Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/BAE8C862F53611EF9C82E56E762E951A.roa
File: BAE8C862F53611EF9C82E56E762E951A.roa (raw, json)
Hash identifier: 7KGtZU7blGWyqt42XXJLMUH7JiZjE9seuUWO0IqqRo0=
Subject key identifier: 58:1A:99:33:7B:89:C7:93:D0:71:AE:AB:95:B5:A6:A4:0F:5D:6B:09
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 016974
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/BAE8C862F53611EF9C82E56E762E951A.roa
Signing time: Thu 27 Feb 2025 18:14:49 +0000
ROA not before: Thu 27 Feb 2025 18:14:45 +0000
ROA not after: Wed 26 Mar 2025 18:14:45 +0000
asID: 62240
IP address blocks: 154.196.72.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 92532 (0x16974)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Feb 27 18:14:45 2025 GMT
Not After : Mar 26 18:14:45 2025 GMT
Subject: CN=67c0ab98-4ec4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:14:0c:a2:0f:e6:86:38:6a:73:35:28:d4:3f:
a7:92:74:fb:07:42:b4:52:2d:9f:df:d2:8c:62:11:
87:02:50:c7:5d:22:c5:34:a9:b9:03:0d:13:25:3e:
45:39:49:57:1e:ec:e0:8a:1b:8a:7d:63:3d:b0:3c:
6c:70:60:cc:2e:3b:50:59:d0:76:78:25:20:72:4d:
12:58:b1:26:3f:5d:e2:7f:51:b0:89:c2:a8:c3:15:
25:3d:12:88:3f:40:7b:bb:78:27:3b:cf:31:b5:fe:
f7:98:1a:aa:c3:b1:e3:aa:18:83:a4:fe:a8:c4:cc:
5b:ae:4e:70:91:fa:ec:02:4f:a4:63:c3:f1:5f:c0:
f7:15:db:63:da:4d:61:aa:bf:0c:a1:8f:61:c9:28:
a0:c3:d4:04:13:a8:7b:de:50:e3:c7:f3:27:29:92:
b9:22:d2:f9:62:3e:f7:a9:18:0b:8b:2b:33:2d:70:
38:14:8a:5b:2a:c8:c6:c1:14:8d:97:12:a7:1c:a7:
3e:92:ad:14:bf:c6:3b:aa:af:e6:8f:0c:4e:fb:66:
56:a4:7d:2a:c1:32:75:7d:b0:43:99:09:6d:0c:c5:
de:e3:14:5d:63:5a:5b:8f:97:19:9c:5d:de:6b:77:
a3:86:54:fd:29:7f:19:e4:2b:1c:0f:7c:1c:92:02:
54:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:1A:99:33:7B:89:C7:93:D0:71:AE:AB:95:B5:A6:A4:0F:5D:6B:09
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/BAE8C862F53611EF9C82E56E762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.196.72.0/24
Signature Algorithm: sha256WithRSAEncryption
32:cf:b9:00:64:fe:fb:b5:de:da:7c:a3:60:2c:28:f5:65:a1:
85:a5:78:64:67:83:03:e0:25:ff:19:29:f1:e3:d6:1c:fd:1c:
cf:74:1f:22:67:16:78:7d:48:d3:e5:7c:65:83:ed:2f:2a:e6:
bd:e1:67:a1:00:8b:7f:b5:a3:50:16:78:83:84:cc:17:b7:86:
8d:c4:29:e7:a7:8b:f4:93:c1:dd:f8:1a:ff:5a:58:a1:f2:f5:
77:89:d1:f5:ec:e5:d7:01:1d:39:f4:57:ad:3e:8a:a5:32:eb:
09:7f:92:1b:ab:ac:29:a5:f5:fb:27:f0:01:96:e7:70:5e:65:
cd:a1:74:74:ee:70:1a:83:ba:c0:1b:25:e6:c8:08:a5:41:ab:
d9:bd:21:d7:71:e6:3c:9a:a1:d7:16:25:44:da:1c:c5:0f:97:
db:26:7b:20:3a:52:65:fa:df:31:54:58:e5:0d:e4:23:b5:44:
1b:71:2b:5e:e0:37:72:4c:98:71:9c:c1:4c:8a:ca:c8:33:e3:
ed:5a:76:05:75:86:c8:3b:99:69:38:07:23:a6:c7:75:11:79:
8f:86:80:52:d9:9f:8f:e3:a2:ee:90:77:ba:af:ae:a3:43:5a:
70:9c:d1:8b:0c:e7:6c:9a:a2:a5:a9:32:76:b4:74:99:39:bc:
66:20:ee:e2
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAWl0MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMjI3MTgxNDQ1WhcNMjUwMzI2MTgxNDQ1WjAYMRYw
FAYDVQQDEw02N2MwYWI5OC00ZWM0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAoBQMog/mhjhqczUo1D+nknT7B0K0Ui2f39KMYhGHAlDHXSLFNKm5Aw0T
JT5FOUlXHuzgihuKfWM9sDxscGDMLjtQWdB2eCUgck0SWLEmP13if1GwicKowxUl
PRKIP0B7u3gnO88xtf73mBqqw7HjqhiDpP6oxMxbrk5wkfrsAk+kY8PxX8D3Fdtj
2k1hqr8MoY9hySigw9QEE6h73lDjx/MnKZK5ItL5Yj73qRgLiyszLXA4FIpbKsjG
wRSNlxKnHKc+kq0Uv8Y7qq/mjwxO+2ZWpH0qwTJ1fbBDmQltDMXe4xRdY1pbj5cZ
nF3ea3ejhlT9KX8Z5CscD3wckgJU7QIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFFga
mTN7iceT0HGuq5W1pqQPXWsJMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9CQUU4Qzg2MkY1MzYxMUVGOUM4MkU1NkU3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmsRIMA0GCSqGSIb3DQEB
CwUAA4IBAQAyz7kAZP77td7afKNgLCj1ZaGFpXhkZ4MD4CX/GSnx49Yc/RzPdB8i
ZxZ4fUjT5Xxlg+0vKua94WehAIt/taNQFniDhMwXt4aNxCnnp4v0k8Hd+Br/Wlih
8vV3idH17OXXAR059FetPoqlMusJf5Ibq6wppfX7J/ABludwXmXNoXR07nAag7rA
GyXmyAilQavZvSHXceY8mqHXFiVE2hzFD5fbJnsgOlJl+t8xVFjlDeQjtUQbcSte
4DdyTJhxnMFMisrIM+PtWnYFdYbIO5lpOAcjpsd1EXmPhoBS2Z+P46LukHe6r66j
Q1pwnNGLDOdsmqKlqTJ2tHSZObxmIO7i
-----END CERTIFICATE-----
Generated at Fri May 9 11:29:25 2025 by rpki-client