Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/93005BA6F8DF11EF9454C865762E951A.roa
File: 93005BA6F8DF11EF9454C865762E951A.roa (raw, json)
Hash identifier: moJX4zr83nxgNuHfBnMUEypDHIO2cTshurULAxa3zRY=
Subject key identifier: 5B:61:AE:87:75:9B:53:21:A7:8F:54:2C:10:F9:E4:AC:9F:D4:66:07
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0171A4
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/93005BA6F8DF11EF9454C865762E951A.roa
Signing time: Tue 04 Mar 2025 10:01:00 +0000
ROA not before: Tue 04 Mar 2025 10:00:56 +0000
ROA not after: Wed 26 Mar 2025 10:00:56 +0000
asID: 62240
IP address blocks: 154.195.132.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 94628 (0x171a4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Mar 4 10:00:56 2025 GMT
Not After : Mar 26 10:00:56 2025 GMT
Subject: CN=67c6cf5c-bc69
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:f6:25:69:75:9d:5a:d6:93:70:42:c4:ba:b2:
ae:52:d5:62:a2:80:dc:34:a7:5f:91:00:cb:b5:93:
c8:23:c7:f8:b5:f8:89:4d:e4:dd:89:91:11:44:a6:
71:fe:cd:89:07:b3:b1:fb:ea:e7:6b:b3:5a:31:31:
81:fd:48:20:2d:6d:e5:06:26:c0:25:4f:a2:5a:16:
a2:78:9a:0e:af:fa:60:1b:45:83:a0:ca:bc:d2:17:
07:cd:1b:35:dc:ce:81:5f:6f:5e:7e:7d:6d:51:1c:
bb:b3:99:9a:ab:78:ee:74:64:b4:55:11:9b:95:e0:
13:60:69:9e:d3:54:fb:d2:a1:7d:1f:ce:90:9e:d2:
45:8f:df:31:d1:94:e0:a8:c9:d0:46:44:b2:04:dd:
5d:87:15:20:f8:d1:05:00:87:25:29:46:df:0c:9b:
4d:7c:26:7a:84:01:28:47:e0:c0:4b:35:7c:1c:15:
47:4b:78:60:7e:04:0e:ae:04:28:83:ee:87:3a:a5:
f9:27:61:0e:40:fe:8b:1e:9f:c0:c8:a1:e7:03:28:
db:ff:86:b8:a8:d4:d8:94:8b:94:e8:41:68:ee:53:
7d:c2:ab:9f:75:fd:e7:62:56:8a:ee:80:c9:b3:d5:
c3:ed:92:9b:9c:6c:a1:a4:e4:bc:a4:86:12:b0:b3:
53:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:61:AE:87:75:9B:53:21:A7:8F:54:2C:10:F9:E4:AC:9F:D4:66:07
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/93005BA6F8DF11EF9454C865762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.195.132.0/24
Signature Algorithm: sha256WithRSAEncryption
8a:bd:d6:db:87:cb:69:68:72:99:38:1c:0d:c2:2c:96:bf:c6:
61:be:93:28:a8:99:7e:c2:54:e2:2d:d1:2e:a8:36:0c:39:2e:
a1:d0:28:3d:a9:f3:21:70:84:4e:2a:6a:ff:de:10:e2:39:a2:
df:ae:44:f2:80:9e:57:14:dc:58:f1:c2:b3:ec:e8:ed:1d:19:
70:dd:44:7b:b9:f5:2c:6c:3b:f4:6c:d0:8f:90:fd:72:2a:13:
b3:16:0d:84:94:f2:70:af:22:4b:e2:72:9a:27:a2:3c:cc:ce:
aa:ff:f9:68:11:0e:47:0e:6e:02:bb:91:8e:3c:33:f0:53:53:
7d:ef:bd:1e:4c:1d:65:5e:85:f1:39:ed:73:93:ec:a2:2b:a9:
c5:47:0b:e3:77:88:47:e4:8e:d9:e6:57:9b:d4:10:75:2e:d1:
46:90:5b:78:db:64:9d:3d:9a:15:93:12:fe:00:c2:fe:00:1b:
40:08:f2:62:d5:ab:f7:5b:ef:d0:40:e1:6f:f4:5c:99:7e:54:
20:19:f8:c9:1c:c9:8b:4c:1a:7e:28:c5:8c:0a:73:53:57:07:
aa:11:13:34:31:e8:34:d0:d6:fa:42:7c:8b:c3:01:a2:cb:4f:
e7:60:fa:f0:e4:17:24:61:f5:fb:44:81:12:03:d3:10:49:20:
a4:8c:80:6d
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAXGkMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMzA0MTAwMDU2WhcNMjUwMzI2MTAwMDU2WjAYMRYw
FAYDVQQDEw02N2M2Y2Y1Yy1iYzY5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAlfYlaXWdWtaTcELEurKuUtViooDcNKdfkQDLtZPII8f4tfiJTeTdiZER
RKZx/s2JB7Ox++rna7NaMTGB/UggLW3lBibAJU+iWhaieJoOr/pgG0WDoMq80hcH
zRs13M6BX29efn1tURy7s5maq3judGS0VRGbleATYGme01T70qF9H86QntJFj98x
0ZTgqMnQRkSyBN1dhxUg+NEFAIclKUbfDJtNfCZ6hAEoR+DASzV8HBVHS3hgfgQO
rgQog+6HOqX5J2EOQP6LHp/AyKHnAyjb/4a4qNTYlIuU6EFo7lN9wqufdf3nYlaK
7oDJs9XD7ZKbnGyhpOS8pIYSsLNTSwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFFth
rod1m1Mhp49ULBD55Kyf1GYHMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC85MzAwNUJBNkY4REYxMUVGOTQ1NEM4NjU3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmsOEMA0GCSqGSIb3DQEB
CwUAA4IBAQCKvdbbh8tpaHKZOBwNwiyWv8ZhvpMoqJl+wlTiLdEuqDYMOS6h0Cg9
qfMhcIROKmr/3hDiOaLfrkTygJ5XFNxY8cKz7OjtHRlw3UR7ufUsbDv0bNCPkP1y
KhOzFg2ElPJwryJL4nKaJ6I8zM6q//loEQ5HDm4Cu5GOPDPwU1N9770eTB1lXoXx
Oe1zk+yiK6nFRwvjd4hH5I7Z5leb1BB1LtFGkFt422SdPZoVkxL+AML+ABtACPJi
1av3W+/QQOFv9FyZflQgGfjJHMmLTBp+KMWMCnNTVweqERM0Meg00Nb6QnyLwwGi
y0/nYPrw5BckYfX7RIESA9MQSSCkjIBt
-----END CERTIFICATE-----
Generated at Fri May 9 06:32:54 2025 by rpki-client