Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/7E2443DEF82911EFB63DA18E762E951A.roa
File: 7E2443DEF82911EFB63DA18E762E951A.roa (raw, json)
Hash identifier: W3hcStYps3VAA9qpeZ7DmIMIkW8lw+iZpqJ1/9q2a9o=
Subject key identifier: D8:E2:78:8D:65:DD:92:4B:6A:72:F6:44:F3:30:19:E9:8A:19:84:FB
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01708B
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/7E2443DEF82911EFB63DA18E762E951A.roa
Signing time: Mon 03 Mar 2025 12:17:37 +0000
ROA not before: Mon 03 Mar 2025 12:17:33 +0000
ROA not after: Wed 26 Mar 2025 12:17:33 +0000
asID: 62240
IP address blocks: 154.195.141.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 94347 (0x1708b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Mar 3 12:17:33 2025 GMT
Not After : Mar 26 12:17:33 2025 GMT
Subject: CN=67c59de0-da4d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:c5:1c:01:74:f0:bd:a8:ac:80:75:1c:70:28:
3c:2d:73:aa:77:70:42:33:10:e8:8a:c3:a7:9a:89:
11:e3:7e:4b:26:ca:b6:43:b6:98:4b:a8:28:22:80:
95:a4:53:26:68:f5:1f:c3:c4:2e:c5:79:f0:66:06:
51:a8:c0:08:e2:15:57:b4:8b:73:5b:e9:72:d9:cd:
0a:b2:5e:17:2a:9d:2b:8d:e1:0c:70:3c:c9:36:dd:
dc:98:44:3b:7b:e3:07:7c:81:c9:63:d2:7e:fe:be:
50:39:51:a6:f9:f7:5f:14:2c:1f:6f:83:c8:fe:cd:
26:e5:d6:07:2a:00:44:b0:32:dd:01:0d:08:71:fa:
a4:89:20:d9:98:e9:29:2d:e9:61:53:dd:57:be:5f:
43:bd:e3:82:0f:e2:3a:e3:12:0e:84:6c:76:ca:ff:
30:42:2b:4f:f6:c4:6e:1a:2c:a2:9b:04:38:6d:85:
d7:de:7a:99:63:26:a3:a7:5b:92:20:79:0f:82:29:
53:b6:23:b1:aa:b4:ba:b6:6b:74:ea:9a:91:ab:e7:
04:77:29:e8:73:17:31:51:cd:63:38:b4:37:5f:1d:
52:f7:be:1b:83:c5:2f:8e:37:3e:1b:dd:3f:b3:88:
6b:4f:3e:10:72:e5:c8:5f:73:85:3d:18:f3:9e:61:
96:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:E2:78:8D:65:DD:92:4B:6A:72:F6:44:F3:30:19:E9:8A:19:84:FB
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/7E2443DEF82911EFB63DA18E762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.195.141.0/24
Signature Algorithm: sha256WithRSAEncryption
7e:8a:8c:c2:8c:d0:db:30:24:0d:fa:66:84:72:26:aa:3a:ad:
63:fc:85:f0:f7:c0:5c:8f:28:f7:64:f4:e3:f9:ee:ec:9d:25:
c9:20:1f:5a:a2:96:23:87:4b:4b:b6:76:a8:06:63:62:05:70:
6d:3e:de:4c:b6:99:f1:0d:69:86:4b:f1:95:a0:72:b7:37:92:
24:16:1e:18:cc:ed:17:d3:eb:2a:a8:db:9a:60:54:9a:78:72:
ad:ad:b8:ce:23:16:c9:d4:d4:42:6a:1c:d8:9d:bd:ea:62:a4:
a1:57:55:3a:ce:52:45:7d:d8:0f:11:05:69:a1:39:b8:57:b4:
bc:f3:08:2d:e0:08:f8:7c:12:52:b6:f8:6f:d4:2c:ef:8a:7b:
a8:f8:82:0b:34:30:d1:8f:5b:43:8f:d6:26:5b:e7:d0:03:47:
a5:f7:aa:19:07:c1:2a:d7:6f:ae:f4:ce:f3:04:bb:30:02:38:
7f:6f:fe:c3:24:18:81:a9:69:1c:e3:2f:bf:43:2e:50:4c:8f:
df:d7:78:b4:b9:ad:7d:4a:0d:c0:f4:83:12:5d:13:0a:56:57:
2a:10:13:cb:b3:ca:e6:77:de:b8:23:e0:70:85:a4:eb:bf:fa:
53:50:8b:34:63:94:40:7e:98:d4:3d:95:7e:2c:20:2d:78:37:
9c:ff:f9:61
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAXCLMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMzAzMTIxNzMzWhcNMjUwMzI2MTIxNzMzWjAYMRYw
FAYDVQQDEw02N2M1OWRlMC1kYTRkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA2sUcAXTwvaisgHUccCg8LXOqd3BCMxDoisOnmokR435LJsq2Q7aYS6go
IoCVpFMmaPUfw8QuxXnwZgZRqMAI4hVXtItzW+ly2c0Ksl4XKp0rjeEMcDzJNt3c
mEQ7e+MHfIHJY9J+/r5QOVGm+fdfFCwfb4PI/s0m5dYHKgBEsDLdAQ0IcfqkiSDZ
mOkpLelhU91Xvl9DveOCD+I64xIOhGx2yv8wQitP9sRuGiyimwQ4bYXX3nqZYyaj
p1uSIHkPgilTtiOxqrS6tmt06pqRq+cEdynocxcxUc1jOLQ3Xx1S974bg8Uvjjc+
G90/s4hrTz4QcuXIX3OFPRjznmGWlwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFNji
eI1l3ZJLanL2RPMwGemKGYT7MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC83RTI0NDNERUY4MjkxMUVGQjYzREExOEU3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmsONMA0GCSqGSIb3DQEB
CwUAA4IBAQB+iozCjNDbMCQN+maEciaqOq1j/IXw98Bcjyj3ZPTj+e7snSXJIB9a
opYjh0tLtnaoBmNiBXBtPt5MtpnxDWmGS/GVoHK3N5IkFh4YzO0X0+sqqNuaYFSa
eHKtrbjOIxbJ1NRCahzYnb3qYqShV1U6zlJFfdgPEQVpoTm4V7S88wgt4Aj4fBJS
tvhv1Czvinuo+IILNDDRj1tDj9YmW+fQA0el96oZB8Eq12+u9M7zBLswAjh/b/7D
JBiBqWkc4y+/Qy5QTI/f13i0ua19Sg3A9IMSXRMKVlcqEBPLs8rmd964I+BwhaTr
v/pTUIs0Y5RAfpjUPZV+LCAteDec//lh
-----END CERTIFICATE-----
Generated at Fri May 9 11:23:22 2025 by rpki-client