Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/B4C7D51AF59D11EF9D94EFB8762E951A.roa
File: B4C7D51AF59D11EF9D94EFB8762E951A.roa (raw, json)
Hash identifier: K1rjVaemujmipLsEv42KTb4kWHcFT5hmUxUDB2JlY10=
Subject key identifier: 2A:6A:9D:2D:2B:7A:49:0C:2B:DB:27:25:57:C5:65:C5:27:3E:A5:F5
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0169C5
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/B4C7D51AF59D11EF9D94EFB8762E951A.roa
Signing time: Fri 28 Feb 2025 06:31:56 +0000
ROA not before: Fri 28 Feb 2025 06:31:53 +0000
ROA not after: Sat 29 Mar 2025 06:31:53 +0000
asID: 174
IP address blocks: 154.202.134.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 92613 (0x169c5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Feb 28 06:31:53 2025 GMT
Not After : Mar 29 06:31:53 2025 GMT
Subject: CN=67c1585c-fd15
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:59:70:60:53:fd:2e:55:9f:5f:23:df:43:0c:
06:c9:9a:ff:af:28:f0:15:3a:f7:17:f2:53:f2:38:
b0:a2:ca:17:54:3e:4c:9d:79:3e:b8:6b:ee:87:50:
36:e2:33:fb:07:65:08:fa:f2:02:68:f1:fa:8e:95:
78:64:64:d0:34:cf:03:48:fd:1c:8c:be:28:07:11:
b7:a7:82:78:0c:da:e4:39:90:01:e9:20:fc:85:2c:
d9:d0:7f:70:f9:41:14:7e:5f:82:d5:ef:15:43:51:
dd:ab:72:8a:c8:9e:d9:91:e7:11:54:36:27:cf:a3:
a2:0a:84:08:ab:81:f6:21:32:06:f4:3e:c8:e4:6a:
26:67:58:e6:72:21:77:f9:2f:9a:7a:da:ad:a4:e0:
1e:6c:1b:e4:03:ae:4f:2a:44:e0:f2:9b:5e:45:dd:
a1:89:ba:43:26:0c:07:a5:95:2b:d3:5a:f9:d4:ce:
c2:94:96:e5:45:4d:bd:78:fc:ba:ce:54:35:33:a7:
72:19:6d:98:6c:0b:21:31:d9:f0:95:06:a4:a6:98:
76:73:1d:97:2d:89:85:b2:af:59:3c:b4:6a:85:b4:
92:ce:14:8c:bd:0f:79:7a:86:f4:67:b4:28:5e:c5:
78:29:23:a0:b0:33:d5:96:a7:48:9a:5b:a2:0f:33:
07:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:6A:9D:2D:2B:7A:49:0C:2B:DB:27:25:57:C5:65:C5:27:3E:A5:F5
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/B4C7D51AF59D11EF9D94EFB8762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.202.134.0/24
Signature Algorithm: sha256WithRSAEncryption
6c:24:91:0a:91:f1:a7:66:81:7a:9e:86:60:fa:e5:36:dd:1d:
8b:9d:9e:0a:e0:ad:4d:37:08:fb:13:db:ab:bf:de:e5:e7:93:
2a:b0:3c:30:03:e2:fc:74:e4:03:09:5a:7e:c0:ed:13:2c:1e:
ff:6b:55:67:c1:91:41:70:cc:fc:b9:5c:c9:82:c5:53:91:3b:
10:b2:bd:15:72:00:fe:4f:cb:13:4d:f3:c1:9d:65:5e:9e:cf:
0f:31:97:7f:9c:9e:98:47:b7:bf:d9:51:38:10:86:81:49:27:
2c:57:05:7b:33:76:0c:ba:a1:6a:53:cf:5f:23:61:2b:e0:1d:
75:f3:33:26:8f:f4:98:e7:4e:54:bd:3b:f9:00:7d:a0:59:19:
b6:43:ab:7b:13:89:f4:7f:66:7d:3e:85:20:66:bd:bb:d1:0b:
6b:f0:cb:9e:1c:e9:5b:a0:d0:64:07:57:1b:99:13:1d:97:58:
3a:de:d0:4d:ba:33:c0:10:3d:8a:fb:54:2c:54:dd:df:2c:84:
41:f8:44:3b:c3:11:60:20:26:9e:a6:45:86:74:05:39:84:88:
34:f4:dd:1b:b6:a4:16:f2:bb:ae:45:35:9c:a7:29:c5:17:9c:
09:b9:6b:06:b5:92:24:3e:cb:9a:b2:79:6f:79:27:c2:20:3e:
0b:31:31:60
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAWnFMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMjI4MDYzMTUzWhcNMjUwMzI5MDYzMTUzWjAYMRYw
FAYDVQQDEw02N2MxNTg1Yy1mZDE1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAv1lwYFP9LlWfXyPfQwwGyZr/ryjwFTr3F/JT8jiwosoXVD5MnXk+uGvu
h1A24jP7B2UI+vICaPH6jpV4ZGTQNM8DSP0cjL4oBxG3p4J4DNrkOZAB6SD8hSzZ
0H9w+UEUfl+C1e8VQ1Hdq3KKyJ7ZkecRVDYnz6OiCoQIq4H2ITIG9D7I5GomZ1jm
ciF3+S+aetqtpOAebBvkA65PKkTg8pteRd2hibpDJgwHpZUr01r51M7ClJblRU29
ePy6zlQ1M6dyGW2YbAshMdnwlQakpph2cx2XLYmFsq9ZPLRqhbSSzhSMvQ95eob0
Z7QoXsV4KSOgsDPVlqdImluiDzMHSQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFCpq
nS0rekkMK9snJVfFZcUnPqX1MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9CNEM3RDUxQUY1OUQxMUVGOUQ5NEVGQjg3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmsqGMA0GCSqGSIb3DQEB
CwUAA4IBAQBsJJEKkfGnZoF6noZg+uU23R2LnZ4K4K1NNwj7E9urv97l55MqsDww
A+L8dOQDCVp+wO0TLB7/a1VnwZFBcMz8uVzJgsVTkTsQsr0VcgD+T8sTTfPBnWVe
ns8PMZd/nJ6YR7e/2VE4EIaBSScsVwV7M3YMuqFqU89fI2Er4B118zMmj/SY505U
vTv5AH2gWRm2Q6t7E4n0f2Z9PoUgZr270Qtr8MueHOlboNBkB1cbmRMdl1g63tBN
ujPAED2K+1QsVN3fLIRB+EQ7wxFgICaepkWGdAU5hIg09N0btqQW8ruuRTWcpynF
F5wJuWsGtZIkPsuasnlveSfCID4LMTFg
-----END CERTIFICATE-----
Generated at Fri May 9 06:53:33 2025 by rpki-client