Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/74108FF4F62D11EFB0A7E784762E951A.roa
File: 74108FF4F62D11EFB0A7E784762E951A.roa (raw, json)
Hash identifier: Xit2f7EoXl1C6rYgSsltLqYDBvMPOAymHkzpGUZb18c=
Subject key identifier: D3:37:38:B3:75:45:13:6D:A2:12:6C:C5:7B:08:33:17:56:78:AF:9B
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 016CDD
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/74108FF4F62D11EFB0A7E784762E951A.roa
Signing time: Fri 28 Feb 2025 23:40:56 +0000
ROA not before: Fri 28 Feb 2025 23:40:33 +0000
ROA not after: Wed 26 Mar 2025 23:40:33 +0000
asID: 62240
IP address blocks: 154.194.7.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 93405 (0x16cdd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Feb 28 23:40:33 2025 GMT
Not After : Mar 26 23:40:33 2025 GMT
Subject: CN=67c24988-e6b6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ef:27:ef:e9:e6:ff:88:08:2f:c0:52:b0:e4:12:
34:47:7c:bc:ea:84:ff:e1:88:1a:53:1d:3f:c8:ec:
c6:b9:57:0e:ed:3f:03:7b:9e:7f:80:c1:a5:87:bf:
a2:27:23:39:7a:30:54:ad:94:6b:cf:b7:18:30:0a:
e2:b4:6c:39:59:ec:17:6d:f9:f5:8f:28:4a:a3:51:
d4:64:54:c0:b5:88:00:ba:0f:e9:cd:97:7f:6d:40:
26:90:45:3c:93:38:67:20:bd:05:fd:fe:a1:29:ff:
07:d2:e3:73:ed:64:6b:ab:8d:4c:b9:d3:10:c2:b5:
c9:b2:f9:c9:bf:8c:cc:b1:69:2c:e3:d0:fb:bc:01:
56:3e:32:63:0e:4d:ad:ef:27:dd:cd:66:b5:80:7c:
27:02:04:32:c7:54:6d:fb:a6:48:5f:aa:48:de:e3:
a3:b7:d2:bd:9a:2e:12:06:5e:44:e2:ce:d3:9a:70:
fd:1a:36:fe:17:b3:10:82:34:fb:d3:6c:c7:9a:d8:
ce:2f:6f:8e:0a:9e:11:36:18:0c:31:e0:52:b7:10:
61:82:7f:3e:ff:85:51:37:22:70:19:b9:69:33:c4:
bc:4f:8f:52:6f:86:ef:4b:b7:94:f7:47:41:eb:11:
a8:29:7a:bc:e7:a5:fd:92:24:37:26:bd:1b:7f:c0:
8b:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:37:38:B3:75:45:13:6D:A2:12:6C:C5:7B:08:33:17:56:78:AF:9B
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/74108FF4F62D11EFB0A7E784762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.194.7.0/24
Signature Algorithm: sha256WithRSAEncryption
a8:a8:13:71:d8:97:5e:eb:ee:e2:ac:f5:96:1a:16:6e:a5:d5:
84:33:81:9e:2e:24:93:19:b2:ef:bd:24:2d:9b:97:a8:1c:c0:
df:ac:3f:43:4d:de:81:12:77:07:0f:9c:3d:03:34:77:71:0e:
19:86:67:df:14:98:9f:74:60:8f:14:a7:44:2a:1a:96:c9:15:
db:73:af:1c:83:cc:df:d1:06:36:76:df:3d:c1:fe:87:c9:66:
2e:ec:f7:a2:36:a9:dd:2f:8c:c6:16:30:6a:4c:ee:a5:f8:74:
f3:c1:e9:56:17:b8:fc:c8:eb:36:4a:bc:7d:e5:dd:f8:dc:7b:
f5:78:a0:02:47:fd:06:ef:8a:93:c3:67:de:e8:7b:04:28:83:
79:80:76:6e:1c:0b:a8:bb:7c:57:ed:56:73:13:da:a8:44:b2:
be:3d:09:33:3f:13:26:31:61:4f:c1:ea:26:70:1f:13:15:61:
9f:13:6d:27:96:26:7c:63:c3:d3:6f:20:17:52:0a:5f:6b:19:
09:77:a1:6f:19:ff:42:d0:2b:7b:59:8a:d7:8f:4d:5e:bb:34:
23:0c:3a:84:aa:c4:90:5e:f9:f4:df:f0:20:06:88:4d:ab:c6:
4a:06:de:69:84:cb:da:b8:0d:3f:24:9e:1c:fd:90:8d:87:10:
a2:60:42:78
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAWzdMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMjI4MjM0MDMzWhcNMjUwMzI2MjM0MDMzWjAYMRYw
FAYDVQQDEw02N2MyNDk4OC1lNmI2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA7yfv6eb/iAgvwFKw5BI0R3y86oT/4YgaUx0/yOzGuVcO7T8De55/gMGl
h7+iJyM5ejBUrZRrz7cYMAritGw5WewXbfn1jyhKo1HUZFTAtYgAug/pzZd/bUAm
kEU8kzhnIL0F/f6hKf8H0uNz7WRrq41MudMQwrXJsvnJv4zMsWks49D7vAFWPjJj
Dk2t7yfdzWa1gHwnAgQyx1Rt+6ZIX6pI3uOjt9K9mi4SBl5E4s7TmnD9Gjb+F7MQ
gjT702zHmtjOL2+OCp4RNhgMMeBStxBhgn8+/4VRNyJwGblpM8S8T49Sb4bvS7eU
90dB6xGoKXq856X9kiQ3Jr0bf8CLRQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFNM3
OLN1RRNtohJsxXsIMxdWeK+bMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC83NDEwOEZGNEY2MkQxMUVGQjBBN0U3ODQ3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmsIHMA0GCSqGSIb3DQEB
CwUAA4IBAQCoqBNx2Jde6+7irPWWGhZupdWEM4GeLiSTGbLvvSQtm5eoHMDfrD9D
Td6BEncHD5w9AzR3cQ4ZhmffFJifdGCPFKdEKhqWyRXbc68cg8zf0QY2dt89wf6H
yWYu7PeiNqndL4zGFjBqTO6l+HTzwelWF7j8yOs2Srx95d343Hv1eKACR/0G74qT
w2fe6HsEKIN5gHZuHAuou3xX7VZzE9qoRLK+PQkzPxMmMWFPweomcB8TFWGfE20n
liZ8Y8PTbyAXUgpfaxkJd6FvGf9C0Ct7WYrXj01euzQjDDqEqsSQXvn03/AgBohN
q8ZKBt5phMvauA0/JJ4c/ZCNhxCiYEJ4
-----END CERTIFICATE-----
Generated at Sat May 10 02:28:33 2025 by rpki-client