Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/CB6D6190F4E911EFA00B9E65762E951A.roa
File: CB6D6190F4E911EFA00B9E65762E951A.roa (raw, json)
Hash identifier: 9AQC3hiL1i9/tFIpiJSiuPA09ue4r8HgDwKBOLG0Y0M=
Subject key identifier: DC:D7:AC:79:13:46:92:56:48:CB:67:B1:D2:6A:16:C0:00:0B:F3:61
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01670D
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/CB6D6190F4E911EFA00B9E65762E951A.roa
Signing time: Thu 27 Feb 2025 09:04:05 +0000
ROA not before: Thu 27 Feb 2025 09:04:01 +0000
ROA not after: Wed 26 Mar 2025 09:04:01 +0000
asID: 62240
IP address blocks: 154.195.21.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 91917 (0x1670d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Feb 27 09:04:01 2025 GMT
Not After : Mar 26 09:04:01 2025 GMT
Subject: CN=67c02a85-d28c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:74:a5:d1:81:3f:23:90:6c:c1:15:84:94:18:
b8:10:16:0f:6a:1b:56:26:8b:e8:b0:1f:68:5e:68:
a6:7f:6f:d9:0b:38:6c:b4:6f:e0:83:82:42:fb:a1:
e7:88:10:9f:43:dc:6f:0d:66:e4:62:10:20:ea:36:
4b:87:15:6b:68:25:c8:c1:5b:aa:4e:0a:77:39:de:
e9:67:78:f4:d6:ed:32:18:54:ff:c5:fb:d8:9b:dc:
5a:78:c4:69:02:36:eb:12:94:55:b5:05:ce:87:95:
9c:44:b2:54:7a:0b:3b:49:09:35:47:d3:6e:12:ae:
d3:b7:5f:e7:b1:85:40:a2:5d:fd:ff:36:35:8f:c0:
b2:98:ab:a7:4f:f1:1f:7d:6b:7d:6e:4c:8f:eb:5c:
29:0a:e4:16:82:33:b8:7d:5e:a9:30:d3:45:a5:dc:
0d:62:63:5d:5e:cf:86:cf:75:ec:28:c3:b2:15:46:
4f:e4:26:a0:31:e5:0b:4f:fe:7b:9a:5c:41:33:0f:
37:3a:88:b0:aa:bf:50:34:c9:3d:65:32:13:39:dc:
44:08:10:52:3b:51:9e:a0:36:6b:ba:cc:ec:3f:cd:
1b:3e:f1:6b:d9:78:b3:56:ab:2f:0d:aa:5d:89:c3:
62:92:63:3b:d1:17:1c:e9:47:1b:4a:7c:5a:a5:79:
86:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:D7:AC:79:13:46:92:56:48:CB:67:B1:D2:6A:16:C0:00:0B:F3:61
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/CB6D6190F4E911EFA00B9E65762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.195.21.0/24
Signature Algorithm: sha256WithRSAEncryption
1a:b5:99:6a:15:ff:83:39:1a:55:7f:c4:de:60:8e:74:67:09:
81:d2:13:65:d0:e9:d9:bd:7a:86:54:57:a1:a9:bc:13:18:bc:
90:7e:86:71:e6:e3:f6:c5:9b:d5:79:a8:61:30:d8:5b:f7:54:
19:57:ef:44:11:b7:11:a0:7d:05:bd:5c:17:b0:e8:11:ad:34:
c9:d1:04:1e:e4:6a:49:25:3d:a9:08:d7:35:e5:ec:45:3d:b8:
60:68:5f:14:81:72:c0:95:aa:e1:e0:be:08:2c:fa:f7:1b:bd:
ef:be:d1:e9:01:da:c6:8c:6f:34:84:a7:b0:f3:83:48:a8:61:
8f:41:97:08:eb:b5:de:bd:e1:91:84:6c:8f:0b:7a:f3:a2:ba:
41:8f:dd:1d:98:09:3a:4d:78:ab:77:b4:5c:03:99:e7:d8:84:
09:5a:21:27:1d:1a:15:10:50:e3:f3:2d:2c:57:34:37:69:ea:
2a:d5:28:97:e0:d2:2e:4c:fc:db:87:02:ab:85:97:27:9b:d1:
de:06:fe:c9:17:c0:2b:34:f2:b3:38:9d:69:d2:39:32:fc:17:
a0:2f:a4:83:ff:4c:b5:40:49:db:1f:55:52:bc:5f:90:7b:7c:
51:f5:69:a3:ea:2b:9d:d5:c0:3e:74:cf:05:5f:b4:5b:cc:19:
b2:40:38:c0
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAWcNMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMjI3MDkwNDAxWhcNMjUwMzI2MDkwNDAxWjAYMRYw
FAYDVQQDEw02N2MwMmE4NS1kMjhjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAyXSl0YE/I5BswRWElBi4EBYPahtWJovosB9oXmimf2/ZCzhstG/gg4JC
+6HniBCfQ9xvDWbkYhAg6jZLhxVraCXIwVuqTgp3Od7pZ3j01u0yGFT/xfvYm9xa
eMRpAjbrEpRVtQXOh5WcRLJUegs7SQk1R9NuEq7Tt1/nsYVAol39/zY1j8CymKun
T/EffWt9bkyP61wpCuQWgjO4fV6pMNNFpdwNYmNdXs+Gz3XsKMOyFUZP5CagMeUL
T/57mlxBMw83Ooiwqr9QNMk9ZTITOdxECBBSO1GeoDZruszsP80bPvFr2XizVqsv
DapdicNikmM70Rcc6UcbSnxapXmGIwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFNzX
rHkTRpJWSMtnsdJqFsAAC/NhMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9DQjZENjE5MEY0RTkxMUVGQTAwQjlFNjU3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmsMVMA0GCSqGSIb3DQEB
CwUAA4IBAQAatZlqFf+DORpVf8TeYI50ZwmB0hNl0OnZvXqGVFehqbwTGLyQfoZx
5uP2xZvVeahhMNhb91QZV+9EEbcRoH0FvVwXsOgRrTTJ0QQe5GpJJT2pCNc15exF
PbhgaF8UgXLAlarh4L4ILPr3G73vvtHpAdrGjG80hKew84NIqGGPQZcI67XeveGR
hGyPC3rzorpBj90dmAk6TXird7RcA5nn2IQJWiEnHRoVEFDj8y0sVzQ3aeoq1SiX
4NIuTPzbhwKrhZcnm9HeBv7JF8ArNPKzOJ1p0jky/BegL6SD/0y1QEnbH1VSvF+Q
e3xR9Wmj6iud1cA+dM8FX7RbzBmyQDjA
-----END CERTIFICATE-----
Generated at Fri May 9 07:06:54 2025 by rpki-client