Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/B354D77CF4DB11EF90C85E85762E951A.roa
File: B354D77CF4DB11EF90C85E85762E951A.roa (raw, json)
Hash identifier: leD057xubWTGKrSDYn0FTlwLMOoP6lC1fxMJIBreTlg=
Subject key identifier: 7D:BF:5B:89:11:C0:31:C8:FB:5C:3E:BA:0A:DF:7D:E9:B8:53:D8:F8
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0166A7
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/B354D77CF4DB11EF90C85E85762E951A.roa
Signing time: Thu 27 Feb 2025 07:23:11 +0000
ROA not before: Thu 27 Feb 2025 07:23:08 +0000
ROA not after: Wed 26 Mar 2025 07:23:08 +0000
asID: 62240
IP address blocks: 154.195.161.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 91815 (0x166a7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Feb 27 07:23:08 2025 GMT
Not After : Mar 26 07:23:08 2025 GMT
Subject: CN=67c012df-977f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:44:4b:84:55:df:c6:b0:ad:31:a8:4a:40:c6:
e8:00:80:a2:c4:b0:66:8a:ad:41:7a:7a:a8:da:d4:
65:86:69:fe:47:67:16:88:cf:7c:90:0a:23:c2:c5:
29:19:a5:0a:b4:6f:02:ce:b0:cb:3e:8d:87:f3:b1:
7b:40:d6:24:01:c8:23:29:e5:14:80:c5:46:7a:66:
30:0e:36:b0:04:6b:00:c6:fa:e2:d2:e5:e8:2e:9f:
66:a8:90:d6:cb:3f:2b:43:51:16:25:ad:af:fd:24:
8e:fb:d2:7b:4e:64:b3:35:0d:6d:f7:2a:bf:fd:4c:
ec:72:b7:5b:8a:03:7e:96:81:e9:f7:7a:46:5c:88:
3f:b2:51:a9:01:ce:4a:77:c2:b1:8a:e7:3d:df:02:
bb:1e:93:ca:30:45:70:56:6f:79:69:61:1a:76:e3:
38:42:f7:e4:d7:27:c4:b9:ad:d2:33:63:55:c5:73:
ba:94:81:fc:c0:0a:09:ca:42:3f:78:b5:f9:39:12:
b8:29:2d:17:f6:bd:da:18:f6:e6:0f:34:01:4e:5b:
9b:95:4d:21:ac:1d:47:35:26:42:64:cc:c0:2b:ba:
30:7b:fa:8b:0b:9e:4e:f1:43:d8:cb:5a:63:e1:61:
f7:43:c3:c5:2d:99:2c:47:1b:36:15:98:22:2d:d7:
6e:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:BF:5B:89:11:C0:31:C8:FB:5C:3E:BA:0A:DF:7D:E9:B8:53:D8:F8
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/B354D77CF4DB11EF90C85E85762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.195.161.0/24
Signature Algorithm: sha256WithRSAEncryption
0b:a8:fd:86:00:64:34:c5:f7:ec:58:5a:fa:93:38:0b:04:0b:
1f:55:05:b5:97:bb:4f:80:2c:bb:04:a4:f8:51:2d:8a:b9:87:
75:46:7a:b7:ad:b5:55:62:7e:6e:87:91:b6:27:5a:15:4e:1d:
39:56:a1:df:90:55:f5:33:a8:fa:68:e1:43:e8:f0:07:63:14:
0b:eb:08:b7:5d:ef:eb:ed:3f:7a:0b:20:0b:bf:d8:cb:7b:a5:
7c:13:f4:a4:5b:fc:df:c2:f5:67:e0:31:fa:2c:fd:26:07:c0:
04:be:6c:c3:fb:0a:39:41:0d:8e:6e:27:52:85:e9:72:ac:e4:
cf:6e:15:bd:0a:43:ca:f9:23:48:d8:d3:c0:76:25:22:1c:e1:
db:02:24:46:48:e3:9c:bc:cd:ed:11:cf:67:1d:0e:35:67:fa:
9e:74:d6:ec:85:05:a2:66:e9:1a:41:d7:b5:43:49:04:06:9d:
a6:2b:90:b1:06:f1:9c:1e:bc:e1:c8:ad:bc:f0:7f:d1:f4:db:
76:31:cc:a4:78:0d:1a:df:19:b4:88:5c:5a:59:d5:df:2c:aa:
51:53:30:cf:0b:2f:4e:10:f6:d5:f5:bb:82:45:a6:2a:ff:ed:
1e:a1:80:69:42:e2:9c:90:38:80:76:61:96:9b:ed:e6:7a:a0:
e3:31:c8:9b
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAWanMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMjI3MDcyMzA4WhcNMjUwMzI2MDcyMzA4WjAYMRYw
FAYDVQQDEw02N2MwMTJkZi05NzdmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAxkRLhFXfxrCtMahKQMboAICixLBmiq1Benqo2tRlhmn+R2cWiM98kAoj
wsUpGaUKtG8CzrDLPo2H87F7QNYkAcgjKeUUgMVGemYwDjawBGsAxvri0uXoLp9m
qJDWyz8rQ1EWJa2v/SSO+9J7TmSzNQ1t9yq//UzscrdbigN+loHp93pGXIg/slGp
Ac5Kd8Kxiuc93wK7HpPKMEVwVm95aWEaduM4Qvfk1yfEua3SM2NVxXO6lIH8wAoJ
ykI/eLX5ORK4KS0X9r3aGPbmDzQBTlublU0hrB1HNSZCZMzAK7owe/qLC55O8UPY
y1pj4WH3Q8PFLZksRxs2FZgiLddubwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFH2/
W4kRwDHI+1w+ugrffem4U9j4MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9CMzU0RDc3Q0Y0REIxMUVGOTBDODVFODU3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmsOhMA0GCSqGSIb3DQEB
CwUAA4IBAQALqP2GAGQ0xffsWFr6kzgLBAsfVQW1l7tPgCy7BKT4US2KuYd1Rnq3
rbVVYn5uh5G2J1oVTh05VqHfkFX1M6j6aOFD6PAHYxQL6wi3Xe/r7T96CyALv9jL
e6V8E/SkW/zfwvVn4DH6LP0mB8AEvmzD+wo5QQ2ObidShelyrOTPbhW9CkPK+SNI
2NPAdiUiHOHbAiRGSOOcvM3tEc9nHQ41Z/qedNbshQWiZukaQde1Q0kEBp2mK5Cx
BvGcHrzhyK288H/R9Nt2McykeA0a3xm0iFxaWdXfLKpRUzDPCy9OEPbV9buCRaYq
/+0eoYBpQuKckDiAdmGWm+3meqDjMcib
-----END CERTIFICATE-----
Generated at Fri May 9 11:27:30 2025 by rpki-client