Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/B6D3DEDAF61A11EFB84B1788762E951A.roa
File: B6D3DEDAF61A11EFB84B1788762E951A.roa (raw, json)
Hash identifier: uQKFx1R72mQEzljsDMDt9S35WDTwkKJtr10Sn6N/EnE=
Subject key identifier: D6:F5:57:DA:F1:EE:58:76:AE:9E:31:57:02:A8:A4:11:76:3D:2B:ED
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 016C41
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/B6D3DEDAF61A11EFB84B1788762E951A.roa
Signing time: Fri 28 Feb 2025 21:26:47 +0000
ROA not before: Fri 28 Feb 2025 21:26:43 +0000
ROA not after: Wed 26 Mar 2025 21:26:43 +0000
asID: 62240
IP address blocks: 154.194.117.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 93249 (0x16c41)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Feb 28 21:26:43 2025 GMT
Not After : Mar 26 21:26:43 2025 GMT
Subject: CN=67c22a17-fdb0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:c5:a2:1d:22:e7:84:27:75:3b:b0:98:48:35:
df:36:33:21:49:f6:6b:33:45:d5:da:a9:e4:dc:a5:
60:55:47:44:e6:e9:9b:67:9a:0c:d3:9d:29:e1:4b:
39:af:3c:a4:3a:2d:8f:71:fa:3b:bf:29:63:05:1e:
86:ca:ea:00:cd:6d:24:5f:ac:49:7a:17:fb:b6:df:
73:69:5a:14:db:00:45:c4:93:e2:67:a4:5e:7d:de:
d9:72:6a:1d:cf:eb:54:f2:33:7f:1d:8e:79:db:f4:
d3:ad:61:5d:ba:59:bd:61:4b:05:23:e0:3f:73:4c:
af:48:12:dc:a3:90:37:b7:9f:89:4d:42:f0:4e:bd:
78:9d:17:42:1f:a4:9c:81:6f:40:ed:b5:40:f5:7d:
93:9b:6f:63:ee:5c:f2:42:d7:10:cd:ac:6d:9a:ca:
9f:bb:9a:df:f2:f3:36:dd:c0:54:ba:e8:fa:0f:94:
b0:7c:07:79:86:5d:17:3f:f6:25:7e:ef:4f:51:73:
af:d1:1f:1c:2f:d5:e9:3a:00:c4:cb:7d:f8:a3:eb:
76:04:63:01:e0:37:30:c7:e8:c7:7d:33:c8:da:4a:
2b:63:91:78:a4:d6:79:97:b0:81:69:ce:ae:49:b8:
99:d4:17:04:f8:c7:f1:f4:ea:54:ba:60:bd:40:27:
8c:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:F5:57:DA:F1:EE:58:76:AE:9E:31:57:02:A8:A4:11:76:3D:2B:ED
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/B6D3DEDAF61A11EFB84B1788762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.194.117.0/24
Signature Algorithm: sha256WithRSAEncryption
26:f8:d7:4f:86:34:37:f4:0d:f8:24:d2:b1:78:a9:e7:ae:80:
44:63:ef:1c:a3:c1:87:04:87:a7:6b:d2:93:31:dc:bc:97:c8:
c1:b2:ff:74:dc:89:bd:43:1b:6a:97:4a:75:5d:ba:db:d9:61:
39:1b:f3:24:e7:16:2b:59:1d:3f:87:24:db:66:48:d6:f7:4b:
8f:b0:f8:4f:4b:84:6f:45:50:8f:be:5c:00:45:93:a6:4a:e1:
65:40:2c:90:a8:37:54:89:a3:35:8d:1d:74:8d:6c:09:9d:80:
4a:54:77:bd:b1:c8:33:d4:f0:0e:af:c8:b6:e6:6e:bf:c3:0a:
ed:c8:36:55:fc:d3:68:8d:9a:e5:d6:1e:5a:30:95:ae:5e:b1:
78:d6:91:53:d4:7a:43:ca:f1:62:cd:31:47:f6:5e:1d:d5:6b:
3f:4e:ee:7f:b9:73:2e:27:21:15:27:f2:e5:73:7c:0a:32:d7:
aa:b0:e2:82:ca:02:13:b5:ad:6d:ba:d8:05:6a:f8:ae:f0:83:
ad:01:ed:44:e8:08:6b:29:42:ef:78:4d:a2:bc:fc:40:22:02:
79:c6:2c:f9:eb:ee:84:5e:1a:25:72:20:1a:6f:b2:c9:52:55:
89:6c:b9:6c:76:28:53:19:b1:da:a5:64:d5:58:14:a4:0c:f9:
38:02:63:aa
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAWxBMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMjI4MjEyNjQzWhcNMjUwMzI2MjEyNjQzWjAYMRYw
FAYDVQQDEw02N2MyMmExNy1mZGIwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAmsWiHSLnhCd1O7CYSDXfNjMhSfZrM0XV2qnk3KVgVUdE5umbZ5oM050p
4Us5rzykOi2Pcfo7vyljBR6GyuoAzW0kX6xJehf7tt9zaVoU2wBFxJPiZ6Refd7Z
cmodz+tU8jN/HY552/TTrWFdulm9YUsFI+A/c0yvSBLco5A3t5+JTULwTr14nRdC
H6ScgW9A7bVA9X2Tm29j7lzyQtcQzaxtmsqfu5rf8vM23cBUuuj6D5SwfAd5hl0X
P/Ylfu9PUXOv0R8cL9XpOgDEy334o+t2BGMB4Dcwx+jHfTPI2korY5F4pNZ5l7CB
ac6uSbiZ1BcE+Mfx9OpUumC9QCeMpQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFNb1
V9rx7lh2rp4xVwKopBF2PSvtMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9CNkQzREVEQUY2MUExMUVGQjg0QjE3ODg3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmsJ1MA0GCSqGSIb3DQEB
CwUAA4IBAQAm+NdPhjQ39A34JNKxeKnnroBEY+8co8GHBIena9KTMdy8l8jBsv90
3Im9Qxtql0p1Xbrb2WE5G/Mk5xYrWR0/hyTbZkjW90uPsPhPS4RvRVCPvlwARZOm
SuFlQCyQqDdUiaM1jR10jWwJnYBKVHe9scgz1PAOr8i25m6/wwrtyDZV/NNojZrl
1h5aMJWuXrF41pFT1HpDyvFizTFH9l4d1Ws/Tu5/uXMuJyEVJ/Llc3wKMteqsOKC
ygITta1tutgFaviu8IOtAe1E6AhrKULveE2ivPxAIgJ5xiz56+6EXholciAab7LJ
UlWJbLlsdihTGbHapWTVWBSkDPk4AmOq
-----END CERTIFICATE-----
Generated at Fri May 9 11:22:01 2025 by rpki-client