Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/B097B2C8F4F111EFA2954699762E951A.roa
File: B097B2C8F4F111EFA2954699762E951A.roa (raw, json)
Hash identifier: SeS8UGfdRhYt1QseSOe/pDRZgxoFk4Ql2GWXL0H/JKw=
Subject key identifier: 65:2A:28:44:41:E3:A0:C3:82:58:55:AC:36:0E:68:79:D7:FC:3A:11
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01677A
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/B097B2C8F4F111EFA2954699762E951A.roa
Signing time: Thu 27 Feb 2025 10:00:36 +0000
ROA not before: Thu 27 Feb 2025 10:00:25 +0000
ROA not after: Wed 26 Mar 2025 10:00:25 +0000
asID: 62240
IP address blocks: 154.194.80.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 92026 (0x1677a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Feb 27 10:00:25 2025 GMT
Not After : Mar 26 10:00:25 2025 GMT
Subject: CN=67c037c4-251d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:7f:0e:87:58:38:e3:46:c9:c6:2f:08:1a:11:
c8:1a:12:d2:77:b8:bd:23:31:14:06:f3:9a:e9:c2:
28:f1:f3:2d:a1:b3:7e:06:f3:5b:cb:ab:65:e7:60:
56:6d:37:17:e2:92:bc:21:c4:14:ea:12:7e:a1:be:
08:d7:90:2d:f0:f7:f0:2b:13:74:ad:dd:91:c8:43:
85:af:5b:52:bb:51:85:c3:ab:f6:95:b9:bd:ef:82:
d4:72:5f:60:72:16:07:0c:f4:f0:99:bc:d6:a8:25:
55:3c:6b:71:6c:b1:64:74:14:e2:99:5c:e2:bf:0d:
3a:b4:14:fd:32:0c:3c:8b:27:a3:97:ad:a5:1a:9f:
e8:64:70:bc:65:3c:3e:05:43:85:0e:0a:e3:74:d6:
dd:fc:71:a1:d2:08:36:82:a6:59:26:b9:96:61:f7:
05:b6:1e:30:20:2f:78:89:11:7a:16:85:8c:45:46:
15:a9:5a:28:4e:fe:db:5a:0c:99:87:27:c7:6b:c4:
18:f5:2c:20:34:81:8b:75:f8:a9:39:c4:f0:11:80:
43:64:ba:c8:60:09:2d:c3:84:f3:b4:88:7b:ee:f6:
1e:4d:f2:93:14:a7:82:02:e7:51:ab:b0:0d:9d:90:
02:d1:32:34:d4:d3:35:12:1e:bf:b8:64:94:1d:d3:
9e:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:2A:28:44:41:E3:A0:C3:82:58:55:AC:36:0E:68:79:D7:FC:3A:11
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/B097B2C8F4F111EFA2954699762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.194.80.0/24
Signature Algorithm: sha256WithRSAEncryption
b6:7f:51:63:43:f8:38:cf:35:0d:7c:d6:68:1c:59:6d:23:4e:
da:76:6f:64:b3:04:7d:12:fd:53:64:d2:30:ff:17:6a:9f:b4:
55:3b:bd:bb:28:4a:63:13:a8:39:6b:54:0f:87:92:29:d7:bc:
4e:c9:5c:b0:25:6c:8d:2b:b8:a3:1c:10:54:8c:fa:80:46:1e:
4d:fb:2b:d9:40:2b:7c:3b:52:21:bf:ee:e3:a6:d5:08:d8:6e:
27:23:b8:5b:30:1a:6b:97:b8:2e:48:97:82:a3:ea:7b:90:56:
20:09:b7:14:f7:97:aa:67:c4:72:b8:11:26:22:d1:47:f4:43:
bf:9b:e5:5e:c3:90:93:88:ae:be:81:d3:70:15:d1:62:6f:75:
79:0a:15:49:54:4e:2d:25:f0:a3:32:c7:d8:55:91:b6:54:c7:
2c:fc:7b:ff:ed:a0:f1:6c:9a:e3:fb:71:94:c7:8a:24:10:ad:
6a:58:80:8f:56:a3:39:84:52:6b:14:52:1a:4e:5f:9a:b9:fb:
f4:73:e6:de:fb:0c:43:59:76:1f:0a:91:08:e3:b1:fa:80:3c:
a3:a0:23:ef:63:1c:ab:d9:f3:43:f4:1a:98:82:b0:31:88:1b:
ba:61:e7:77:5e:10:1a:05:fa:bb:27:b4:c4:07:09:96:48:9f:
ae:ba:4b:7b
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAWd6MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMjI3MTAwMDI1WhcNMjUwMzI2MTAwMDI1WjAYMRYw
FAYDVQQDEw02N2MwMzdjNC0yNTFkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAnX8Oh1g440bJxi8IGhHIGhLSd7i9IzEUBvOa6cIo8fMtobN+BvNby6tl
52BWbTcX4pK8IcQU6hJ+ob4I15At8PfwKxN0rd2RyEOFr1tSu1GFw6v2lbm974LU
cl9gchYHDPTwmbzWqCVVPGtxbLFkdBTimVzivw06tBT9Mgw8iyejl62lGp/oZHC8
ZTw+BUOFDgrjdNbd/HGh0gg2gqZZJrmWYfcFth4wIC94iRF6FoWMRUYVqVooTv7b
WgyZhyfHa8QY9SwgNIGLdfipOcTwEYBDZLrIYAktw4TztIh77vYeTfKTFKeCAudR
q7ANnZAC0TI01NM1Eh6/uGSUHdOeewIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFGUq
KERB46DDglhVrDYOaHnX/DoRMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9CMDk3QjJDOEY0RjExMUVGQTI5NTQ2OTk3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmsJQMA0GCSqGSIb3DQEB
CwUAA4IBAQC2f1FjQ/g4zzUNfNZoHFltI07adm9kswR9Ev1TZNIw/xdqn7RVO727
KEpjE6g5a1QPh5Ip17xOyVywJWyNK7ijHBBUjPqARh5N+yvZQCt8O1Ihv+7jptUI
2G4nI7hbMBprl7guSJeCo+p7kFYgCbcU95eqZ8RyuBEmItFH9EO/m+Vew5CTiK6+
gdNwFdFib3V5ChVJVE4tJfCjMsfYVZG2VMcs/Hv/7aDxbJrj+3GUx4okEK1qWICP
VqM5hFJrFFIaTl+aufv0c+be+wxDWXYfCpEI47H6gDyjoCPvYxyr2fND9BqYgrAx
iBu6Yed3XhAaBfq7J7TEBwmWSJ+uukt7
-----END CERTIFICATE-----
Generated at Fri May 9 11:48:23 2025 by rpki-client