Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/A5CF79A4DC0311EFBC8A714E762E951A.roa
File: A5CF79A4DC0311EFBC8A714E762E951A.roa (raw, json)
Hash identifier: Va7mzRi1sYxT29rOhVVaZ7wTRC5BtDEJlUWo2Zy/UvU=
Subject key identifier: D4:D1:EA:63:91:01:84:53:EE:23:CB:F4:57:D0:A4:BA:36:25:75:78
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 014AF0
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/A5CF79A4DC0311EFBC8A714E762E951A.roa
Signing time: Sun 26 Jan 2025 16:36:10 +0000
ROA not before: Sun 26 Jan 2025 16:36:06 +0000
ROA not after: Tue 01 Apr 2025 16:36:06 +0000
asID: 63139
IP address blocks: 154.94.96.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 84720 (0x14af0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Jan 26 16:36:06 2025 GMT
Not After : Apr 1 16:36:06 2025 GMT
Subject: CN=6796647a-1cd3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:0f:75:c6:a4:b5:27:88:bf:cd:97:a8:0a:43:
78:e5:ea:36:e4:bb:ca:c6:fa:b3:ec:fc:d0:c6:b9:
3e:27:02:ae:28:c1:b0:bf:f2:a6:31:a5:2f:30:18:
08:49:a6:8a:00:7d:d6:a4:b1:17:44:b8:ee:d5:b5:
bc:e3:22:4c:1f:cc:28:a2:e5:83:08:51:8a:19:76:
dc:34:bb:2d:89:2c:b2:d3:17:ef:90:1e:ff:27:33:
64:3a:fe:03:c4:8f:48:5b:e0:a9:3d:d9:ac:7b:4c:
04:f5:ae:cb:10:a2:97:4f:2a:7c:c5:14:86:25:53:
77:b9:a7:ca:e9:08:c1:e7:c3:76:6c:d3:ed:2f:89:
59:a6:9d:de:c0:05:f6:20:a4:aa:18:17:4b:4a:fc:
b6:f6:86:86:6e:61:76:3c:01:fb:a4:4a:82:b8:f8:
2b:8e:30:77:2c:19:31:60:b1:0a:49:b7:cf:84:02:
ef:ec:7c:2b:64:7a:74:77:ca:74:77:87:ff:43:5a:
75:9e:c9:1c:36:9c:f4:eb:c7:d0:05:01:12:c4:f9:
99:57:61:42:26:5c:31:32:09:4e:57:f2:67:dc:01:
cc:d7:c2:a3:55:eb:dc:ca:6a:32:d6:b2:a0:c7:71:
55:bb:6a:d0:56:0c:d3:e1:c6:24:7e:e7:10:07:07:
17:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:D1:EA:63:91:01:84:53:EE:23:CB:F4:57:D0:A4:BA:36:25:75:78
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/A5CF79A4DC0311EFBC8A714E762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.94.96.0/24
Signature Algorithm: sha256WithRSAEncryption
38:1f:0a:88:6b:7c:a8:58:70:17:99:90:1b:15:b2:0a:07:4c:
98:a7:0c:2b:fa:ea:78:13:4d:27:ba:ee:ed:05:82:e6:a2:63:
c2:15:e2:bc:67:a0:46:ae:f0:c8:fe:03:44:b4:c1:ff:87:5e:
6a:57:d6:b3:65:2f:fd:84:a4:67:e2:2c:cd:f1:b4:2c:2f:a4:
42:46:12:41:82:4f:85:ec:46:6f:85:cc:19:f6:67:6b:94:67:
4c:b5:94:79:cb:53:22:f3:1a:84:66:55:38:42:85:e1:a4:6e:
95:bf:09:82:6e:2a:21:1c:8e:09:3f:53:2c:c4:ce:dd:3e:05:
c0:a4:1c:bf:c6:dc:74:b6:12:7d:a0:15:e4:49:2c:bf:e1:33:
fb:89:92:a5:e4:66:de:70:d3:c4:86:d2:af:62:23:7f:e9:70:
38:3d:fd:99:b2:a7:72:34:46:e0:e2:88:99:1a:2a:66:5f:18:
7d:b8:9b:bb:7a:57:45:02:79:72:99:18:4b:48:77:df:7b:a4:
38:9c:70:df:a4:02:f6:fb:cb:3a:8e:5a:de:4e:d9:e1:a2:7b:
d1:07:ce:8c:69:ba:f2:fc:02:02:bf:85:5a:b6:14:9c:b8:61:
20:03:e6:94:13:38:b9:9d:dd:f5:3b:47:ab:87:d0:f6:16:f8:
72:27:19:bb
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAUrwMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTI2MTYzNjA2WhcNMjUwNDAxMTYzNjA2WjAYMRYw
FAYDVQQDEw02Nzk2NjQ3YS0xY2QzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA6w91xqS1J4i/zZeoCkN45eo25LvKxvqz7PzQxrk+JwKuKMGwv/KmMaUv
MBgISaaKAH3WpLEXRLju1bW84yJMH8woouWDCFGKGXbcNLstiSyy0xfvkB7/JzNk
Ov4DxI9IW+CpPdmse0wE9a7LEKKXTyp8xRSGJVN3uafK6QjB58N2bNPtL4lZpp3e
wAX2IKSqGBdLSvy29oaGbmF2PAH7pEqCuPgrjjB3LBkxYLEKSbfPhALv7HwrZHp0
d8p0d4f/Q1p1nskcNpz068fQBQESxPmZV2FCJlwxMglOV/Jn3AHM18KjVevcymoy
1rKgx3FVu2rQVgzT4cYkfucQBwcXSQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFNTR
6mORAYRT7iPL9FfQpLo2JXV4MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9BNUNGNzlBNERDMDMxMUVGQkM4QTcxNEU3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAml5gMA0GCSqGSIb3DQEB
CwUAA4IBAQA4HwqIa3yoWHAXmZAbFbIKB0yYpwwr+up4E00nuu7tBYLmomPCFeK8
Z6BGrvDI/gNEtMH/h15qV9azZS/9hKRn4izN8bQsL6RCRhJBgk+F7EZvhcwZ9mdr
lGdMtZR5y1Mi8xqEZlU4QoXhpG6VvwmCbiohHI4JP1MsxM7dPgXApBy/xtx0thJ9
oBXkSSy/4TP7iZKl5GbecNPEhtKvYiN/6XA4Pf2ZsqdyNEbg4oiZGipmXxh9uJu7
eldFAnlymRhLSHffe6Q4nHDfpAL2+8s6jlreTtnhonvRB86Mabry/AICv4VathSc
uGEgA+aUEzi5nd31O0erh9D2FvhyJxm7
-----END CERTIFICATE-----
Generated at Sat Apr 12 05:08:34 2025 by rpki-client