Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/CF7F5FF0F6AF11EF89AC7C88762E951A.roa
File: CF7F5FF0F6AF11EF89AC7C88762E951A.roa (raw, json)
Hash identifier: Ib8Z7G1BoaN+eokPyPNbUlUAMn6MR7izhTtqOWYBXS0=
Subject key identifier: EE:DA:0E:BB:64:FA:EE:13:BD:71:12:93:92:3C:10:36:B3:81:09:0F
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 016E97
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/CF7F5FF0F6AF11EF89AC7C88762E951A.roa
Signing time: Sat 01 Mar 2025 15:14:03 +0000
ROA not before: Sat 01 Mar 2025 15:13:59 +0000
ROA not after: Wed 26 Mar 2025 15:13:59 +0000
asID: 62240
IP address blocks: 154.194.103.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 93847 (0x16e97)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Mar 1 15:13:59 2025 GMT
Not After : Mar 26 15:13:59 2025 GMT
Subject: CN=67c3243b-b715
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:58:06:ca:d4:72:7e:19:72:c1:6f:59:d5:f1:
ae:c0:48:27:9a:54:4e:2b:e1:c2:ba:87:e3:24:dd:
fc:db:e9:31:a0:92:95:f5:20:d6:1d:64:e1:66:75:
39:7b:47:13:f0:a0:21:f8:63:d2:85:c3:b7:55:37:
fa:bf:f6:f4:b4:59:f5:a6:99:fc:2e:78:d1:6f:f4:
1d:ff:61:fc:bd:08:bc:dc:bd:52:f3:d3:01:f5:f0:
b5:09:83:68:94:ed:03:26:36:21:52:05:5e:a7:25:
08:1a:d6:12:a5:65:39:2f:1c:3e:6f:02:bb:e4:3c:
fd:1c:83:99:99:3b:ad:de:7f:7d:54:7b:51:36:1f:
30:a9:68:2c:1f:d6:53:69:b5:c3:9a:36:d3:4f:d0:
0f:81:19:7b:ee:fe:88:50:73:b5:0e:58:71:2d:46:
7d:70:ca:22:22:7e:99:82:ac:99:28:de:78:be:9c:
90:2c:a3:71:01:f6:c2:4c:cd:aa:3c:3d:7f:93:97:
d1:95:16:1e:c6:47:00:f4:b4:1b:84:e5:80:3c:86:
b6:53:d3:06:e7:e1:21:46:8e:0b:48:f3:2b:43:c2:
e1:c7:79:3c:84:3e:b3:35:ad:66:5d:18:9f:1b:90:
db:67:6b:92:a7:78:3d:17:39:6b:ea:79:f7:3a:9a:
fc:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:DA:0E:BB:64:FA:EE:13:BD:71:12:93:92:3C:10:36:B3:81:09:0F
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/CF7F5FF0F6AF11EF89AC7C88762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.194.103.0/24
Signature Algorithm: sha256WithRSAEncryption
1a:2b:ee:4a:98:97:24:e6:25:a6:8e:22:0c:e9:9c:2f:03:66:
1a:ed:fd:3a:b5:a7:b6:b0:63:33:a2:ca:47:13:06:31:19:b4:
47:1f:3d:44:35:73:69:cb:c9:4c:56:4f:fa:7f:f3:66:bb:df:
d1:d4:77:09:37:34:7c:08:07:42:9c:d9:11:66:10:b1:99:35:
11:00:4d:a6:32:ea:5e:86:d1:62:8e:d4:f3:a4:de:5a:55:f5:
18:1d:fb:54:fa:c9:8c:48:36:f9:61:b6:cf:a5:c2:25:cf:aa:
ac:5c:8a:4e:2a:4b:62:96:a4:72:7a:e0:76:d6:5a:16:8f:f3:
01:9d:52:7c:a3:99:31:5f:4f:4c:6e:85:f5:db:41:7a:5a:47:
39:04:c4:33:6c:34:55:b6:d1:a2:6b:78:63:be:bd:73:e1:31:
1c:4d:2e:84:ac:56:09:4f:dc:4a:dc:b1:3f:6f:ff:d4:79:a9:
cc:8f:03:56:6d:d4:8a:e8:33:d4:08:95:c5:e0:a5:9d:49:93:
11:2c:4c:d4:28:57:05:c5:c2:8e:88:d1:52:5c:32:53:e3:cc:
e8:be:c3:b9:6c:42:32:08:a3:87:18:7b:04:59:f7:d7:82:6f:
44:61:d9:61:75:c4:4f:c3:fc:b4:9f:17:68:61:9b:c6:03:23:
e4:0a:ec:fa
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAW6XMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMzAxMTUxMzU5WhcNMjUwMzI2MTUxMzU5WjAYMRYw
FAYDVQQDEw02N2MzMjQzYi1iNzE1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAx1gGytRyfhlywW9Z1fGuwEgnmlROK+HCuofjJN382+kxoJKV9SDWHWTh
ZnU5e0cT8KAh+GPShcO3VTf6v/b0tFn1ppn8LnjRb/Qd/2H8vQi83L1S89MB9fC1
CYNolO0DJjYhUgVepyUIGtYSpWU5Lxw+bwK75Dz9HIOZmTut3n99VHtRNh8wqWgs
H9ZTabXDmjbTT9APgRl77v6IUHO1DlhxLUZ9cMoiIn6ZgqyZKN54vpyQLKNxAfbC
TM2qPD1/k5fRlRYexkcA9LQbhOWAPIa2U9MG5+EhRo4LSPMrQ8Lhx3k8hD6zNa1m
XRifG5DbZ2uSp3g9Fzlr6nn3Opr8DwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFO7a
Drtk+u4TvXESk5I8EDazgQkPMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9DRjdGNUZGMEY2QUYxMUVGODlBQzdDODg3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmsJnMA0GCSqGSIb3DQEB
CwUAA4IBAQAaK+5KmJck5iWmjiIM6ZwvA2Ya7f06tae2sGMzospHEwYxGbRHHz1E
NXNpy8lMVk/6f/Nmu9/R1HcJNzR8CAdCnNkRZhCxmTURAE2mMupehtFijtTzpN5a
VfUYHftU+smMSDb5YbbPpcIlz6qsXIpOKktilqRyeuB21loWj/MBnVJ8o5kxX09M
boX120F6Wkc5BMQzbDRVttGia3hjvr1z4TEcTS6ErFYJT9xK3LE/b//UeanMjwNW
bdSK6DPUCJXF4KWdSZMRLEzUKFcFxcKOiNFSXDJT48zovsO5bEIyCKOHGHsEWffX
gm9EYdlhdcRPw/y0nxdoYZvGAyPkCuz6
-----END CERTIFICATE-----
Generated at Fri May 9 06:49:53 2025 by rpki-client