Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/C6DA0246D8D311EFBB8D004D762E951A.roa
File: C6DA0246D8D311EFBB8D004D762E951A.roa (raw, json)
Hash identifier: bCcTzxpVeoqtPaJro6Sc9kGYp2Yr6KJKBBuISccMKXo=
Subject key identifier: F7:21:39:CA:80:FA:81:1F:EA:CF:C2:07:C8:D8:48:1F:A9:65:29:F3
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 013FC4
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/C6DA0246D8D311EFBB8D004D762E951A.roa
Signing time: Wed 22 Jan 2025 15:15:56 +0000
ROA not before: Wed 22 Jan 2025 15:15:52 +0000
ROA not after: Tue 01 Apr 2025 15:15:52 +0000
asID: 138915
IP address blocks: 154.93.124.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 81860 (0x13fc4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Jan 22 15:15:52 2025 GMT
Not After : Apr 1 15:15:52 2025 GMT
Subject: CN=67910bac-dd30
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:91:37:c3:68:20:64:35:2b:fa:b2:82:09:1e:
4f:24:32:f6:59:3a:8d:3b:0e:28:7a:da:f2:c5:53:
4b:9a:ca:b5:61:25:22:62:f5:87:33:19:eb:38:0e:
68:37:be:fe:99:55:e3:a2:c8:8a:09:75:cc:c9:2c:
c5:7b:1a:ae:99:5c:6a:3b:14:21:05:fe:fa:33:53:
98:c5:52:cd:0a:f4:80:3d:39:77:5e:90:3a:86:e1:
70:3d:bd:74:40:fa:28:9e:27:11:75:fc:e0:b5:95:
21:fa:27:0e:4e:bd:95:dd:f3:aa:89:fe:43:27:d2:
dd:1e:c8:ee:e7:14:67:19:c0:fb:6c:9e:fd:a5:a5:
6e:76:c9:f3:7a:69:fc:c3:92:6b:98:7d:37:f7:13:
06:81:4c:c1:c6:d9:f9:97:fb:ba:5b:07:7b:3b:53:
77:66:e6:91:1c:72:b3:68:b8:c3:15:38:ca:27:3b:
97:9e:42:57:ba:0a:a8:86:de:de:7c:52:fe:91:73:
0d:f7:52:93:1a:4d:70:2e:ff:c6:4e:57:76:ac:1b:
87:20:b8:71:7c:09:b5:01:35:18:44:fe:6d:f2:e4:
2e:54:e5:bc:da:54:ee:5c:67:81:e5:a6:19:4c:d6:
02:f6:96:6c:a6:c6:1d:47:41:ae:dc:b3:65:88:3c:
68:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:21:39:CA:80:FA:81:1F:EA:CF:C2:07:C8:D8:48:1F:A9:65:29:F3
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/C6DA0246D8D311EFBB8D004D762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.93.124.0/24
Signature Algorithm: sha256WithRSAEncryption
87:22:d0:e4:28:e9:f8:5d:3d:9a:be:d7:1d:04:3a:86:0b:52:
fc:16:74:6b:6d:89:1a:2f:b9:f8:a2:68:ec:37:c5:97:91:75:
79:48:0d:04:79:a9:0d:3c:d4:de:26:af:f2:5c:2a:99:85:c1:
f0:c8:9e:68:b5:a0:d2:b7:70:bd:4d:08:98:c5:84:56:3c:51:
9c:c7:b6:64:62:ee:fe:c9:03:6b:31:1e:37:93:3b:1e:98:b2:
a1:57:69:73:2f:f0:1e:9d:a1:ba:e9:ea:85:50:92:c7:16:65:
01:4d:70:ab:a1:80:bb:fd:0a:7c:95:46:79:ad:09:21:27:b9:
22:43:e4:fa:d3:68:85:e2:4e:94:c9:b8:38:e7:52:8d:d0:0d:
03:68:ca:be:cc:72:7c:96:37:db:ab:1c:1f:aa:bb:1e:e2:d9:
0e:25:7b:75:5e:e3:44:2e:97:61:73:8a:db:d3:af:6c:29:00:
fb:86:a5:12:b9:2a:81:b2:da:ae:81:e3:63:f8:f2:4b:98:bb:
81:42:8d:8c:3a:d0:8e:f5:e8:36:47:a8:85:41:e7:ec:f4:de:
00:55:c5:80:b7:c6:65:09:f2:7a:ed:4c:50:33:de:87:ca:82:
d5:62:91:6e:eb:41:69:18:64:5d:58:1b:ee:dd:8d:65:37:f5:
be:f6:07:e8
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAT/EMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTIyMTUxNTUyWhcNMjUwNDAxMTUxNTUyWjAYMRYw
FAYDVQQDEw02NzkxMGJhYy1kZDMwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAvJE3w2ggZDUr+rKCCR5PJDL2WTqNOw4oetryxVNLmsq1YSUiYvWHMxnr
OA5oN77+mVXjosiKCXXMySzFexqumVxqOxQhBf76M1OYxVLNCvSAPTl3XpA6huFw
Pb10QPoonicRdfzgtZUh+icOTr2V3fOqif5DJ9LdHsju5xRnGcD7bJ79paVudsnz
emn8w5JrmH039xMGgUzBxtn5l/u6Wwd7O1N3ZuaRHHKzaLjDFTjKJzuXnkJXugqo
ht7efFL+kXMN91KTGk1wLv/GTld2rBuHILhxfAm1ATUYRP5t8uQuVOW82lTuXGeB
5aYZTNYC9pZspsYdR0Gu3LNliDxovwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFPch
OcqA+oEf6s/CB8jYSB+pZSnzMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9DNkRBMDI0NkQ4RDMxMUVGQkI4RDAwNEQ3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAml18MA0GCSqGSIb3DQEB
CwUAA4IBAQCHItDkKOn4XT2avtcdBDqGC1L8FnRrbYkaL7n4omjsN8WXkXV5SA0E
eakNPNTeJq/yXCqZhcHwyJ5otaDSt3C9TQiYxYRWPFGcx7ZkYu7+yQNrMR43kzse
mLKhV2lzL/AenaG66eqFUJLHFmUBTXCroYC7/Qp8lUZ5rQkhJ7kiQ+T602iF4k6U
ybg451KN0A0DaMq+zHJ8ljfbqxwfqrse4tkOJXt1XuNELpdhc4rb069sKQD7hqUS
uSqBstqugeNj+PJLmLuBQo2MOtCO9eg2R6iFQefs9N4AVcWAt8ZlCfJ67UxQM96H
yoLVYpFu60FpGGRdWBvu3Y1lN/W+9gfo
-----END CERTIFICATE-----
Generated at Sat Apr 12 08:19:56 2025 by rpki-client