Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/BE14614EF50511EFBC3543A2762E951A.roa
File: BE14614EF50511EFBC3543A2762E951A.roa (raw, json)
Hash identifier: FarAmLgOZLuvETIkjk5zFWMUSKNBlpmIvy0vNqmsCuc=
Subject key identifier: 4C:A6:9E:4D:93:E7:05:DA:FD:23:5F:ED:65:E8:B9:A4:77:1B:72:1D
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01683B
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/BE14614EF50511EFBC3543A2762E951A.roa
Signing time: Thu 27 Feb 2025 12:24:09 +0000
ROA not before: Thu 27 Feb 2025 12:24:05 +0000
ROA not after: Wed 26 Mar 2025 12:24:05 +0000
asID: 62240
IP address blocks: 154.196.30.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 92219 (0x1683b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Feb 27 12:24:05 2025 GMT
Not After : Mar 26 12:24:05 2025 GMT
Subject: CN=67c05968-738b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:ad:2b:69:86:67:79:b8:01:23:f9:52:60:9c:
c3:d3:9f:19:3d:87:c5:c1:38:47:80:38:0f:b0:29:
64:a3:5a:ed:25:b7:60:58:7f:7f:d1:9d:09:36:77:
11:53:da:a7:ae:7b:34:39:68:e4:53:bd:3a:a9:02:
92:5a:22:38:d1:c9:dc:4e:d4:8d:90:f2:1d:ac:8b:
de:e9:01:04:3f:f9:c5:a9:55:52:c7:cf:fd:11:8a:
56:17:d7:9e:28:a1:3e:01:41:b1:b4:56:f3:6f:7b:
9a:c0:5d:26:3d:fc:a8:af:1d:e3:7a:90:0f:bb:f2:
b6:15:73:64:5a:8c:8b:65:84:da:34:6f:cf:5c:a6:
f3:17:22:54:e6:ae:d4:26:76:13:9a:f1:81:70:5d:
36:5a:e3:3a:f8:80:5e:76:65:cd:0d:01:1e:21:eb:
2e:13:b0:34:e0:0c:88:a8:89:21:30:bf:a9:e4:7d:
e8:ee:66:1b:74:84:45:63:72:ce:ea:0c:a6:39:e1:
ad:cc:a6:83:2b:b1:dd:82:de:f8:86:8b:dc:1f:db:
ee:e8:c6:01:5c:85:5c:66:ac:f8:6b:69:12:c7:38:
05:f5:ac:a6:b9:42:4a:e3:fc:0e:db:92:51:a0:92:
92:53:a5:29:02:31:6c:8b:78:c2:63:8b:3e:b8:80:
fc:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:A6:9E:4D:93:E7:05:DA:FD:23:5F:ED:65:E8:B9:A4:77:1B:72:1D
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/BE14614EF50511EFBC3543A2762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.196.30.0/24
Signature Algorithm: sha256WithRSAEncryption
7e:81:ab:b8:b3:16:99:00:09:d1:b8:f9:28:e1:c2:4e:41:a0:
21:b9:9d:01:d9:58:c6:ea:c6:05:01:41:90:8a:04:b6:34:9a:
9a:4a:31:30:ca:dd:bf:03:f6:87:c0:01:06:40:b7:f7:dc:e7:
f7:42:4e:2d:87:b9:6c:20:62:af:c0:f4:83:f8:76:c5:80:a5:
4d:9b:0b:85:45:1b:75:ef:ed:f4:ba:a1:96:be:39:a1:8a:f4:
29:08:3a:33:58:0b:ae:83:85:68:4d:9b:8e:d9:7f:5a:ec:c4:
66:c5:62:39:0b:0e:4e:56:7d:ba:19:42:31:ed:8d:68:49:18:
e0:9a:ab:cf:3e:f9:b5:1c:78:70:83:4c:6b:ab:9f:85:04:a9:
6c:a5:37:23:84:59:59:95:6f:97:9b:85:e1:03:1c:7c:71:57:
1c:e9:72:43:29:9e:11:aa:dc:ee:b8:41:2f:e6:4c:eb:11:a7:
d8:cd:17:4e:54:86:1f:97:32:27:bb:0c:15:fb:6b:e1:bf:c5:
ca:d3:3f:a8:f3:7f:4a:ed:6d:88:13:c5:7e:f4:71:23:c8:b3:
19:3e:75:6a:b4:7a:da:bf:80:ef:20:cd:ce:86:d4:77:8a:fa:
bf:4b:f6:88:ff:1a:f8:95:89:dc:4d:44:5c:fc:38:3d:08:9d:
4e:66:ec:63
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAWg7MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMjI3MTIyNDA1WhcNMjUwMzI2MTIyNDA1WjAYMRYw
FAYDVQQDEw02N2MwNTk2OC03MzhiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAt60raYZnebgBI/lSYJzD058ZPYfFwThHgDgPsClko1rtJbdgWH9/0Z0J
NncRU9qnrns0OWjkU706qQKSWiI40cncTtSNkPIdrIve6QEEP/nFqVVSx8/9EYpW
F9eeKKE+AUGxtFbzb3uawF0mPfyorx3jepAPu/K2FXNkWoyLZYTaNG/PXKbzFyJU
5q7UJnYTmvGBcF02WuM6+IBedmXNDQEeIesuE7A04AyIqIkhML+p5H3o7mYbdIRF
Y3LO6gymOeGtzKaDK7Hdgt74hovcH9vu6MYBXIVcZqz4a2kSxzgF9aymuUJK4/wO
25JRoJKSU6UpAjFsi3jCY4s+uID8rQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFEym
nk2T5wXa/SNf7WXouaR3G3IdMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9CRTE0NjE0RUY1MDUxMUVGQkMzNTQzQTI3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmsQeMA0GCSqGSIb3DQEB
CwUAA4IBAQB+gau4sxaZAAnRuPko4cJOQaAhuZ0B2VjG6sYFAUGQigS2NJqaSjEw
yt2/A/aHwAEGQLf33Of3Qk4th7lsIGKvwPSD+HbFgKVNmwuFRRt17+30uqGWvjmh
ivQpCDozWAuug4VoTZuO2X9a7MRmxWI5Cw5OVn26GUIx7Y1oSRjgmqvPPvm1HHhw
g0xrq5+FBKlspTcjhFlZlW+Xm4XhAxx8cVcc6XJDKZ4RqtzuuEEv5kzrEafYzRdO
VIYflzInuwwV+2vhv8XK0z+o839K7W2IE8V+9HEjyLMZPnVqtHrav4DvIM3OhtR3
ivq/S/aI/xr4lYncTURc/Dg9CJ1OZuxj
-----END CERTIFICATE-----
Generated at Fri May 9 07:13:57 2025 by rpki-client