyNGIyZS1mMDhkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAx5WAKWHZGf3oCHeFcDd186o/pPX6X5g71MoVD6vdDEAaZ2BrXEsF13G2
VZ+8aGVkxQwI0puLdvE/bSaemM0jlZU6MOlh0nPMbE/5dBmOdP/s3V9Uefv7Spj/
7sqkm+RSAg2F8U0Z/nBARhoUqxu8kKJNTKhHuYvq6iQgo5SchZM7HrpcARDvW3TZ
czIuUXgJ8mFd2kFoUqfvvz/7rh+QBrPTJMMq9Tikrv36n0FHhQ2niYrioUo7j3r3
7ezyJ7etGHkophhCykmQpSB3kfqzhIbYHZAOOWYGHgn7+n+8GXA+ohqa/joWBtux
3G1JZz47wkTfUG5dP+fbUPzX3cC2xwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFHLN
JlzOt0i7mQUxUwWIV5AVSCw9MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC82RkZEM0E3NEY2MkUxMUVGQkNCRjdCOEQ3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmsJXMA0GCSqGSIb3DQEB
CwUAA4IBAQAs28PrJIihTPwhBbHV+pXPhSb0dFRGphNf/z8V2SK88tdlSW/S7p1A
WJifmXaUFUlPRRAFkaPfAT1dAHyQ1MtdOItj5mTPVao4wuDOZj7SNM2JspI90wV7
5Qhv8LLTXQnoGX1Y8BLldRy66JB61+H1MaSI08d0lUJVqaHZZFHjAqJ3a1rneMfK
PEVEKiYVY7BFuHYeumWl2O08He2Kl3pszafJpM9OEv4taFXNNFNVN4F4n48pl/ac
TN9v5gs9lZpcwELFpRPkaSZ48XA6LLWilIkLtUdlsDHM3LtJ+D9Xd+XXLIN7olvv
OSWFqBcfIHnx1nfwtqhh2BCv0ixZn4Mq
-----END CERTIFICATE-----
Generated at Fri May 9 06:24:54 2025 by rpki-client