Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/CFD40244F29A11EF9991A696762E951A.roa
File: CFD40244F29A11EF9991A696762E951A.roa (raw, json)
Hash identifier: 1SrQmPQnQuURGosoVJkgSZah7amcdxL0R5ezMhVdzpk=
Subject key identifier: 80:63:8F:C0:2B:0C:CE:4A:3A:9B:34:AF:F0:A8:6F:E7:F0:BD:8F:4A
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 015BB4
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/CFD40244F29A11EF9991A696762E951A.roa
Signing time: Mon 24 Feb 2025 10:33:40 +0000
ROA not before: Mon 24 Feb 2025 10:33:36 +0000
ROA not after: Wed 26 Mar 2025 10:33:36 +0000
asID: 39600
IP address blocks: 154.94.33.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 89012 (0x15bb4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Feb 24 10:33:36 2025 GMT
Not After : Mar 26 10:33:36 2025 GMT
Subject: CN=67bc4b04-e355
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:18:0f:61:3d:c6:68:5c:f6:18:b6:dd:7b:18:
56:3f:69:8b:0d:bc:f7:98:34:e8:de:49:9b:68:d9:
e5:b1:18:26:82:7d:e0:dc:76:a6:d4:25:cf:8a:4f:
54:a6:f2:13:a7:43:a6:fe:ab:06:b9:49:be:30:f6:
00:54:4a:20:7c:df:83:a1:e5:ca:cd:6a:31:da:3f:
f2:44:0c:d0:63:06:29:cf:ff:60:1e:3c:16:55:5b:
f1:d7:2f:b9:fb:63:12:8b:be:5e:0f:37:1e:71:fb:
57:22:ac:05:d9:19:36:7d:f0:97:05:7b:a7:c4:41:
62:0b:17:81:4c:d8:da:2b:e6:40:44:c1:3c:ec:f3:
c7:46:15:b4:e9:0e:92:09:83:ce:df:e8:61:9e:57:
39:24:aa:07:f3:1c:2e:66:99:1d:e2:15:7d:34:99:
9f:b7:8f:28:ff:b7:18:35:48:16:03:f1:d9:69:95:
27:b6:66:08:2e:88:5f:16:86:da:65:6c:d6:44:ac:
e1:da:b7:93:58:b0:70:b1:05:f7:6a:6f:1e:c6:d1:
0d:92:bf:ef:f7:39:8d:40:19:7c:23:bc:50:36:05:
76:a2:ac:e9:aa:ef:fe:23:b5:6b:ce:e2:af:2c:69:
0b:87:f0:c3:50:c0:6b:c9:56:92:bc:fb:e7:4a:fd:
df:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:63:8F:C0:2B:0C:CE:4A:3A:9B:34:AF:F0:A8:6F:E7:F0:BD:8F:4A
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/CFD40244F29A11EF9991A696762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.94.33.0/24
Signature Algorithm: sha256WithRSAEncryption
77:3e:b7:ec:5d:48:b3:81:ce:0f:92:a7:af:5c:d3:f7:3f:df:
17:39:9f:e6:a3:98:35:9c:32:af:6a:6f:d4:0a:bc:52:e6:c6:
ba:16:61:cd:e3:07:81:22:06:bc:3c:e8:2f:b4:f2:41:e4:59:
cd:bc:9a:43:15:67:14:68:6c:6a:80:76:ae:07:4f:d4:0f:39:
24:d6:c0:5f:65:e1:ea:6e:95:f2:8c:6c:1e:8d:08:12:9b:b7:
20:67:64:84:c0:2d:3d:f7:ac:1a:a4:f5:b3:69:10:20:44:67:
01:7e:7f:76:e7:54:62:0c:30:41:e4:37:e9:2d:14:70:6c:02:
64:bd:02:f9:59:ef:fe:38:d6:14:3d:60:a5:1b:5a:8f:e6:fc:
33:27:59:22:b9:7d:15:d0:73:ed:f4:72:ae:4e:ac:33:fc:10:
21:61:36:14:9d:32:02:90:39:3a:63:7d:3e:2b:a5:73:b0:72:
69:4d:69:73:46:94:86:3f:83:31:5f:97:83:61:2e:42:19:a1:
71:28:f3:06:2a:6e:e5:8d:91:ac:e1:39:7e:9e:fd:7f:3d:3a:
2a:0f:fe:14:04:23:55:9f:6e:8e:a5:ef:27:e2:a0:73:56:56:
33:b0:c4:e3:32:e4:a1:23:9e:15:16:e7:40:62:75:fb:c7:37:
5c:a1:df:fe
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAVu0MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMjI0MTAzMzM2WhcNMjUwMzI2MTAzMzM2WjAYMRYw
FAYDVQQDEw02N2JjNGIwNC1lMzU1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAshgPYT3GaFz2GLbdexhWP2mLDbz3mDTo3kmbaNnlsRgmgn3g3Ham1CXP
ik9UpvITp0Om/qsGuUm+MPYAVEogfN+DoeXKzWox2j/yRAzQYwYpz/9gHjwWVVvx
1y+5+2MSi75eDzcecftXIqwF2Rk2ffCXBXunxEFiCxeBTNjaK+ZARME87PPHRhW0
6Q6SCYPO3+hhnlc5JKoH8xwuZpkd4hV9NJmft48o/7cYNUgWA/HZaZUntmYILohf
FobaZWzWRKzh2reTWLBwsQX3am8extENkr/v9zmNQBl8I7xQNgV2oqzpqu/+I7Vr
zuKvLGkLh/DDUMBryVaSvPvnSv3fsQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFIBj
j8ArDM5KOps0r/Cob+fwvY9KMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9DRkQ0MDI0NEYyOUExMUVGOTk5MUE2OTY3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAml4hMA0GCSqGSIb3DQEB
CwUAA4IBAQB3PrfsXUizgc4PkqevXNP3P98XOZ/mo5g1nDKvam/UCrxS5sa6FmHN
4weBIga8POgvtPJB5FnNvJpDFWcUaGxqgHauB0/UDzkk1sBfZeHqbpXyjGwejQgS
m7cgZ2SEwC0996wapPWzaRAgRGcBfn9251RiDDBB5DfpLRRwbAJkvQL5We/+ONYU
PWClG1qP5vwzJ1kiuX0V0HPt9HKuTqwz/BAhYTYUnTICkDk6Y30+K6VzsHJpTWlz
RpSGP4MxX5eDYS5CGaFxKPMGKm7ljZGs4Tl+nv1/PToqD/4UBCNVn26Ope8n4qBz
VlYzsMTjMuShI54VFudAYnX7xzdcod/+
-----END CERTIFICATE-----
Generated at Fri May 9 06:35:57 2025 by rpki-client