Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/BF71E66404B511F0BB20C888762E951A.roa
File: BF71E66404B511F0BB20C888762E951A.roa (raw, json)
Hash identifier: hvkFMD5QMNDiC07DMXtprH7dcfKSRvT+ZOIug5xsNFs=
Subject key identifier: 8D:02:93:5C:03:47:39:07:F4:DC:51:EE:70:0D:08:0C:18:6F:B6:53
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 017504
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/BF71E66404B511F0BB20C888762E951A.roa
Signing time: Wed 19 Mar 2025 11:31:50 +0000
ROA not before: Wed 19 Mar 2025 11:31:26 +0000
ROA not after: Thu 27 Mar 2025 11:31:26 +0000
asID: 142286
IP address blocks: 154.89.64.0/18 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 95492 (0x17504)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Mar 19 11:31:26 2025 GMT
Not After : Mar 27 11:31:26 2025 GMT
Subject: CN=67daab26-7995
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:01:12:1c:f3:56:d3:db:14:35:6b:7c:33:22:
e1:e4:94:58:b7:e0:ad:25:40:85:22:e9:ef:b9:84:
06:c2:a9:a5:66:66:4b:13:46:05:db:ac:83:63:b4:
59:ba:f4:cb:bf:a7:8d:fa:34:e1:9c:2a:60:14:57:
ea:64:57:54:73:b0:3e:27:3e:87:83:f1:c8:2f:f7:
e8:43:32:b9:ac:2e:10:59:a4:6d:c7:54:e1:3e:ad:
95:f6:04:10:1a:63:0e:11:97:9a:25:5e:9f:62:78:
d6:8e:22:55:e7:c3:18:99:be:ca:37:2b:34:11:12:
ef:60:1e:1a:2f:c5:aa:11:07:34:7e:fd:24:2c:83:
08:e4:60:5a:ea:2c:41:33:a1:e4:26:e2:38:24:4f:
0a:79:96:08:75:68:97:20:9a:4c:72:d9:5d:e1:47:
00:a2:52:d5:9b:3b:63:4a:26:e6:e3:41:3e:1e:3f:
81:60:e1:2a:e5:f4:1b:e9:a2:20:06:e1:ad:11:35:
4c:1f:c6:dc:29:49:45:b3:a6:9f:56:d9:5b:20:7a:
aa:71:83:75:a5:b1:bb:74:99:d5:fc:cc:d2:66:87:
a8:f6:41:82:a9:e5:58:44:5d:bd:01:d8:41:b3:4b:
de:30:7e:0b:75:0c:da:8f:50:24:5c:45:97:a7:af:
b9:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:02:93:5C:03:47:39:07:F4:DC:51:EE:70:0D:08:0C:18:6F:B6:53
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/BF71E66404B511F0BB20C888762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.89.64.0/18
Signature Algorithm: sha256WithRSAEncryption
67:a0:04:30:7c:5c:5c:e1:da:d9:ee:4d:f5:45:7b:7f:34:c2:
45:cf:43:cf:ca:6e:a9:2e:1c:2c:f8:6a:08:26:57:9f:4c:14:
8c:23:85:c9:cc:91:1a:f2:86:de:89:e4:db:5b:7c:f6:25:e9:
73:46:c9:5f:73:a0:25:db:7b:b4:70:60:27:0e:db:cd:bd:26:
28:1e:ae:a5:02:8b:83:48:06:3e:8e:dc:27:9e:98:7a:6e:e1:
05:69:11:7a:53:54:4b:50:54:57:ae:aa:e8:48:2a:d9:ac:74:
40:3e:86:71:b1:64:d9:db:5b:24:d3:07:e7:cc:4a:a9:6c:f9:
b8:94:4e:33:a8:8d:1c:23:85:dd:e0:1f:fb:06:73:14:30:9f:
02:ba:a2:49:d8:ba:16:c3:90:94:1c:0e:6b:c0:d9:6a:29:70:
4c:6a:ea:9f:93:de:5f:19:be:3b:e4:ea:37:21:58:a5:77:6d:
28:d9:16:be:24:f3:7c:02:2b:11:cd:44:bf:60:b2:9a:3e:a5:
2a:10:c5:dd:57:ec:7a:94:8f:68:f2:e5:f4:33:0c:8a:a5:88:
5d:53:31:18:e9:c1:c4:1a:e1:c0:7e:d4:86:f8:ff:36:1f:39:
27:3f:50:86:29:9d:a3:51:d3:4f:6a:21:ac:8b:61:5b:27:e1:
e2:f2:5b:0f
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAXUEMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMzE5MTEzMTI2WhcNMjUwMzI3MTEzMTI2WjAYMRYw
FAYDVQQDEw02N2RhYWIyNi03OTk1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA4QESHPNW09sUNWt8MyLh5JRYt+CtJUCFIunvuYQGwqmlZmZLE0YF26yD
Y7RZuvTLv6eN+jThnCpgFFfqZFdUc7A+Jz6Hg/HIL/foQzK5rC4QWaRtx1ThPq2V
9gQQGmMOEZeaJV6fYnjWjiJV58MYmb7KNys0ERLvYB4aL8WqEQc0fv0kLIMI5GBa
6ixBM6HkJuI4JE8KeZYIdWiXIJpMctld4UcAolLVmztjSibm40E+Hj+BYOEq5fQb
6aIgBuGtETVMH8bcKUlFs6afVtlbIHqqcYN1pbG7dJnV/MzSZoeo9kGCqeVYRF29
AdhBs0veMH4LdQzaj1AkXEWXp6+5BQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFI0C
k1wDRzkH9NxR7nANCAwYb7ZTMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9CRjcxRTY2NDA0QjUxMUYwQkIyMEM4ODg3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQGmllAMA0GCSqGSIb3DQEB
CwUAA4IBAQBnoAQwfFxc4drZ7k31RXt/NMJFz0PPym6pLhws+GoIJlefTBSMI4XJ
zJEa8obeieTbW3z2JelzRslfc6Al23u0cGAnDtvNvSYoHq6lAouDSAY+jtwnnph6
buEFaRF6U1RLUFRXrqroSCrZrHRAPoZxsWTZ21sk0wfnzEqpbPm4lE4zqI0cI4Xd
4B/7BnMUMJ8CuqJJ2LoWw5CUHA5rwNlqKXBMauqfk95fGb475Oo3IVild20o2Ra+
JPN8AisRzUS/YLKaPqUqEMXdV+x6lI9o8uX0MwyKpYhdUzEY6cHEGuHAftSG+P82
HzknP1CGKZ2jUdNPaiGsi2FbJ+Hi8lsP
-----END CERTIFICATE-----
Generated at Fri May 9 13:21:13 2025 by rpki-client