Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/B9DC1BE8F81C11EFB6F2C0B4762E951A.roa
File: B9DC1BE8F81C11EFB6F2C0B4762E951A.roa (raw, json)
Hash identifier: 0a5R9GwdMID0uVjdUTvFuvAHLsPl8HCyS5O1z6xpHo8=
Subject key identifier: 2A:A4:3F:98:23:6A:6A:EA:14:DA:5D:A4:05:55:7E:44:29:E2:7A:DD
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 017037
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/B9DC1BE8F81C11EFB6F2C0B4762E951A.roa
Signing time: Mon 03 Mar 2025 10:46:13 +0000
ROA not before: Mon 03 Mar 2025 10:46:09 +0000
ROA not after: Wed 26 Mar 2025 10:46:09 +0000
asID: 62240
IP address blocks: 154.195.131.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 94263 (0x17037)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Mar 3 10:46:09 2025 GMT
Not After : Mar 26 10:46:09 2025 GMT
Subject: CN=67c58875-80ec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:7a:72:f9:9c:d3:29:0e:c4:4e:ec:cc:1f:ee:
1d:cf:40:12:f7:19:f5:e5:55:23:62:be:82:e9:66:
2a:c2:29:ce:53:c1:98:94:83:2a:73:f1:e3:4b:61:
f5:bb:5c:4a:2e:5b:dc:90:bd:56:47:47:52:c5:c7:
e5:86:ff:19:b9:bd:c7:1d:09:77:6e:58:bb:b4:7f:
88:b5:5e:ab:44:b4:19:4d:a9:c2:e2:c9:e0:57:d3:
a2:45:b4:72:0b:d5:06:ab:23:ec:d6:b6:cb:44:f3:
7f:10:8c:18:16:e3:d3:a6:db:07:0b:12:68:5f:92:
78:f4:f9:dc:1d:6f:00:8f:bb:46:4c:ac:96:ea:53:
8e:71:fd:7f:97:70:e8:77:17:ff:d9:28:48:e7:e7:
ed:45:1e:4f:7a:20:22:84:50:84:6c:54:9f:d1:be:
54:95:d7:07:59:78:2e:d8:d1:ca:6f:9c:c0:74:bd:
83:2c:5a:0c:85:a3:85:3d:15:39:b2:30:df:8c:65:
2c:fc:9e:c9:ef:8b:6f:7b:11:31:f4:b0:85:4b:e7:
17:1a:71:b9:75:30:af:98:33:a6:ca:85:f2:c0:8d:
b0:33:20:3f:20:7e:97:47:0f:51:c6:67:c7:94:24:
87:04:d1:b6:c7:40:0f:82:46:df:8e:8a:2e:d4:41:
ae:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:A4:3F:98:23:6A:6A:EA:14:DA:5D:A4:05:55:7E:44:29:E2:7A:DD
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/B9DC1BE8F81C11EFB6F2C0B4762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.195.131.0/24
Signature Algorithm: sha256WithRSAEncryption
21:81:f9:6f:ee:7a:fb:83:ab:9c:4d:f4:b8:d5:87:fa:fa:bb:
6f:a3:5f:be:6e:83:58:52:cd:47:eb:fa:ca:09:bc:a4:52:82:
ab:6c:fe:29:20:04:07:1d:d4:a6:96:db:47:2f:65:55:46:c4:
08:ec:f5:ed:8a:2e:e6:88:ad:49:31:03:32:d0:df:66:37:6b:
68:8e:03:a8:79:26:c4:ce:0e:43:db:ed:af:55:16:29:5e:26:
ea:53:9c:dd:a8:17:61:34:ca:18:be:0d:39:4b:6a:30:b2:e0:
9b:fa:8d:43:e8:68:7a:cf:36:49:50:5d:3a:99:67:4d:6a:65:
c1:34:85:33:f7:ef:e0:f9:ca:44:c6:39:67:05:f0:45:5d:67:
d1:d9:cf:6f:13:8e:a5:a8:47:88:67:e3:c8:9d:20:6b:0b:e0:
8d:a0:ac:49:d2:47:b0:30:c7:74:39:6d:39:67:ad:9d:bb:74:
d9:ad:e6:fc:76:54:f7:f1:d8:8a:51:9f:a8:ad:80:5e:93:94:
cc:e4:15:c0:22:ff:2f:d8:60:b1:6a:38:19:26:61:a7:0e:fc:
06:7a:d0:fa:0e:c8:18:7f:88:59:17:c9:9e:51:8c:be:d9:6c:
21:cf:2b:cb:be:08:64:b0:cb:fb:83:20:a0:d4:0c:96:b8:6c:
50:2a:11:d3
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAXA3MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMzAzMTA0NjA5WhcNMjUwMzI2MTA0NjA5WjAYMRYw
FAYDVQQDEw02N2M1ODg3NS04MGVjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAvXpy+ZzTKQ7ETuzMH+4dz0AS9xn15VUjYr6C6WYqwinOU8GYlIMqc/Hj
S2H1u1xKLlvckL1WR0dSxcflhv8Zub3HHQl3bli7tH+ItV6rRLQZTanC4sngV9Oi
RbRyC9UGqyPs1rbLRPN/EIwYFuPTptsHCxJoX5J49PncHW8Aj7tGTKyW6lOOcf1/
l3Dodxf/2ShI5+ftRR5PeiAihFCEbFSf0b5UldcHWXgu2NHKb5zAdL2DLFoMhaOF
PRU5sjDfjGUs/J7J74tvexEx9LCFS+cXGnG5dTCvmDOmyoXywI2wMyA/IH6XRw9R
xmfHlCSHBNG2x0APgkbfjoou1EGuPQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFCqk
P5gjamrqFNpdpAVVfkQp4nrdMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9COURDMUJFOEY4MUMxMUVGQjZGMkMwQjQ3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmsODMA0GCSqGSIb3DQEB
CwUAA4IBAQAhgflv7nr7g6ucTfS41Yf6+rtvo1++boNYUs1H6/rKCbykUoKrbP4p
IAQHHdSmlttHL2VVRsQI7PXtii7miK1JMQMy0N9mN2tojgOoeSbEzg5D2+2vVRYp
XibqU5zdqBdhNMoYvg05S2owsuCb+o1D6Gh6zzZJUF06mWdNamXBNIUz9+/g+cpE
xjlnBfBFXWfR2c9vE46lqEeIZ+PInSBrC+CNoKxJ0kewMMd0OW05Z62du3TZreb8
dlT38diKUZ+orYBek5TM5BXAIv8v2GCxajgZJmGnDvwGetD6DsgYf4hZF8meUYy+
2WwhzyvLvghksMv7gyCg1AyWuGxQKhHT
-----END CERTIFICATE-----
Generated at Fri May 9 06:45:44 2025 by rpki-client