Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D1BCFD90F4DE11EF8B83BA98762E951A.roa
File: D1BCFD90F4DE11EF8B83BA98762E951A.roa (raw, json)
Hash identifier: Y9bT4nV7kYjAXPfZbo3GVcDElhAUdVPyrmFnhdrrHlI=
Subject key identifier: 63:17:4F:07:A5:2F:10:29:5B:C1:4E:49:30:46:82:52:BA:6E:B0:9C
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0166B7
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D1BCFD90F4DE11EF8B83BA98762E951A.roa
Signing time: Thu 27 Feb 2025 07:45:31 +0000
ROA not before: Thu 27 Feb 2025 07:45:27 +0000
ROA not after: Wed 26 Mar 2025 07:45:27 +0000
asID: 62240
IP address blocks: 154.195.169.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 91831 (0x166b7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Feb 27 07:45:27 2025 GMT
Not After : Mar 26 07:45:27 2025 GMT
Subject: CN=67c0181b-8ef6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:6a:49:a3:c7:4e:cf:02:81:6b:f8:8f:09:1f:
30:4b:b0:63:2a:8b:a4:02:a6:bc:e2:d5:02:a7:5b:
d4:bc:e2:a2:aa:5e:f2:d2:85:43:cb:26:aa:fb:e0:
7d:46:81:34:86:a1:4a:18:09:1c:a8:8a:f0:e1:9b:
db:77:7d:66:b3:2a:a5:d3:5b:07:f8:cd:28:b0:75:
16:c1:a6:73:ef:a3:dd:2e:70:8c:2f:fd:ee:53:db:
58:b3:d3:32:4d:c1:c2:c0:20:5b:11:f3:a9:8d:16:
13:1a:47:29:07:0c:e9:36:30:a5:e4:0f:be:3e:73:
15:b8:93:42:d2:29:33:b2:f3:15:42:ef:30:ee:d0:
4c:c6:15:e4:a3:6a:31:33:8f:7a:94:dd:81:a4:e8:
78:d8:71:9d:c1:c6:24:48:c8:cb:94:82:52:e7:51:
f3:9e:ab:d5:a1:e9:00:24:69:62:74:ef:d7:2a:af:
f1:64:11:78:0f:5a:a1:da:bf:57:03:9c:d3:e7:45:
0e:b2:48:64:72:cc:6c:f3:2d:d2:ce:49:96:2a:21:
2b:c4:98:d4:6e:39:6b:26:91:cd:b6:63:19:90:34:
b6:c5:0f:90:0a:4c:0b:cd:64:f9:ba:0c:dc:fe:63:
f4:ca:17:c8:92:ad:b2:22:b7:56:8d:05:0b:db:7e:
89:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:17:4F:07:A5:2F:10:29:5B:C1:4E:49:30:46:82:52:BA:6E:B0:9C
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D1BCFD90F4DE11EF8B83BA98762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.195.169.0/24
Signature Algorithm: sha256WithRSAEncryption
9f:14:ef:a6:2b:98:56:98:13:15:f8:aa:2a:82:fa:79:04:3f:
27:43:2a:60:cc:1c:6e:17:07:06:0b:7a:d4:e3:66:b1:27:d4:
5b:20:cd:37:74:0b:5e:91:a5:c3:7a:85:e5:7d:67:f3:34:c3:
1a:bf:75:77:b2:b7:0d:f0:e9:c0:9d:fc:a8:41:4e:5d:72:f9:
2b:ef:a6:25:bb:91:fc:51:62:1e:5c:ec:90:23:43:17:e1:e9:
5b:c2:5f:ca:8a:9e:97:26:f3:71:f7:1e:49:2b:1a:92:d4:a6:
87:6b:26:92:86:63:5b:ff:3f:2f:13:da:5b:28:62:dc:07:39:
77:94:21:45:fe:35:26:d0:38:7d:31:64:aa:c5:9d:b6:11:2e:
5f:d8:0c:26:c9:9a:ec:1e:2f:5b:9d:f3:bc:36:77:01:55:16:
0a:58:40:e0:e2:70:7a:d7:e7:52:d9:47:6b:95:24:c0:d1:f4:
18:1e:b9:d9:0d:06:01:54:bb:9b:21:82:35:ea:c7:3e:e4:73:
51:d2:15:72:50:88:fd:91:83:6e:71:ab:f1:4e:67:8a:eb:5b:
84:19:75:7d:32:7d:8f:63:6d:b5:fb:b3:c5:1e:92:2f:93:57:
1e:f9:44:f0:a6:c2:1f:1c:a6:22:8f:f7:73:6f:91:00:8a:b7:
38:04:81:23
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAWa3MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMjI3MDc0NTI3WhcNMjUwMzI2MDc0NTI3WjAYMRYw
FAYDVQQDEw02N2MwMTgxYi04ZWY2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA0mpJo8dOzwKBa/iPCR8wS7BjKoukAqa84tUCp1vUvOKiql7y0oVDyyaq
++B9RoE0hqFKGAkcqIrw4Zvbd31msyql01sH+M0osHUWwaZz76PdLnCML/3uU9tY
s9MyTcHCwCBbEfOpjRYTGkcpBwzpNjCl5A++PnMVuJNC0ikzsvMVQu8w7tBMxhXk
o2oxM496lN2BpOh42HGdwcYkSMjLlIJS51HznqvVoekAJGlidO/XKq/xZBF4D1qh
2r9XA5zT50UOskhkcsxs8y3SzkmWKiErxJjUbjlrJpHNtmMZkDS2xQ+QCkwLzWT5
ugzc/mP0yhfIkq2yIrdWjQUL236JhwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFGMX
TwelLxApW8FOSTBGglK6brCcMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9EMUJDRkQ5MEY0REUxMUVGOEI4M0JBOTg3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmsOpMA0GCSqGSIb3DQEB
CwUAA4IBAQCfFO+mK5hWmBMV+Koqgvp5BD8nQypgzBxuFwcGC3rU42axJ9RbIM03
dAtekaXDeoXlfWfzNMMav3V3srcN8OnAnfyoQU5dcvkr76Ylu5H8UWIeXOyQI0MX
4elbwl/Kip6XJvNx9x5JKxqS1KaHayaShmNb/z8vE9pbKGLcBzl3lCFF/jUm0Dh9
MWSqxZ22ES5f2AwmyZrsHi9bnfO8NncBVRYKWEDg4nB61+dS2UdrlSTA0fQYHrnZ
DQYBVLubIYI16sc+5HNR0hVyUIj9kYNucavxTmeK61uEGXV9Mn2PY221+7PFHpIv
k1ce+UTwpsIfHKYij/dzb5EAirc4BIEj
-----END CERTIFICATE-----
Generated at Fri May 9 12:07:30 2025 by rpki-client