Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/AC895BDCDC0F11EFBF46EEA0762E951A.roa
File: AC895BDCDC0F11EFBF46EEA0762E951A.roa (raw, json)
Hash identifier: 04qCkBIY0SwHsmsiemQjhahHomGWhtySYsXWYa77GRo=
Subject key identifier: 37:A1:14:FE:C7:F8:29:87:29:67:40:DF:0C:BF:89:A0:2A:54:C7:43
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 014B3E
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/AC895BDCDC0F11EFBF46EEA0762E951A.roa
Signing time: Sun 26 Jan 2025 18:02:15 +0000
ROA not before: Sun 26 Jan 2025 18:02:11 +0000
ROA not after: Tue 01 Apr 2025 18:02:11 +0000
asID: 63139
IP address blocks: 154.94.89.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 84798 (0x14b3e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Jan 26 18:02:11 2025 GMT
Not After : Apr 1 18:02:11 2025 GMT
Subject: CN=679678a7-dc99
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:2e:15:f2:25:7c:bf:2f:77:29:21:47:2e:90:
04:c8:fc:1b:3c:10:05:f4:c1:cb:89:bd:b7:ea:a8:
c1:92:f7:8a:79:59:77:34:5e:6d:16:a7:bc:da:65:
16:b3:90:aa:37:f1:df:53:33:17:d5:d7:0e:67:55:
30:26:47:c9:ad:37:57:4f:2f:87:f0:ca:fa:c3:bd:
b2:36:d3:ae:c4:bb:4a:60:a0:9a:c7:00:76:77:6f:
91:50:be:9c:62:bc:7c:f8:2a:91:a4:05:42:90:dd:
ae:96:b3:c4:6f:26:44:4b:b0:43:b0:40:34:19:04:
5c:3b:c0:8c:06:95:3d:6d:20:11:53:79:bf:90:ab:
8f:2d:e6:3c:9e:27:d1:78:c9:61:84:9e:3b:a8:59:
fc:13:69:ba:7e:1a:3f:42:7c:f8:6a:dc:5a:a4:70:
b7:79:10:bc:48:95:f3:69:21:c9:c5:05:a7:07:e3:
4f:a8:ad:27:fe:56:c7:56:f5:d1:0d:f9:ae:d1:28:
27:05:32:87:1e:37:7a:cc:e8:8b:6f:fc:7b:43:62:
7b:74:34:7e:24:a1:f4:a7:4a:f8:04:b7:62:bd:99:
01:ef:76:a7:20:ce:05:48:7c:5a:f8:e1:79:56:c2:
14:21:df:4e:03:86:da:a1:42:cc:fa:d9:41:10:a6:
38:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:A1:14:FE:C7:F8:29:87:29:67:40:DF:0C:BF:89:A0:2A:54:C7:43
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/AC895BDCDC0F11EFBF46EEA0762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.94.89.0/24
Signature Algorithm: sha256WithRSAEncryption
4c:b5:51:d3:27:03:75:fd:ff:bd:2e:25:fb:ce:48:fd:c5:dd:
4c:bd:25:bb:6e:ca:9c:07:7f:fc:d7:8f:12:ff:8b:30:9d:7e:
ab:ee:da:28:63:71:9d:c5:ad:45:a0:1d:c4:82:3d:4b:73:27:
a1:fa:d5:5f:a7:2d:90:b7:fc:66:21:93:dd:86:6c:9f:64:b4:
e7:c4:a5:f8:a4:9c:19:6e:c7:94:5c:59:22:64:03:af:f8:70:
fc:b0:4b:c1:d6:19:8a:ef:81:4d:11:d9:a2:b3:b7:e5:cb:58:
b7:40:e3:02:f5:5a:13:8a:7d:1f:f4:4f:a1:e1:ba:22:27:7a:
58:65:fb:ce:09:17:41:63:1e:45:1f:e6:c4:57:3d:55:32:d4:
6e:00:94:e0:04:c0:8d:e2:f6:a5:10:51:d3:5b:e6:30:73:27:
86:18:2c:4a:8e:cb:b0:72:1b:6f:39:a7:62:20:8d:31:23:56:
13:70:79:ad:9a:9f:02:18:2c:04:4f:41:a8:6b:a4:25:b6:40:
f8:ad:56:26:12:c7:27:53:39:02:71:f2:66:63:09:3c:14:ee:
6a:ca:d0:e7:94:c9:c9:c5:3b:03:5e:ec:78:e7:0a:5e:ea:13:
78:79:01:07:cd:aa:72:b2:ce:f1:27:d4:91:bd:54:ea:19:3e:
a6:ab:d8:ec
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAUs+MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTI2MTgwMjExWhcNMjUwNDAxMTgwMjExWjAYMRYw
FAYDVQQDEw02Nzk2NzhhNy1kYzk5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEApy4V8iV8vy93KSFHLpAEyPwbPBAF9MHLib236qjBkveKeVl3NF5tFqe8
2mUWs5CqN/HfUzMX1dcOZ1UwJkfJrTdXTy+H8Mr6w72yNtOuxLtKYKCaxwB2d2+R
UL6cYrx8+CqRpAVCkN2ulrPEbyZES7BDsEA0GQRcO8CMBpU9bSARU3m/kKuPLeY8
nifReMlhhJ47qFn8E2m6fho/Qnz4atxapHC3eRC8SJXzaSHJxQWnB+NPqK0n/lbH
VvXRDfmu0SgnBTKHHjd6zOiLb/x7Q2J7dDR+JKH0p0r4BLdivZkB73anIM4FSHxa
+OF5VsIUId9OA4baoULM+tlBEKY4TQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFDeh
FP7H+CmHKWdA3wy/iaAqVMdDMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9BQzg5NUJEQ0RDMEYxMUVGQkY0NkVFQTA3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAml5ZMA0GCSqGSIb3DQEB
CwUAA4IBAQBMtVHTJwN1/f+9LiX7zkj9xd1MvSW7bsqcB3/8148S/4swnX6r7too
Y3Gdxa1FoB3Egj1Lcyeh+tVfpy2Qt/xmIZPdhmyfZLTnxKX4pJwZbseUXFkiZAOv
+HD8sEvB1hmK74FNEdmis7fly1i3QOMC9VoTin0f9E+h4boiJ3pYZfvOCRdBYx5F
H+bEVz1VMtRuAJTgBMCN4valEFHTW+YwcyeGGCxKjsuwchtvOadiII0xI1YTcHmt
mp8CGCwET0Goa6QltkD4rVYmEscnUzkCcfJmYwk8FO5qytDnlMnJxTsDXux45wpe
6hN4eQEHzapyss7xJ9SRvVTqGT6mq9js
-----END CERTIFICATE-----
Generated at Sat Apr 12 05:04:47 2025 by rpki-client