Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/AF76450AF5E411EFA1B9939A762E951A.roa
File: AF76450AF5E411EFA1B9939A762E951A.roa (raw, json)
Hash identifier: Dt1q5QdM0DGsTiktu0cgdMEls4MOVxJyXdxSDRdyXvM=
Subject key identifier: 34:73:E0:AD:7F:0A:EC:00:5E:88:AD:C1:32:C4:AC:F8:9D:1E:85:83
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 016B89
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/AF76450AF5E411EFA1B9939A762E951A.roa
Signing time: Fri 28 Feb 2025 15:00:02 +0000
ROA not before: Fri 28 Feb 2025 14:59:58 +0000
ROA not after: Wed 26 Mar 2025 14:59:58 +0000
asID: 62240
IP address blocks: 154.194.94.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 93065 (0x16b89)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Feb 28 14:59:58 2025 GMT
Not After : Mar 26 14:59:58 2025 GMT
Subject: CN=67c1cf72-7041
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:58:a7:28:46:bf:b3:92:16:43:53:b1:df:61:
84:78:14:28:1c:67:09:37:10:50:09:a2:7b:14:1c:
f0:82:cb:73:72:1e:63:70:0e:bd:7a:03:ea:cd:7a:
ba:55:6a:a5:0e:c8:a5:f7:0b:95:83:c5:90:79:1f:
da:8a:f7:4d:5d:f0:e7:5a:01:d0:ea:a3:67:e3:79:
03:60:d3:5a:79:ac:6c:1a:a6:08:ea:8c:66:6c:d4:
48:52:eb:58:4d:66:f9:11:f2:a7:64:a0:bc:50:b7:
3c:82:93:0a:83:c8:e0:39:4e:27:e4:05:7c:1f:48:
08:11:59:a0:c6:da:ec:49:05:23:e5:68:c2:19:0c:
19:83:ea:bc:07:4e:c9:c0:e9:d9:54:bb:dd:35:bd:
a5:48:5a:96:ac:91:1f:47:e3:b6:66:91:f7:40:9f:
05:fd:b5:a9:6d:b5:a3:7a:3b:76:e4:d1:05:d6:25:
18:ce:fa:d0:9c:2e:b5:b7:4b:27:1a:e3:d7:45:7f:
3b:6b:12:8d:41:d3:4d:63:3f:77:7d:b0:e5:f2:e4:
1d:d8:85:cd:79:7c:b9:c5:e7:41:35:45:f9:6f:4c:
9a:df:90:36:53:0b:93:d6:d1:5f:a3:14:d5:dc:3c:
12:04:08:02:3b:8f:da:8b:58:9e:54:9e:b9:15:97:
67:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:73:E0:AD:7F:0A:EC:00:5E:88:AD:C1:32:C4:AC:F8:9D:1E:85:83
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/AF76450AF5E411EFA1B9939A762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.194.94.0/24
Signature Algorithm: sha256WithRSAEncryption
95:f7:bc:03:47:38:9f:9e:dd:8c:bf:8c:c1:76:13:47:a7:31:
2f:ad:bb:b6:17:3f:58:1d:50:f0:fa:a9:73:93:cb:60:cc:e3:
be:b5:d4:d9:ad:28:05:a2:dd:f5:76:41:a9:82:f6:fd:2c:e5:
34:88:59:c8:6f:5e:50:d5:84:87:9e:ae:f4:ee:87:92:39:74:
af:94:6e:f3:e6:86:31:65:e7:3e:9d:13:6f:1d:06:bf:41:37:
b3:84:1a:57:8a:94:00:6e:22:f6:7b:e0:75:0b:49:0f:78:f9:
44:7c:40:a8:85:c0:01:3d:7e:d8:1f:40:a2:65:82:c5:ef:74:
09:af:32:44:c4:19:27:9d:9b:71:37:a1:86:64:b1:b8:e6:c8:
59:fa:63:df:bf:27:ff:92:84:20:66:da:4c:42:2b:5d:64:1f:
45:8e:d1:03:3e:cf:62:4d:86:e7:a3:90:02:f6:ab:1f:0f:5d:
29:be:5f:16:f7:c1:da:5e:e1:b9:d3:23:11:de:8d:63:e3:5c:
76:ef:25:be:fe:7a:09:e1:41:22:73:b9:7e:91:2b:c6:53:bb:
b1:3e:58:f4:1a:91:d2:fe:70:8d:38:27:3b:c7:f5:1d:9d:51:
f3:ac:ef:f1:92:da:26:76:46:85:78:e6:d8:c2:7d:a1:36:f8:
9b:2d:f3:6f
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAWuJMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMjI4MTQ1OTU4WhcNMjUwMzI2MTQ1OTU4WjAYMRYw
FAYDVQQDEw02N2MxY2Y3Mi03MDQxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAylinKEa/s5IWQ1Ox32GEeBQoHGcJNxBQCaJ7FBzwgstzch5jcA69egPq
zXq6VWqlDsil9wuVg8WQeR/aivdNXfDnWgHQ6qNn43kDYNNaeaxsGqYI6oxmbNRI
UutYTWb5EfKnZKC8ULc8gpMKg8jgOU4n5AV8H0gIEVmgxtrsSQUj5WjCGQwZg+q8
B07JwOnZVLvdNb2lSFqWrJEfR+O2ZpH3QJ8F/bWpbbWjejt25NEF1iUYzvrQnC61
t0snGuPXRX87axKNQdNNYz93fbDl8uQd2IXNeXy5xedBNUX5b0ya35A2UwuT1tFf
oxTV3DwSBAgCO4/ai1ieVJ65FZdn3wIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFDRz
4K1/CuwAXoitwTLErPidHoWDMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9BRjc2NDUwQUY1RTQxMUVGQTFCOTkzOUE3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmsJeMA0GCSqGSIb3DQEB
CwUAA4IBAQCV97wDRzifnt2Mv4zBdhNHpzEvrbu2Fz9YHVDw+qlzk8tgzOO+tdTZ
rSgFot31dkGpgvb9LOU0iFnIb15Q1YSHnq707oeSOXSvlG7z5oYxZec+nRNvHQa/
QTezhBpXipQAbiL2e+B1C0kPePlEfECohcABPX7YH0CiZYLF73QJrzJExBknnZtx
N6GGZLG45shZ+mPfvyf/koQgZtpMQitdZB9FjtEDPs9iTYbno5AC9qsfD10pvl8W
98HaXuG50yMR3o1j41x27yW+/noJ4UEic7l+kSvGU7uxPlj0GpHS/nCNOCc7x/Ud
nVHzrO/xktomdkaFeObYwn2hNvibLfNv
-----END CERTIFICATE-----
Generated at Fri May 9 05:31:35 2025 by rpki-client