Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/9963F70AF2E511EFB3524581762E951A.roa
File: 9963F70AF2E511EFB3524581762E951A.roa (raw, json)
Hash identifier: Bh8wGF9+tGX2dQwSWl2AOMSdNc1DQjsax1BaD4IbHYU=
Subject key identifier: FE:4E:12:37:62:12:84:28:C6:D0:A9:DE:B0:54:97:BA:01:40:92:DA
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 015CFE
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/9963F70AF2E511EFB3524581762E951A.roa
Signing time: Mon 24 Feb 2025 19:29:01 +0000
ROA not before: Mon 24 Feb 2025 19:28:57 +0000
ROA not after: Wed 26 Mar 2025 19:28:57 +0000
asID: 21859
IP address blocks: 154.94.49.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 89342 (0x15cfe)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Feb 24 19:28:57 2025 GMT
Not After : Mar 26 19:28:57 2025 GMT
Subject: CN=67bcc87d-a78f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:e0:85:99:bc:3f:98:b7:35:b4:60:ce:b9:ca:
66:65:22:f6:5e:11:62:b1:c8:20:94:46:5e:6c:8b:
cc:f1:37:ef:eb:41:7c:68:c7:8a:84:dd:9a:01:75:
2a:ae:85:a7:23:48:eb:f6:c0:13:14:ec:40:ab:30:
0f:1e:33:8d:a3:43:e3:36:4d:b6:3e:33:f4:91:65:
dc:34:c2:2d:a5:39:d2:8c:f0:e1:0f:7c:09:0b:92:
88:b3:aa:70:82:64:29:b9:73:e9:85:dc:09:e7:5d:
0b:05:9f:7e:2e:c2:32:7b:22:93:a0:17:1c:a0:51:
50:cb:7e:a8:a7:42:07:4b:db:ad:b6:97:e9:3c:44:
c0:e0:88:0d:8c:f8:d6:c4:6a:7a:2c:0e:97:b4:4c:
54:b7:27:01:61:9e:c4:38:04:db:20:2d:e0:4d:a6:
6f:70:98:c5:d8:b2:b9:14:7f:b0:0c:d0:3f:64:32:
77:c0:48:41:75:3f:6d:43:0e:bc:b1:ab:6c:0f:99:
40:bc:46:2b:b4:16:5e:dc:6f:d7:82:cc:7d:01:d2:
34:7f:d9:c2:7f:ca:01:94:5f:0e:99:47:0f:ed:64:
39:81:60:72:a0:4a:75:83:f2:39:db:00:88:36:b4:
19:1c:21:ee:2e:69:b2:e4:f0:2f:1b:87:d9:d0:61:
5d:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:4E:12:37:62:12:84:28:C6:D0:A9:DE:B0:54:97:BA:01:40:92:DA
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/9963F70AF2E511EFB3524581762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.94.49.0/24
Signature Algorithm: sha256WithRSAEncryption
57:59:86:31:24:b6:db:2f:b3:8c:ce:6f:29:33:3d:8f:b6:ae:
4e:1d:76:3c:27:ed:2a:77:af:9a:4a:bb:7c:8a:84:49:e5:46:
50:da:c3:c8:7a:c9:d2:54:75:63:a7:6c:a4:b1:3f:b0:eb:2b:
55:ef:c7:7f:76:31:99:a8:ca:4f:36:c8:46:ae:85:43:fc:45:
68:49:e2:7b:3d:27:df:15:ba:06:1c:11:96:bf:b3:5e:d9:4c:
b9:aa:8f:83:bb:6e:9a:05:a1:8b:d3:aa:00:1c:60:26:74:28:
1a:1d:c1:8c:b6:89:cf:ca:05:bb:79:3f:2f:0d:ac:7a:df:ca:
46:63:d1:eb:09:73:bd:c8:32:33:66:f9:7d:66:6b:67:04:32:
fc:ea:fa:c7:e7:cb:7a:c7:90:b3:5d:8b:34:a6:d5:9e:3c:0f:
23:3a:ef:60:b3:cf:6d:4a:4c:15:51:fb:b4:54:a7:a1:5e:09:
a0:01:f5:db:37:b8:a1:32:a6:b3:85:8e:d3:8e:e6:65:42:06:
b1:6e:d2:2c:e3:be:21:6f:e6:3b:5e:ce:08:eb:a5:3d:ec:ce:
1c:8f:17:d2:0b:dd:c1:1e:a7:61:aa:1f:fa:fe:7f:0e:b4:66:
0f:ee:cc:61:fd:36:11:69:a4:2b:f0:87:74:ff:68:a4:51:12:
1e:71:3f:76
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAVz+MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMjI0MTkyODU3WhcNMjUwMzI2MTkyODU3WjAYMRYw
FAYDVQQDEw02N2JjYzg3ZC1hNzhmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAxeCFmbw/mLc1tGDOucpmZSL2XhFiscgglEZebIvM8Tfv60F8aMeKhN2a
AXUqroWnI0jr9sATFOxAqzAPHjONo0PjNk22PjP0kWXcNMItpTnSjPDhD3wJC5KI
s6pwgmQpuXPphdwJ510LBZ9+LsIyeyKToBccoFFQy36op0IHS9uttpfpPETA4IgN
jPjWxGp6LA6XtExUtycBYZ7EOATbIC3gTaZvcJjF2LK5FH+wDNA/ZDJ3wEhBdT9t
Qw68satsD5lAvEYrtBZe3G/Xgsx9AdI0f9nCf8oBlF8OmUcP7WQ5gWByoEp1g/I5
2wCINrQZHCHuLmmy5PAvG4fZ0GFdUQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFP5O
EjdiEoQoxtCp3rBUl7oBQJLaMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC85OTYzRjcwQUYyRTUxMUVGQjM1MjQ1ODE3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAml4xMA0GCSqGSIb3DQEB
CwUAA4IBAQBXWYYxJLbbL7OMzm8pMz2Ptq5OHXY8J+0qd6+aSrt8ioRJ5UZQ2sPI
esnSVHVjp2yksT+w6ytV78d/djGZqMpPNshGroVD/EVoSeJ7PSffFboGHBGWv7Ne
2Uy5qo+Du26aBaGL06oAHGAmdCgaHcGMtonPygW7eT8vDax638pGY9HrCXO9yDIz
Zvl9ZmtnBDL86vrH58t6x5CzXYs0ptWePA8jOu9gs89tSkwVUfu0VKehXgmgAfXb
N7ihMqazhY7TjuZlQgaxbtIs474hb+Y7Xs4I66U97M4cjxfSC93BHqdhqh/6/n8O
tGYP7sxh/TYRaaQr8Id0/2ikURIecT92
-----END CERTIFICATE-----
Generated at Fri May 9 11:16:14 2025 by rpki-client