Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/C26941DCF4D911EFB5BA7777762E951A.roa
File: C26941DCF4D911EFB5BA7777762E951A.roa (raw, json)
Hash identifier: C1OYHKG5vJtXG/NBQPw2CYidVUwo9bLCcM74KvoXSwQ=
Subject key identifier: C9:E2:AE:54:61:F4:47:D6:9E:08:24:FA:B0:93:3A:7E:96:25:D5:77
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 016695
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/C26941DCF4D911EFB5BA7777762E951A.roa
Signing time: Thu 27 Feb 2025 07:09:18 +0000
ROA not before: Thu 27 Feb 2025 07:09:14 +0000
ROA not after: Wed 26 Mar 2025 07:09:14 +0000
asID: 139880
IP address blocks: 154.206.128.0/18 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 91797 (0x16695)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Feb 27 07:09:14 2025 GMT
Not After : Mar 26 07:09:14 2025 GMT
Subject: CN=67c00f9e-99d7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:7c:1e:d0:03:fa:ec:54:ac:17:14:18:0d:9e:
42:88:5c:0d:62:c4:fe:19:fd:fb:23:8a:92:ea:86:
32:c2:bf:44:17:95:ae:0b:6b:e6:38:13:87:5f:66:
3a:d1:d0:d0:a9:b3:dc:10:07:1a:6c:9f:cd:02:5a:
73:03:1f:6f:f8:58:ec:80:c7:54:91:52:fd:1d:50:
75:8a:51:dd:61:8b:3f:19:2e:9c:cb:80:2e:51:a4:
c0:99:ba:ae:50:44:0c:ce:2c:a3:32:ea:f8:25:17:
fc:43:c9:c3:1f:63:a7:7a:e1:88:62:5c:75:22:b6:
0f:10:63:41:7c:27:4d:bc:92:13:d3:51:31:52:18:
31:bb:b3:8d:9f:c0:cf:4c:7a:54:79:57:80:cb:e6:
2a:3f:44:5b:b4:92:55:12:a5:4f:bd:fd:1e:08:1f:
6a:f4:b4:a8:ab:bf:b4:5a:ce:69:d5:ac:b8:a7:bb:
f8:25:f0:4f:bf:c8:19:0c:3a:0a:fe:01:e5:33:00:
c0:31:df:31:25:41:54:a4:5c:69:6e:ef:99:21:78:
f3:20:2b:87:18:66:ee:3c:ca:41:fa:3b:4e:a4:6b:
38:ae:99:8e:12:c7:2e:11:01:3f:9e:1b:69:4f:14:
18:9a:52:ad:37:0d:a8:a7:4b:f4:d4:d7:f0:ac:95:
5c:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:E2:AE:54:61:F4:47:D6:9E:08:24:FA:B0:93:3A:7E:96:25:D5:77
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/C26941DCF4D911EFB5BA7777762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.206.128.0/18
Signature Algorithm: sha256WithRSAEncryption
be:02:3c:91:a0:e2:71:0a:0d:d6:8b:da:e0:18:b5:78:ea:9b:
d0:44:ad:15:66:71:94:9d:70:c6:ae:09:35:e5:8b:3b:7c:ba:
5d:e1:ab:fc:73:a3:34:ec:3e:c3:a1:26:15:f5:4c:e9:09:62:
2b:89:81:23:ff:ef:51:0d:06:67:91:60:51:46:35:1f:b1:28:
a6:ca:aa:90:9e:52:2e:79:84:22:9b:a9:84:e5:1c:9b:9f:0a:
ea:45:b5:57:b0:c4:bf:3c:14:77:3f:46:b5:7d:f6:91:7e:bd:
a8:e0:df:ef:e6:40:d2:d6:f0:61:de:2d:24:b9:43:f7:17:ac:
8d:94:c1:db:36:09:45:fe:1c:97:ee:a4:76:8b:59:1d:1a:3e:
13:09:d7:17:08:89:00:87:7c:30:34:6c:4d:7e:e0:41:ff:98:
35:57:9b:9f:87:1a:ce:b5:d7:2d:e8:79:68:e2:33:c8:1d:78:
24:02:b0:8f:d3:3d:50:74:1f:a8:ba:73:fb:b7:7a:d1:be:9e:
98:ba:78:4e:65:70:fb:67:08:8a:fb:a3:cf:d6:1a:ed:87:76:
72:fe:79:dd:7e:ac:13:3e:af:f0:a3:d2:97:a7:5a:57:ea:6b:
4b:0b:51:49:13:57:2d:04:87:f3:0a:81:89:2c:da:a8:80:7f:
12:da:f6:7a
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAWaVMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMjI3MDcwOTE0WhcNMjUwMzI2MDcwOTE0WjAYMRYw
FAYDVQQDEw02N2MwMGY5ZS05OWQ3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEApHwe0AP67FSsFxQYDZ5CiFwNYsT+Gf37I4qS6oYywr9EF5WuC2vmOBOH
X2Y60dDQqbPcEAcabJ/NAlpzAx9v+FjsgMdUkVL9HVB1ilHdYYs/GS6cy4AuUaTA
mbquUEQMziyjMur4JRf8Q8nDH2OneuGIYlx1IrYPEGNBfCdNvJIT01ExUhgxu7ON
n8DPTHpUeVeAy+YqP0RbtJJVEqVPvf0eCB9q9LSoq7+0Ws5p1ay4p7v4JfBPv8gZ
DDoK/gHlMwDAMd8xJUFUpFxpbu+ZIXjzICuHGGbuPMpB+jtOpGs4rpmOEscuEQE/
nhtpTxQYmlKtNw2op0v01NfwrJVcTQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFMni
rlRh9EfWnggk+rCTOn6WJdV3MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9DMjY5NDFEQ0Y0RDkxMUVGQjVCQTc3Nzc3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQGms6AMA0GCSqGSIb3DQEB
CwUAA4IBAQC+AjyRoOJxCg3Wi9rgGLV46pvQRK0VZnGUnXDGrgk15Ys7fLpd4av8
c6M07D7DoSYV9UzpCWIriYEj/+9RDQZnkWBRRjUfsSimyqqQnlIueYQim6mE5Ryb
nwrqRbVXsMS/PBR3P0a1ffaRfr2o4N/v5kDS1vBh3i0kuUP3F6yNlMHbNglF/hyX
7qR2i1kdGj4TCdcXCIkAh3wwNGxNfuBB/5g1V5ufhxrOtdct6Hlo4jPIHXgkArCP
0z1QdB+ounP7t3rRvp6YunhOZXD7ZwiK+6PP1hrth3Zy/nndfqwTPq/wo9KXp1pX
6mtLC1FJE1ctBIfzCoGJLNqogH8S2vZ6
-----END CERTIFICATE-----
Generated at Fri May 9 05:46:07 2025 by rpki-client