Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/B3071A64DAFA11EF886FA45A762E951A.roa
File: B3071A64DAFA11EF886FA45A762E951A.roa (raw, json)
Hash identifier: b8OoY88refjxNKZgExowd5zWrEBVxLk6oI/yqDhL82Q=
Subject key identifier: F2:C5:D5:38:75:B4:53:E4:54:FB:E5:BD:08:6E:D1:D5:3A:60:E5:21
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 014911
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/B3071A64DAFA11EF886FA45A762E951A.roa
Signing time: Sat 25 Jan 2025 08:59:35 +0000
ROA not before: Sat 25 Jan 2025 08:59:32 +0000
ROA not after: Sun 30 Mar 2025 08:59:32 +0000
asID: 63139
IP address blocks: 154.94.115.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 84241 (0x14911)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Jan 25 08:59:32 2025 GMT
Not After : Mar 30 08:59:32 2025 GMT
Subject: CN=6794a7f7-69c7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:fb:5c:c7:ce:54:49:86:41:5f:d0:43:e7:86:
e2:af:86:2c:8d:02:f8:4c:5a:4d:c7:98:d9:0f:dc:
e0:27:24:1c:6a:21:66:02:08:55:ab:6b:da:7c:21:
06:14:e7:57:97:bc:8c:5f:6a:cf:5c:2c:d8:77:cc:
1f:84:89:b5:a2:91:c6:fc:72:9e:46:5a:ab:4d:21:
62:89:50:ac:0f:86:94:a2:3c:55:d2:8b:c1:da:30:
65:04:d7:41:64:54:6e:1a:25:20:9c:83:18:64:25:
a3:b4:e2:ee:45:24:62:2a:16:81:23:e4:ec:f9:06:
ca:a3:de:a4:8b:78:c7:37:f8:52:60:e8:50:40:ea:
18:1a:5f:c7:5d:7d:2c:54:c9:68:93:d7:67:21:c2:
b8:a5:cf:06:56:ea:e3:f4:2e:5b:ee:91:81:b0:6a:
a3:aa:96:46:b8:55:5d:34:98:8c:1b:8c:ec:1c:56:
ec:80:84:99:e6:ec:74:2e:d3:bc:6a:8d:e0:3b:71:
4a:0d:f7:93:d7:07:a5:84:bc:63:42:b7:37:66:17:
00:f6:6e:35:b7:f8:3c:d9:d5:59:68:4d:3c:db:33:
e6:4b:9e:bc:40:d0:f0:fb:1b:c7:2e:73:19:ad:b4:
1f:66:86:1c:d5:da:66:99:85:40:42:3e:ca:f3:23:
78:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:C5:D5:38:75:B4:53:E4:54:FB:E5:BD:08:6E:D1:D5:3A:60:E5:21
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/B3071A64DAFA11EF886FA45A762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.94.115.0/24
Signature Algorithm: sha256WithRSAEncryption
48:d9:d9:cd:63:6b:5d:83:3e:17:ad:e8:33:1b:1d:00:5f:f1:
cf:ec:fa:c7:a4:43:d9:3e:f3:fd:8e:38:61:16:45:84:3f:c5:
8a:52:2d:cf:51:6b:4f:62:54:eb:9c:11:92:e5:46:ba:9b:54:
3f:bd:af:a8:06:3a:d2:02:62:a8:1c:fb:cf:c6:f3:c2:5a:79:
c5:d1:f9:63:58:c1:7c:2a:c0:17:70:da:34:40:83:8a:db:11:
67:93:f3:60:43:f0:37:c9:66:1b:40:d8:18:80:f8:b3:5a:76:
44:26:70:d6:82:1e:6b:8e:39:d7:b7:14:d2:b1:6e:dc:59:c1:
83:a2:39:a5:e9:8e:92:83:07:96:23:01:59:13:6a:94:97:e1:
a6:1e:3f:a0:f7:72:77:1d:e8:d7:d5:1a:49:41:64:8b:8b:a6:
86:fa:f5:3d:70:6a:fe:a0:3f:c0:d9:39:99:38:aa:3e:9f:5e:
ff:2a:b1:d2:d2:34:cd:76:fa:34:9f:98:30:51:9b:c7:f8:14:
d6:18:ac:21:0d:8a:77:8f:35:a7:c9:fe:7a:38:70:57:04:c5:
54:ed:a9:e7:e9:ad:a6:4c:70:a5:32:ca:2c:7e:93:86:f5:6f:
48:fc:e2:d0:17:43:ac:99:0f:b5:a1:2f:c7:33:d3:c5:1d:87:
39:98:fa:ca
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAUkRMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTI1MDg1OTMyWhcNMjUwMzMwMDg1OTMyWjAYMRYw
FAYDVQQDEw02Nzk0YTdmNy02OWM3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAu/tcx85USYZBX9BD54bir4YsjQL4TFpNx5jZD9zgJyQcaiFmAghVq2va
fCEGFOdXl7yMX2rPXCzYd8wfhIm1opHG/HKeRlqrTSFiiVCsD4aUojxV0ovB2jBl
BNdBZFRuGiUgnIMYZCWjtOLuRSRiKhaBI+Ts+QbKo96ki3jHN/hSYOhQQOoYGl/H
XX0sVMlok9dnIcK4pc8GVurj9C5b7pGBsGqjqpZGuFVdNJiMG4zsHFbsgISZ5ux0
LtO8ao3gO3FKDfeT1welhLxjQrc3ZhcA9m41t/g82dVZaE082zPmS568QNDw+xvH
LnMZrbQfZoYc1dpmmYVAQj7K8yN4oQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFPLF
1Th1tFPkVPvlvQhu0dU6YOUhMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9CMzA3MUE2NERBRkExMUVGODg2RkE0NUE3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAml5zMA0GCSqGSIb3DQEB
CwUAA4IBAQBI2dnNY2tdgz4XregzGx0AX/HP7PrHpEPZPvP9jjhhFkWEP8WKUi3P
UWtPYlTrnBGS5Ua6m1Q/va+oBjrSAmKoHPvPxvPCWnnF0fljWMF8KsAXcNo0QIOK
2xFnk/NgQ/A3yWYbQNgYgPizWnZEJnDWgh5rjjnXtxTSsW7cWcGDojml6Y6SgweW
IwFZE2qUl+GmHj+g93J3HejX1RpJQWSLi6aG+vU9cGr+oD/A2TmZOKo+n17/KrHS
0jTNdvo0n5gwUZvH+BTWGKwhDYp3jzWnyf56OHBXBMVU7ann6a2mTHClMsosfpOG
9W9I/OLQF0OsmQ+1oS/HM9PFHYc5mPrK
-----END CERTIFICATE-----
Generated at Sat Apr 12 05:00:33 2025 by rpki-client