Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/92995F3EF29D11EFAE7EF8A6762E951A.roa
File: 92995F3EF29D11EFAE7EF8A6762E951A.roa (raw, json)
Hash identifier: BBw908BIwB8O4YGjoKfJ/ejuVKIzgkElOkJcvxknSGc=
Subject key identifier: 12:FB:3E:A1:93:77:2E:86:75:F4:C5:AA:6C:4E:00:3E:71:1E:EA:1B
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 015BC4
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/92995F3EF29D11EFAE7EF8A6762E951A.roa
Signing time: Mon 24 Feb 2025 10:53:25 +0000
ROA not before: Mon 24 Feb 2025 10:53:22 +0000
ROA not after: Wed 26 Mar 2025 10:53:22 +0000
asID: 5065
IP address blocks: 154.94.34.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 89028 (0x15bc4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Feb 24 10:53:22 2025 GMT
Not After : Mar 26 10:53:22 2025 GMT
Subject: CN=67bc4fa5-fb24
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:6d:e8:2d:27:b7:15:56:3d:c1:ff:f8:3d:17:
19:45:89:53:60:1a:3a:6d:30:77:ee:87:27:b0:67:
db:cd:18:a5:50:7b:45:4c:3d:d4:3f:58:ae:0e:dd:
1a:b9:a4:f1:7a:9d:a6:3e:e2:2e:17:b7:84:0d:46:
f9:e6:ef:02:24:99:83:54:00:f0:e1:5f:b3:49:bd:
90:ff:b2:13:40:2d:f4:02:6c:8a:bc:cb:3d:09:27:
f8:07:82:62:12:c6:1c:cb:1b:63:b4:77:15:e6:57:
4d:c3:3f:e6:35:19:96:ae:26:87:a9:f2:bb:c7:e9:
5c:11:22:77:17:9b:20:0e:db:66:75:6f:cc:13:62:
1a:f1:0a:74:d7:1a:c4:9a:b6:67:ca:53:6c:1f:dc:
78:0b:f5:6c:f4:61:1d:ed:fa:60:44:11:03:09:ea:
7b:bf:8f:d6:92:8e:bf:77:6b:42:e1:59:08:d2:45:
97:d2:c8:1c:9e:18:05:8b:0f:b1:98:a4:c6:07:94:
ec:9b:fa:c5:59:28:3e:cf:a1:c5:71:14:3a:bb:8f:
5b:2a:7f:2b:42:b4:7f:4a:41:7c:31:d3:90:93:99:
fc:78:81:4f:f7:7b:20:68:2f:9e:22:81:f7:27:53:
dc:8d:95:85:e2:90:0b:c2:b8:b2:20:03:79:6a:2f:
7f:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
12:FB:3E:A1:93:77:2E:86:75:F4:C5:AA:6C:4E:00:3E:71:1E:EA:1B
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/92995F3EF29D11EFAE7EF8A6762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.94.34.0/24
Signature Algorithm: sha256WithRSAEncryption
4d:5b:ad:a2:ce:1d:39:3b:e7:78:4f:b1:ae:a0:41:86:00:0f:
10:d1:c7:40:27:26:e6:8b:dc:b3:c5:c6:5a:9e:59:63:43:ea:
ca:3a:e7:9c:08:c6:68:48:2e:9d:36:15:01:23:77:c5:b3:ce:
a9:19:95:e5:4b:dd:68:4d:20:e8:45:e5:77:2c:2b:df:fa:1f:
36:20:aa:78:6b:02:24:54:bd:38:0c:9a:34:18:b6:0e:a2:ac:
47:89:3f:72:dc:5a:7c:93:34:f9:ea:db:88:14:9e:23:58:01:
ed:31:11:13:1f:11:be:c4:3d:a1:72:da:a2:da:8b:e6:3e:08:
5d:d9:fb:2b:af:31:61:a1:5b:4e:54:ab:a6:4b:aa:a6:9c:fc:
47:c6:db:6d:e2:53:f1:85:6b:4e:eb:20:5c:7d:76:14:ee:8b:
6f:7a:27:3d:88:38:df:b5:2a:b0:af:4b:6e:3b:a9:47:bd:df:
40:17:87:27:25:76:84:ea:57:6d:b1:8d:03:92:77:9c:6d:31:
02:f6:b8:46:79:84:12:6b:fa:84:b9:84:64:3d:19:2d:8a:43:
3b:47:3e:2d:d4:f5:11:fc:e7:87:e6:5e:5e:88:2f:78:64:de:
08:00:76:89:ab:95:c2:ca:7b:3b:69:66:5a:19:66:a4:d6:87:
46:b1:4c:f8
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAVvEMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMjI0MTA1MzIyWhcNMjUwMzI2MTA1MzIyWjAYMRYw
FAYDVQQDEw02N2JjNGZhNS1mYjI0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAtG3oLSe3FVY9wf/4PRcZRYlTYBo6bTB37ocnsGfbzRilUHtFTD3UP1iu
Dt0auaTxep2mPuIuF7eEDUb55u8CJJmDVADw4V+zSb2Q/7ITQC30AmyKvMs9CSf4
B4JiEsYcyxtjtHcV5ldNwz/mNRmWriaHqfK7x+lcESJ3F5sgDttmdW/ME2Ia8Qp0
1xrEmrZnylNsH9x4C/Vs9GEd7fpgRBEDCep7v4/Wko6/d2tC4VkI0kWX0sgcnhgF
iw+xmKTGB5Tsm/rFWSg+z6HFcRQ6u49bKn8rQrR/SkF8MdOQk5n8eIFP93sgaC+e
IoH3J1PcjZWF4pALwriyIAN5ai9/DQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFBL7
PqGTdy6GdfTFqmxOAD5xHuobMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC85Mjk5NUYzRUYyOUQxMUVGQUU3RUY4QTY3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAml4iMA0GCSqGSIb3DQEB
CwUAA4IBAQBNW62izh05O+d4T7GuoEGGAA8Q0cdAJybmi9yzxcZanlljQ+rKOuec
CMZoSC6dNhUBI3fFs86pGZXlS91oTSDoReV3LCvf+h82IKp4awIkVL04DJo0GLYO
oqxHiT9y3Fp8kzT56tuIFJ4jWAHtMRETHxG+xD2hctqi2ovmPghd2fsrrzFhoVtO
VKumS6qmnPxHxttt4lPxhWtO6yBcfXYU7otveic9iDjftSqwr0tuO6lHvd9AF4cn
JXaE6ldtsY0DknecbTEC9rhGeYQSa/qEuYRkPRktikM7Rz4t1PUR/OeH5l5eiC94
ZN4IAHaJq5XCyns7aWZaGWak1odGsUz4
-----END CERTIFICATE-----
Generated at Fri May 9 07:18:00 2025 by rpki-client