Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/96BBA7CAF61711EFA5BB6F72762E951A.roa
File: 96BBA7CAF61711EFA5BB6F72762E951A.roa (raw, json)
Hash identifier: rqIY64tzCscpghWj81WLKABG8B7XySf/hhk/jP4Um+Y=
Subject key identifier: F2:AC:65:04:5E:4D:1E:B8:79:DA:6E:C6:B8:1E:24:9D:79:A6:C3:24
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 016C1F
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/96BBA7CAF61711EFA5BB6F72762E951A.roa
Signing time: Fri 28 Feb 2025 21:04:25 +0000
ROA not before: Fri 28 Feb 2025 21:04:21 +0000
ROA not after: Wed 26 Mar 2025 21:04:21 +0000
asID: 62240
IP address blocks: 154.194.74.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 93215 (0x16c1f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Feb 28 21:04:21 2025 GMT
Not After : Mar 26 21:04:21 2025 GMT
Subject: CN=67c224d8-a4ae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:41:3a:fb:6f:f6:17:4a:b7:d5:4f:6f:24:32:
af:f1:7e:ba:47:e6:f1:f0:7e:42:86:d6:46:9e:c8:
14:10:80:75:35:d4:a4:6b:e5:e1:61:3d:ba:77:52:
cd:00:7b:df:76:62:8b:47:bb:e2:5a:59:03:24:bb:
9f:a1:77:5b:e1:86:f5:c8:d3:e1:51:10:04:6f:99:
0b:01:24:c8:b1:16:8c:0d:63:13:f1:0d:e4:6d:3a:
ad:00:16:28:65:24:b7:a3:e4:ed:bf:bb:99:2a:6f:
0f:27:8b:88:15:5e:4d:a8:ab:36:fc:15:3d:e6:17:
1f:42:62:73:ad:cf:af:14:68:e7:92:37:09:ba:3a:
07:0d:4c:d7:fb:d9:8e:34:f3:79:35:cc:bd:34:49:
a0:30:a9:8c:c6:42:1f:67:04:fc:7c:84:33:1c:44:
d8:18:88:03:d2:ab:0a:7f:6b:8e:92:ad:e3:89:b6:
21:be:24:ff:70:11:7a:d4:d7:70:7d:db:ce:a4:0f:
93:ab:d2:f1:f5:7d:d8:f9:6e:1d:8d:09:73:76:89:
77:90:28:a6:7d:66:e7:c8:1e:07:4c:d7:9c:5d:dc:
fd:65:33:ac:44:85:64:64:3b:ec:2d:24:3b:a6:e3:
ba:cc:14:df:aa:d9:04:92:19:d4:12:6b:0b:f4:81:
2d:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:AC:65:04:5E:4D:1E:B8:79:DA:6E:C6:B8:1E:24:9D:79:A6:C3:24
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/96BBA7CAF61711EFA5BB6F72762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.194.74.0/24
Signature Algorithm: sha256WithRSAEncryption
ad:9e:00:5f:96:16:f8:e1:c4:68:44:54:ff:fe:43:5b:a5:05:
b8:4a:f3:67:70:10:e9:82:1b:07:08:25:b3:b0:97:2a:57:ed:
cf:e9:ce:a0:01:e9:11:2e:f1:c4:6f:88:04:11:e2:72:db:ad:
b3:a2:ce:ba:6f:b8:15:90:24:d0:b2:6d:b2:c3:05:9f:c6:2a:
fd:c8:d8:44:38:ae:78:f0:a6:6c:e9:8a:07:9a:bc:a3:1d:ab:
65:8d:3d:fb:43:9a:c4:11:6a:41:4b:78:fe:59:94:7b:d3:2a:
7e:0b:c7:dc:d5:90:77:3d:0b:c8:7a:70:37:01:d3:93:4b:56:
10:d4:1f:8a:f7:b7:e4:0b:4f:08:1f:ec:65:5f:12:f6:d8:ac:
4d:7f:34:68:27:e7:55:c0:01:c6:97:15:eb:1f:5c:21:e1:31:
64:d4:b3:9c:4d:e3:df:63:c5:04:52:03:02:af:88:88:2d:d1:
6c:94:af:f5:55:fb:4f:c7:60:13:2f:23:f4:8d:b4:09:74:34:
82:6f:76:09:f4:07:4b:0c:09:2d:59:53:dd:ff:4f:83:d1:16:
8f:44:c1:62:7c:f4:33:0f:0c:e4:b2:09:f7:98:de:cc:8e:b1:
30:61:6c:d9:d7:cf:64:04:a0:66:3b:04:00:8b:57:ea:8e:09:
04:d9:5f:ab
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAWwfMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMjI4MjEwNDIxWhcNMjUwMzI2MjEwNDIxWjAYMRYw
FAYDVQQDEw02N2MyMjRkOC1hNGFlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAx0E6+2/2F0q31U9vJDKv8X66R+bx8H5ChtZGnsgUEIB1NdSka+XhYT26
d1LNAHvfdmKLR7viWlkDJLufoXdb4Yb1yNPhURAEb5kLASTIsRaMDWMT8Q3kbTqt
ABYoZSS3o+Ttv7uZKm8PJ4uIFV5NqKs2/BU95hcfQmJzrc+vFGjnkjcJujoHDUzX
+9mONPN5Ncy9NEmgMKmMxkIfZwT8fIQzHETYGIgD0qsKf2uOkq3jibYhviT/cBF6
1NdwfdvOpA+Tq9Lx9X3Y+W4djQlzdol3kCimfWbnyB4HTNecXdz9ZTOsRIVkZDvs
LSQ7puO6zBTfqtkEkhnUEmsL9IEt5QIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFPKs
ZQReTR64edpuxrgeJJ15psMkMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC85NkJCQTdDQUY2MTcxMUVGQTVCQjZGNzI3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmsJKMA0GCSqGSIb3DQEB
CwUAA4IBAQCtngBflhb44cRoRFT//kNbpQW4SvNncBDpghsHCCWzsJcqV+3P6c6g
AekRLvHEb4gEEeJy262zos66b7gVkCTQsm2ywwWfxir9yNhEOK548KZs6YoHmryj
HatljT37Q5rEEWpBS3j+WZR70yp+C8fc1ZB3PQvIenA3AdOTS1YQ1B+K97fkC08I
H+xlXxL22KxNfzRoJ+dVwAHGlxXrH1wh4TFk1LOcTePfY8UEUgMCr4iILdFslK/1
VftPx2ATLyP0jbQJdDSCb3YJ9AdLDAktWVPd/0+D0RaPRMFifPQzDwzksgn3mN7M
jrEwYWzZ189kBKBmOwQAi1fqjgkE2V+r
-----END CERTIFICATE-----
Generated at Fri May 9 06:32:53 2025 by rpki-client