Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/C2EA3C98F29911EFAD9AD78E762E951A.roa
File: C2EA3C98F29911EFAD9AD78E762E951A.roa (raw, json)
Hash identifier: I2KFWN5/ZSsEJqtbCWsPz2MTm+eYvf+yWlFoilnb8Cg=
Subject key identifier: 67:97:0B:69:F6:6F:F9:BA:AA:36:1A:F1:B4:BC:C2:02:FD:EA:AA:75
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 015BAE
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/C2EA3C98F29911EFAD9AD78E762E951A.roa
Signing time: Mon 24 Feb 2025 10:26:08 +0000
ROA not before: Mon 24 Feb 2025 10:26:05 +0000
ROA not after: Wed 26 Mar 2025 10:26:05 +0000
asID: 39600
IP address blocks: 154.94.40.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 89006 (0x15bae)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Feb 24 10:26:05 2025 GMT
Not After : Mar 26 10:26:05 2025 GMT
Subject: CN=67bc4940-d105
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:49:08:c3:84:c7:8f:23:1c:e1:a2:b3:97:68:
92:b4:1b:84:42:26:e4:09:04:78:ee:33:6a:58:c9:
87:3c:25:89:13:eb:39:71:28:f9:8e:ea:d4:2a:bb:
71:76:a8:a1:c5:94:e4:37:55:4c:b4:b3:aa:5a:ff:
54:33:46:dc:b8:33:d4:c5:f9:75:d5:c7:aa:ce:9a:
e9:78:55:55:72:09:d9:85:06:e8:9a:2b:a4:97:dd:
37:5d:47:42:3f:07:a9:12:17:28:4b:cd:43:93:e7:
8f:36:61:b2:67:86:55:83:29:93:2a:09:1e:a7:6f:
6f:48:a6:4a:e6:73:a2:ab:e8:af:c6:a3:be:ab:8d:
b5:64:46:a0:8b:3c:ec:83:09:8a:84:6c:3d:fc:1b:
7c:53:af:49:c4:bb:2e:f2:35:ed:d4:d1:7a:a8:bd:
67:40:1a:50:16:1d:78:ea:9e:7e:65:ad:18:aa:b7:
ae:1d:d8:e3:09:fb:8e:27:b3:43:08:19:d3:c2:60:
30:8e:99:23:de:1d:e4:f0:de:c5:fb:73:96:3a:73:
10:8b:27:ef:07:36:c6:95:cd:32:66:d5:ca:b0:a0:
04:47:95:0b:a1:2b:2b:27:52:5b:25:04:a2:97:e0:
2d:91:e9:36:9a:d8:e0:de:c5:93:04:a5:37:cf:aa:
2f:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:97:0B:69:F6:6F:F9:BA:AA:36:1A:F1:B4:BC:C2:02:FD:EA:AA:75
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/C2EA3C98F29911EFAD9AD78E762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.94.40.0/24
Signature Algorithm: sha256WithRSAEncryption
5b:2e:65:b1:48:80:0b:21:03:fb:a7:69:c8:04:d8:20:32:a1:
1b:8e:3f:7d:e5:59:2d:86:dc:6e:96:f9:ac:f0:31:7b:6c:f7:
83:4d:05:ad:a8:1c:fe:8a:e3:ad:b1:17:e0:6e:68:fb:aa:b4:
ba:f8:14:63:82:92:c9:50:b4:72:bb:6d:49:b8:38:aa:d7:34:
d7:24:c3:30:3d:f6:ef:7c:c9:68:75:5b:6b:51:a7:da:74:18:
b9:3a:90:49:6b:85:21:46:11:db:59:05:69:98:84:d6:f5:b5:
86:e3:c0:27:75:49:16:35:f0:51:0f:79:e5:ba:12:bc:ea:c4:
c8:1b:fa:3e:16:62:84:de:5d:43:a8:c3:01:ab:f9:0a:27:38:
b2:d5:60:2c:b7:a7:6e:37:38:bc:10:62:74:0f:e4:78:d3:41:
eb:c0:78:ea:c1:6b:9f:7c:36:22:46:20:1f:59:88:80:32:4e:
09:7b:f1:35:7e:bb:f5:b6:eb:77:34:0f:bd:6b:42:e7:4e:59:
0a:57:92:b8:70:52:df:98:87:72:12:ec:08:e7:91:f0:41:b6:
44:cc:79:41:6f:e0:67:d6:ed:d7:8e:e7:39:e8:d5:2c:67:7b:
d7:81:1d:39:09:4f:51:55:bb:9c:11:8c:ee:64:48:48:a5:a3:
6d:4a:97:bc
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAVuuMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMjI0MTAyNjA1WhcNMjUwMzI2MTAyNjA1WjAYMRYw
FAYDVQQDEw02N2JjNDk0MC1kMTA1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAq0kIw4THjyMc4aKzl2iStBuEQibkCQR47jNqWMmHPCWJE+s5cSj5jurU
KrtxdqihxZTkN1VMtLOqWv9UM0bcuDPUxfl11ceqzprpeFVVcgnZhQbomiukl903
XUdCPwepEhcoS81Dk+ePNmGyZ4ZVgymTKgkep29vSKZK5nOiq+ivxqO+q421ZEag
izzsgwmKhGw9/Bt8U69JxLsu8jXt1NF6qL1nQBpQFh146p5+Za0YqreuHdjjCfuO
J7NDCBnTwmAwjpkj3h3k8N7F+3OWOnMQiyfvBzbGlc0yZtXKsKAER5ULoSsrJ1Jb
JQSil+Atkek2mtjg3sWTBKU3z6ovIQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFGeX
C2n2b/m6qjYa8bS8wgL96qp1MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9DMkVBM0M5OEYyOTkxMUVGQUQ5QUQ3OEU3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAml4oMA0GCSqGSIb3DQEB
CwUAA4IBAQBbLmWxSIALIQP7p2nIBNggMqEbjj995Vkthtxulvms8DF7bPeDTQWt
qBz+iuOtsRfgbmj7qrS6+BRjgpLJULRyu21JuDiq1zTXJMMwPfbvfMlodVtrUafa
dBi5OpBJa4UhRhHbWQVpmITW9bWG48AndUkWNfBRD3nluhK86sTIG/o+FmKE3l1D
qMMBq/kKJziy1WAst6duNzi8EGJ0D+R400HrwHjqwWuffDYiRiAfWYiAMk4Je/E1
frv1tut3NA+9a0LnTlkKV5K4cFLfmIdyEuwI55HwQbZEzHlBb+Bn1u3Xjuc56NUs
Z3vXgR05CU9RVbucEYzuZEhIpaNtSpe8
-----END CERTIFICATE-----
Generated at Fri May 9 06:03:08 2025 by rpki-client