Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/AA1115AAF50711EF9D8C0FB1762E951A.roa
File: AA1115AAF50711EF9D8C0FB1762E951A.roa (raw, json)
Hash identifier: b4ga1TNve+9cM1NPHf86fYF67ZhWDPXMX6AEq+CWujw=
Subject key identifier: 9B:8E:D4:10:03:D2:3E:CC:66:3A:AB:5F:D4:48:C2:2B:18:38:8E:54
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01684D
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/AA1115AAF50711EF9D8C0FB1762E951A.roa
Signing time: Thu 27 Feb 2025 12:37:54 +0000
ROA not before: Thu 27 Feb 2025 12:37:50 +0000
ROA not after: Wed 26 Mar 2025 12:37:50 +0000
asID: 62240
IP address blocks: 154.196.42.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 92237 (0x1684d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Feb 27 12:37:50 2025 GMT
Not After : Mar 26 12:37:50 2025 GMT
Subject: CN=67c05ca2-e2bf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:2f:ea:f1:7d:c1:9d:34:72:0c:f0:90:f5:a7:
e9:d1:cb:99:1c:f9:66:b9:66:c4:06:7e:89:31:f5:
1b:26:81:80:95:92:fd:dc:83:71:af:b4:21:bc:ab:
84:dd:c7:36:e6:dd:a5:c4:c8:e5:3b:04:18:83:a6:
80:17:28:96:99:98:a0:96:c2:28:71:b6:6c:d6:d1:
b0:82:7a:5a:93:3a:62:77:42:e9:5a:d7:86:24:19:
da:25:ed:17:37:d8:de:32:af:a7:75:9f:b5:d5:78:
f2:a6:40:8d:8e:47:35:9e:8f:36:9c:75:2e:56:15:
15:4f:08:1c:2f:44:b8:30:33:1a:43:83:45:df:6d:
4c:4b:5a:e9:2a:15:6e:01:05:b2:96:4e:ac:45:88:
23:31:2b:7e:84:8c:0c:a5:66:e1:55:7e:ee:ee:a1:
08:4e:f3:35:30:22:7b:69:de:48:c2:81:a8:96:4a:
8b:cf:a9:43:d9:34:71:f9:80:e2:b8:bb:26:a2:ae:
24:1b:8f:00:fe:9f:63:fb:e3:1c:99:5d:9b:0b:17:
6f:bf:84:60:61:fd:a8:d2:8a:99:4c:1a:4b:80:b8:
47:fa:56:47:a5:7b:57:ec:3f:cb:b9:cb:58:24:2a:
7d:a0:b1:14:e9:09:18:5e:fb:d0:9a:57:27:f2:08:
f8:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:8E:D4:10:03:D2:3E:CC:66:3A:AB:5F:D4:48:C2:2B:18:38:8E:54
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/AA1115AAF50711EF9D8C0FB1762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.196.42.0/24
Signature Algorithm: sha256WithRSAEncryption
c3:1c:7f:cc:a7:f0:14:57:80:c1:14:37:d6:2b:c7:b8:0d:e7:
d7:7d:48:48:b5:4d:03:bb:4c:da:5e:02:39:ad:1c:38:40:74:
9a:45:7e:36:54:99:eb:97:08:91:c7:93:cf:05:a0:44:78:63:
64:22:60:0f:26:b8:c7:55:c6:71:d2:f8:f6:52:ea:36:da:c6:
69:6d:27:41:6c:8e:40:60:ec:0f:18:4f:f2:a6:96:f1:98:6f:
ac:96:a7:d7:25:34:f9:56:1e:c0:db:c2:9a:aa:62:37:9d:d4:
1b:7f:e9:97:71:73:eb:b0:03:ff:90:59:3c:aa:f5:62:ef:06:
44:93:e2:9d:89:03:ca:d3:59:fa:f2:d6:fd:5a:fa:cf:22:16:
d7:ce:1c:e5:a4:74:19:e4:23:23:08:8e:10:7b:44:51:5c:ff:
a6:4a:63:36:35:f4:55:be:11:0d:4b:3b:1e:ed:4e:22:81:88:
9e:99:aa:e4:d5:36:62:07:49:16:51:28:c1:3c:a9:1f:bd:09:
3f:61:72:48:26:cd:9c:5a:89:c7:dc:35:9a:ac:d0:8b:5a:06:
71:65:88:42:e8:85:c3:11:ae:27:fc:34:9a:03:2b:d5:df:3a:
9f:ed:1c:e8:53:9d:23:d1:9b:50:7f:29:ee:00:ca:88:ba:57:
7c:32:1e:f7
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAWhNMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMjI3MTIzNzUwWhcNMjUwMzI2MTIzNzUwWjAYMRYw
FAYDVQQDEw02N2MwNWNhMi1lMmJmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAxi/q8X3BnTRyDPCQ9afp0cuZHPlmuWbEBn6JMfUbJoGAlZL93INxr7Qh
vKuE3cc25t2lxMjlOwQYg6aAFyiWmZiglsIocbZs1tGwgnpakzpid0LpWteGJBna
Je0XN9jeMq+ndZ+11XjypkCNjkc1no82nHUuVhUVTwgcL0S4MDMaQ4NF321MS1rp
KhVuAQWylk6sRYgjMSt+hIwMpWbhVX7u7qEITvM1MCJ7ad5IwoGolkqLz6lD2TRx
+YDiuLsmoq4kG48A/p9j++McmV2bCxdvv4RgYf2o0oqZTBpLgLhH+lZHpXtX7D/L
uctYJCp9oLEU6QkYXvvQmlcn8gj4IQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFJuO
1BAD0j7MZjqrX9RIwisYOI5UMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9BQTExMTVBQUY1MDcxMUVGOUQ4QzBGQjE3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmsQqMA0GCSqGSIb3DQEB
CwUAA4IBAQDDHH/Mp/AUV4DBFDfWK8e4DefXfUhItU0Du0zaXgI5rRw4QHSaRX42
VJnrlwiRx5PPBaBEeGNkImAPJrjHVcZx0vj2Uuo22sZpbSdBbI5AYOwPGE/yppbx
mG+slqfXJTT5Vh7A28KaqmI3ndQbf+mXcXPrsAP/kFk8qvVi7wZEk+KdiQPK01n6
8tb9WvrPIhbXzhzlpHQZ5CMjCI4Qe0RRXP+mSmM2NfRVvhENSzse7U4igYiemark
1TZiB0kWUSjBPKkfvQk/YXJIJs2cWonH3DWarNCLWgZxZYhC6IXDEa4n/DSaAyvV
3zqf7RzoU50j0ZtQfynuAMqIuld8Mh73
-----END CERTIFICATE-----
Generated at Fri May 9 06:26:38 2025 by rpki-client