Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/AB0EBD20F62611EFBC8B685A762E951A.roa
File: AB0EBD20F62611EFBC8B685A762E951A.roa (raw, json)
Hash identifier: nC4NcvrSdVYfPt12yJt7S3u5I3NYXH0669cMkUu67kY=
Subject key identifier: 43:82:8B:5C:5B:43:B5:D1:BA:C2:43:55:99:CB:AD:A6:2A:2A:25:11
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 016CA1
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/AB0EBD20F62611EFBC8B685A762E951A.roa
Signing time: Fri 28 Feb 2025 22:52:21 +0000
ROA not before: Fri 28 Feb 2025 22:52:18 +0000
ROA not after: Wed 26 Mar 2025 22:52:18 +0000
asID: 62240
IP address blocks: 154.194.84.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 93345 (0x16ca1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Feb 28 22:52:18 2025 GMT
Not After : Mar 26 22:52:18 2025 GMT
Subject: CN=67c23e25-cd8b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:2e:c8:de:1a:ac:95:28:be:1e:a4:22:72:af:
e6:ea:e8:b2:50:d7:71:27:fe:d6:bc:f3:be:0a:6e:
5b:a9:b8:30:bf:29:9a:03:ac:c1:9d:43:12:0d:33:
72:f9:8d:71:3e:91:f8:38:30:66:a8:43:6e:76:08:
e4:f8:ba:99:47:1e:a9:3e:5d:db:bd:92:31:1a:d1:
8f:6a:7c:5f:9e:9c:e9:9f:63:df:49:ec:3d:30:04:
7a:bd:8f:01:8d:28:15:20:cf:51:d0:1f:fa:64:d7:
40:fe:e4:48:d6:c4:a0:57:ec:ef:c1:f8:5f:99:21:
2a:74:3b:3c:c6:ec:35:a9:9a:83:35:06:ce:fb:99:
d9:0a:de:73:19:a9:6d:f2:b7:1f:15:08:e7:08:55:
08:e8:ca:90:cb:4b:47:ae:9e:39:84:0d:2b:f3:09:
ab:b8:88:af:a9:7e:7a:21:41:3d:cd:61:55:15:82:
97:38:f0:e7:ba:16:6a:99:56:e5:3c:04:05:d0:6c:
43:b4:b2:58:24:7d:b5:1d:86:89:eb:2b:11:9c:8a:
14:5f:2c:84:fe:92:fc:4e:1f:4b:c7:86:81:50:a0:
b1:06:cc:89:d8:79:8b:ec:2c:34:1b:67:fe:6b:47:
df:f5:73:e5:80:df:6d:23:9e:05:5c:8a:d0:92:20:
10:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:82:8B:5C:5B:43:B5:D1:BA:C2:43:55:99:CB:AD:A6:2A:2A:25:11
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/AB0EBD20F62611EFBC8B685A762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.194.84.0/24
Signature Algorithm: sha256WithRSAEncryption
23:75:31:07:a5:7b:02:be:d8:e7:a2:1e:ee:2e:2f:e1:88:49:
c1:a1:6f:1c:17:82:65:3a:8b:ca:89:eb:8e:97:e3:d0:34:ae:
2a:60:84:e4:56:03:9b:ef:51:3b:b0:5b:45:f6:cb:e3:b6:7f:
ca:b1:dc:c7:37:18:9b:78:10:d0:38:a4:ce:da:63:09:28:8e:
bf:cc:c5:cb:d4:b9:97:e8:f2:83:67:4e:ac:20:e5:37:ba:76:
85:ea:ac:42:d8:41:14:ab:8f:2f:5e:3c:1d:28:26:9e:6b:8e:
c9:f3:95:5b:56:f8:af:a3:e4:11:81:cc:89:06:5f:67:e6:6e:
db:03:16:bc:0d:da:40:a9:0b:ef:f2:4b:e5:cc:b7:7c:89:70:
0f:25:c4:98:39:44:20:38:fc:7d:e3:28:4f:fc:a5:9f:f0:d1:
90:da:7a:e2:73:a1:17:c8:52:e2:f9:2b:f2:0b:48:40:64:14:
0a:8f:52:b0:df:49:83:13:3d:de:29:3a:5d:d2:26:80:d2:41:
23:b6:fa:12:9f:7d:23:59:48:ea:41:fb:3e:5a:4e:b3:43:59:
ab:42:55:1b:af:b5:7b:92:42:94:01:34:c4:74:87:45:d5:a1:
b5:65:96:9f:16:89:38:92:eb:de:7e:7e:56:d8:46:73:15:af:
4b:bf:55:f7
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAWyhMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMjI4MjI1MjE4WhcNMjUwMzI2MjI1MjE4WjAYMRYw
FAYDVQQDEw02N2MyM2UyNS1jZDhiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAwC7I3hqslSi+HqQicq/m6uiyUNdxJ/7WvPO+Cm5bqbgwvymaA6zBnUMS
DTNy+Y1xPpH4ODBmqENudgjk+LqZRx6pPl3bvZIxGtGPanxfnpzpn2PfSew9MAR6
vY8BjSgVIM9R0B/6ZNdA/uRI1sSgV+zvwfhfmSEqdDs8xuw1qZqDNQbO+5nZCt5z
Galt8rcfFQjnCFUI6MqQy0tHrp45hA0r8wmruIivqX56IUE9zWFVFYKXOPDnuhZq
mVblPAQF0GxDtLJYJH21HYaJ6ysRnIoUXyyE/pL8Th9Lx4aBUKCxBsyJ2HmL7Cw0
G2f+a0ff9XPlgN9tI54FXIrQkiAQKwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFEOC
i1xbQ7XRusJDVZnLraYqKiURMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9BQjBFQkQyMEY2MjYxMUVGQkM4QjY4NUE3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmsJUMA0GCSqGSIb3DQEB
CwUAA4IBAQAjdTEHpXsCvtjnoh7uLi/hiEnBoW8cF4JlOovKieuOl+PQNK4qYITk
VgOb71E7sFtF9svjtn/KsdzHNxibeBDQOKTO2mMJKI6/zMXL1LmX6PKDZ06sIOU3
unaF6qxC2EEUq48vXjwdKCaea47J85VbVvivo+QRgcyJBl9n5m7bAxa8DdpAqQvv
8kvlzLd8iXAPJcSYOUQgOPx94yhP/KWf8NGQ2nric6EXyFLi+SvyC0hAZBQKj1Kw
30mDEz3eKTpd0iaA0kEjtvoSn30jWUjqQfs+Wk6zQ1mrQlUbr7V7kkKUATTEdIdF
1aG1ZZafFok4kuvefn5W2EZzFa9Lv1X3
-----END CERTIFICATE-----
Generated at Fri May 9 07:17:01 2025 by rpki-client