Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/774DA8F4F52511EF97627379762E951A.roa
File: 774DA8F4F52511EF97627379762E951A.roa (raw, json)
Hash identifier: Ia+emsk/MAf1wrc2nvgH+zoZX96v2fy0ojzeVDRWcwk=
Subject key identifier: B5:DF:9E:71:0F:6A:8A:A5:4B:F6:54:A4:D9:BC:28:1A:FB:DC:BA:BA
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 016940
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/774DA8F4F52511EF97627379762E951A.roa
Signing time: Thu 27 Feb 2025 16:11:14 +0000
ROA not before: Thu 27 Feb 2025 16:11:10 +0000
ROA not after: Fri 28 Mar 2025 16:11:10 +0000
asID: 395793
IP address blocks: 154.193.102.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 92480 (0x16940)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Feb 27 16:11:10 2025 GMT
Not After : Mar 28 16:11:10 2025 GMT
Subject: CN=67c08ea1-eafe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:89:0d:ad:99:37:0f:2e:05:bf:f5:67:7f:ad:
41:56:c9:e4:b5:86:75:61:44:a8:0c:4a:37:67:d7:
b6:b0:ce:55:34:68:7a:69:e2:bb:dc:0d:4e:d3:73:
14:7c:9e:6d:53:85:69:52:20:eb:87:6b:7e:d9:d2:
c3:00:de:ba:b7:cf:22:78:4f:11:34:11:14:84:d4:
83:f1:9d:0a:50:5b:48:c4:d2:11:8b:cf:a4:c4:ab:
80:13:52:fb:6c:b5:f7:91:61:4f:e7:94:26:b9:18:
09:1e:5a:51:e6:7e:71:d5:36:90:bb:9f:02:0b:ff:
eb:98:2e:6d:d8:6d:55:29:69:a1:8a:f8:c3:08:66:
4d:17:45:26:c2:3e:d7:2c:3f:99:f1:2e:7c:ac:4a:
2f:20:a7:b4:56:e5:13:97:ed:cb:34:e3:d8:87:ce:
25:f4:0d:3a:6e:1b:5b:22:e1:fb:17:cb:22:df:f8:
b2:0f:e7:d3:e0:9d:9b:77:3b:cf:d6:06:ea:b1:dc:
5d:3b:e8:e1:54:e5:4e:8e:22:1c:b4:5c:9a:7b:3e:
ed:59:1a:6d:8b:fd:33:3a:35:ca:cf:75:d5:4a:7c:
a1:cb:9a:94:04:2d:ba:0d:08:a2:d2:0f:33:74:8d:
72:91:a6:12:65:0a:ab:90:81:7c:c2:2c:79:d2:69:
e0:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:DF:9E:71:0F:6A:8A:A5:4B:F6:54:A4:D9:BC:28:1A:FB:DC:BA:BA
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/774DA8F4F52511EF97627379762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.193.102.0/24
Signature Algorithm: sha256WithRSAEncryption
64:16:f0:e6:59:5d:c1:ac:44:95:3a:f0:f2:ef:70:3b:ef:53:
6f:98:0e:b4:80:62:75:bd:bd:5a:cd:0d:f8:13:8c:92:39:f2:
31:60:88:ba:cf:c7:c2:be:51:ef:0f:17:bc:61:2e:d9:40:96:
78:95:ef:53:82:56:fa:ad:07:d0:5b:39:45:b3:63:23:fd:a3:
dc:65:56:4c:90:61:80:27:b8:a6:ee:3b:9d:8d:a4:9b:31:c2:
8c:47:db:fa:74:9a:2b:9d:c2:db:9d:0a:5c:f4:f2:a3:4d:3b:
60:9b:96:18:e0:f4:b4:0e:ef:05:6e:04:52:96:f1:e8:a8:d2:
f1:5e:e5:7b:41:32:59:01:e2:6a:d2:c7:b1:ce:0c:52:02:9a:
3f:1b:43:09:cc:f1:63:ed:30:92:93:f1:95:26:1f:31:97:90:
77:61:02:72:48:c4:d6:11:23:fc:e7:33:f6:a1:ca:c2:6a:f2:
a4:48:7e:ea:20:a9:cf:5d:59:48:62:3a:3a:a7:45:36:ae:0c:
19:39:40:d1:7f:cb:ef:ee:11:44:5e:1e:c0:9a:f1:ea:af:d2:
71:46:8f:44:8b:5d:c9:20:03:87:85:a6:e6:69:4e:65:e7:56:
cb:c7:1c:c7:b5:80:e6:03:fd:09:1c:b2:c6:6f:7c:a1:08:53:
8f:7c:4d:ca
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAWlAMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMjI3MTYxMTEwWhcNMjUwMzI4MTYxMTEwWjAYMRYw
FAYDVQQDEw02N2MwOGVhMS1lYWZlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAuIkNrZk3Dy4Fv/Vnf61BVsnktYZ1YUSoDEo3Z9e2sM5VNGh6aeK73A1O
03MUfJ5tU4VpUiDrh2t+2dLDAN66t88ieE8RNBEUhNSD8Z0KUFtIxNIRi8+kxKuA
E1L7bLX3kWFP55QmuRgJHlpR5n5x1TaQu58CC//rmC5t2G1VKWmhivjDCGZNF0Um
wj7XLD+Z8S58rEovIKe0VuUTl+3LNOPYh84l9A06bhtbIuH7F8si3/iyD+fT4J2b
dzvP1gbqsdxdO+jhVOVOjiIctFyaez7tWRpti/0zOjXKz3XVSnyhy5qUBC26DQii
0g8zdI1ykaYSZQqrkIF8wix50mngQQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFLXf
nnEPaoqlS/ZUpNm8KBr73Lq6MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC83NzREQThGNEY1MjUxMUVGOTc2MjczNzk3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmsFmMA0GCSqGSIb3DQEB
CwUAA4IBAQBkFvDmWV3BrESVOvDy73A771NvmA60gGJ1vb1azQ34E4ySOfIxYIi6
z8fCvlHvDxe8YS7ZQJZ4le9Tglb6rQfQWzlFs2Mj/aPcZVZMkGGAJ7im7judjaSb
McKMR9v6dJorncLbnQpc9PKjTTtgm5YY4PS0Du8FbgRSlvHoqNLxXuV7QTJZAeJq
0sexzgxSApo/G0MJzPFj7TCSk/GVJh8xl5B3YQJySMTWESP85zP2ocrCavKkSH7q
IKnPXVlIYjo6p0U2rgwZOUDRf8vv7hFEXh7AmvHqr9JxRo9Ei13JIAOHhabmaU5l
51bLxxzHtYDmA/0JHLLGb3yhCFOPfE3K
-----END CERTIFICATE-----
Generated at Fri May 9 07:12:01 2025 by rpki-client