Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/A0D72574F4F811EF9FBB044B762E951A.roa
File: A0D72574F4F811EF9FBB044B762E951A.roa (raw, json)
Hash identifier: hy0RX0c8I0ytxdX4EDH/0m81hUk92DKu1WitXJdq8o0=
Subject key identifier: 36:42:E2:E0:C4:EF:AD:EB:56:E3:62:39:65:7D:33:A8:61:DE:20:24
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0167F0
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/A0D72574F4F811EF9FBB044B762E951A.roa
Signing time: Thu 27 Feb 2025 10:50:16 +0000
ROA not before: Thu 27 Feb 2025 10:50:12 +0000
ROA not after: Wed 26 Mar 2025 10:50:12 +0000
asID: 62240
IP address blocks: 154.196.35.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 92144 (0x167f0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Feb 27 10:50:12 2025 GMT
Not After : Mar 26 10:50:12 2025 GMT
Subject: CN=67c04368-a369
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:03:c4:07:bb:77:41:18:14:22:bd:dc:4d:80:
77:6d:fd:15:92:0b:2e:54:bb:a1:a9:33:d8:29:35:
e1:c7:16:63:d7:3f:71:a7:fa:08:08:fa:ce:fb:93:
b2:4f:57:e7:bf:5d:0f:fc:ab:ad:09:62:12:f3:5e:
94:94:96:41:4b:f9:b3:87:81:2d:6f:0d:84:32:4b:
97:67:d2:85:4f:8b:0f:42:ab:1d:aa:39:80:f6:25:
c1:cd:e9:1f:5e:2d:35:c2:a7:c7:a5:71:e0:b6:f0:
1a:a5:af:6f:24:e9:e9:51:c6:42:96:b6:9c:bc:fc:
17:47:aa:58:fd:a4:d2:68:fb:6a:26:e6:0e:17:b4:
4d:d4:14:db:6f:92:32:42:bb:8d:82:f6:b2:c1:6d:
74:8d:72:6b:96:dc:c3:32:39:9a:38:91:9f:e7:6d:
a8:01:5a:dd:3b:1a:88:1c:96:41:bc:24:23:ec:40:
2a:ad:1f:a8:8e:06:ed:da:0c:ab:5f:dd:2b:38:b9:
5d:c7:af:bc:a9:97:91:c8:d1:a1:c5:14:42:bc:29:
e2:4a:4e:0b:65:0b:0e:8d:3e:08:cc:d5:0a:56:af:
05:df:00:a9:c8:e9:36:0c:10:b2:f5:7a:eb:3b:53:
73:fe:73:76:3b:96:c5:21:4a:e0:ff:3c:9b:0b:94:
1e:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:42:E2:E0:C4:EF:AD:EB:56:E3:62:39:65:7D:33:A8:61:DE:20:24
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/A0D72574F4F811EF9FBB044B762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.196.35.0/24
Signature Algorithm: sha256WithRSAEncryption
29:b2:99:ab:b2:6d:55:88:8e:71:39:fd:f1:6e:77:57:15:c4:
1f:a3:77:84:88:f3:45:8d:4f:e1:d3:d7:77:d9:41:72:c4:57:
0a:f1:de:b1:f0:84:ae:11:38:2f:5d:0e:02:a0:a9:b3:fd:d1:
8d:2c:5e:c5:5a:9c:75:9b:86:63:3a:23:0a:a2:03:71:fd:22:
01:55:7c:99:9d:28:2b:8d:1f:4e:03:9c:12:cc:39:63:d6:ef:
61:8f:a5:9b:06:64:7e:10:0b:ea:ec:be:6c:48:29:cf:bc:db:
41:1d:6c:44:1e:65:bb:95:f4:85:e4:db:c3:14:de:90:a8:33:
65:12:a9:ac:f9:63:1d:14:ad:ce:fb:c5:bb:08:6c:96:20:95:
3e:07:04:47:3d:00:aa:5b:fb:78:0f:97:d5:9d:cc:de:29:bb:
48:0e:ac:9e:b4:6a:14:ee:20:21:7e:ac:cf:65:cf:36:b6:d5:
b2:dc:ef:4f:1d:f6:72:a9:6e:af:48:81:9b:87:b4:a6:3e:38:
17:b3:32:7b:a4:27:ac:1a:ef:60:b9:2e:04:5b:c0:8e:08:09:
9d:4d:44:42:03:00:3d:69:14:7f:39:b0:c4:ef:f4:34:f3:e1:
cf:3c:29:d7:a0:2e:a0:4c:dd:f2:70:7a:75:6f:47:2a:35:f0:
9c:41:6a:cb
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAWfwMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMjI3MTA1MDEyWhcNMjUwMzI2MTA1MDEyWjAYMRYw
FAYDVQQDEw02N2MwNDM2OC1hMzY5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAmAPEB7t3QRgUIr3cTYB3bf0VkgsuVLuhqTPYKTXhxxZj1z9xp/oICPrO
+5OyT1fnv10P/KutCWIS816UlJZBS/mzh4Etbw2EMkuXZ9KFT4sPQqsdqjmA9iXB
zekfXi01wqfHpXHgtvAapa9vJOnpUcZClracvPwXR6pY/aTSaPtqJuYOF7RN1BTb
b5IyQruNgvaywW10jXJrltzDMjmaOJGf522oAVrdOxqIHJZBvCQj7EAqrR+ojgbt
2gyrX90rOLldx6+8qZeRyNGhxRRCvCniSk4LZQsOjT4IzNUKVq8F3wCpyOk2DBCy
9XrrO1Nz/nN2O5bFIUrg/zybC5QeawIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFDZC
4uDE763rVuNiOWV9M6hh3iAkMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9BMEQ3MjU3NEY0RjgxMUVGOUZCQjA0NEI3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmsQjMA0GCSqGSIb3DQEB
CwUAA4IBAQApspmrsm1ViI5xOf3xbndXFcQfo3eEiPNFjU/h09d32UFyxFcK8d6x
8ISuETgvXQ4CoKmz/dGNLF7FWpx1m4ZjOiMKogNx/SIBVXyZnSgrjR9OA5wSzDlj
1u9hj6WbBmR+EAvq7L5sSCnPvNtBHWxEHmW7lfSF5NvDFN6QqDNlEqms+WMdFK3O
+8W7CGyWIJU+BwRHPQCqW/t4D5fVnczeKbtIDqyetGoU7iAhfqzPZc82ttWy3O9P
HfZyqW6vSIGbh7SmPjgXszJ7pCesGu9guS4EW8COCAmdTURCAwA9aRR/ObDE7/Q0
8+HPPCnXoC6gTN3ycHp1b0cqNfCcQWrL
-----END CERTIFICATE-----
Generated at Fri May 9 06:53:24 2025 by rpki-client