Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D1D6EEFEF62711EF87EAF75F762E951A.roa
File: D1D6EEFEF62711EF87EAF75F762E951A.roa (raw, json)
Hash identifier: dkT5GSSLRptlMYDjVu0RO32ZRmL76PEvYrCwC6kND30=
Subject key identifier: F0:2B:87:EE:03:71:01:33:60:2C:01:20:3C:F7:91:3A:DE:F1:5D:BC
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 016CA9
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D1D6EEFEF62711EF87EAF75F762E951A.roa
Signing time: Fri 28 Feb 2025 23:00:36 +0000
ROA not before: Fri 28 Feb 2025 23:00:32 +0000
ROA not after: Wed 26 Mar 2025 23:00:32 +0000
asID: 62240
IP address blocks: 154.194.119.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 93353 (0x16ca9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Feb 28 23:00:32 2025 GMT
Not After : Mar 26 23:00:32 2025 GMT
Subject: CN=67c24014-3d50
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:ed:e8:20:d5:80:48:2c:0d:42:62:b8:87:34:
e8:ca:46:5d:56:8f:e7:8c:b0:f1:c6:d8:f3:1c:07:
ae:27:58:07:3e:5e:8f:58:e5:7b:04:a3:56:e2:87:
8f:19:fa:39:97:f9:51:3b:d7:16:90:4e:7b:02:4e:
2a:6b:a6:58:98:71:37:91:24:70:47:1b:c8:44:5c:
b9:4a:f8:97:ab:09:a4:87:0a:ad:25:f9:f1:36:33:
22:0e:09:5f:c7:d6:bf:3d:3c:45:17:8d:cb:4d:aa:
79:69:ab:e5:c1:75:8e:d0:6b:40:16:1f:08:e6:a0:
f2:ad:bd:b3:d6:cc:60:e2:c6:ca:9c:70:5f:6e:4d:
35:a0:89:28:41:85:5d:b7:c7:23:25:fb:7f:30:d1:
85:7a:87:f7:6c:87:2d:22:60:18:e4:bc:da:37:b6:
a1:62:2d:8d:28:c0:60:5a:07:6e:46:0d:6b:96:50:
6e:3c:8c:f3:a3:eb:3b:17:44:6a:03:40:b4:84:37:
ce:4f:8d:01:cd:c9:ce:c8:1f:e2:e9:8d:04:43:e4:
c3:4c:d4:8c:40:9a:de:2b:f4:b6:f4:c7:d0:ac:95:
ec:c2:da:ec:7f:fc:5a:ab:8e:a8:e8:c3:5b:66:e1:
cf:bd:ec:83:0e:b7:2a:6c:bd:4b:6e:f6:f5:ae:e5:
39:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:2B:87:EE:03:71:01:33:60:2C:01:20:3C:F7:91:3A:DE:F1:5D:BC
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D1D6EEFEF62711EF87EAF75F762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.194.119.0/24
Signature Algorithm: sha256WithRSAEncryption
51:83:12:e5:5f:1b:f2:6a:2c:6d:f1:79:49:a9:28:a3:b6:9e:
15:b9:1a:31:c8:48:94:b6:e3:d5:69:89:3e:12:a2:8c:e0:59:
ba:82:9a:ac:8d:48:9c:0d:32:32:82:60:67:fb:cc:3c:85:b7:
83:92:c8:60:55:89:32:0c:86:16:6c:41:71:0c:5b:d7:c5:6b:
1b:22:b1:93:1e:0a:33:1d:af:8b:80:6a:0b:22:55:0f:c7:08:
af:cc:9b:ba:31:f5:39:14:6b:66:f0:89:0d:6b:4e:76:ef:89:
60:2d:35:2f:66:02:86:f7:65:5a:62:f3:fb:02:9b:c4:cc:c1:
7f:e4:b1:04:19:00:fa:8a:19:aa:26:32:83:06:a2:86:8f:35:
90:af:ba:a5:c6:2b:bb:ac:91:a6:95:f5:a9:d0:ab:7c:a2:ec:
61:c6:76:79:87:ec:41:10:4c:54:bc:d6:80:44:57:c9:f6:e5:
05:e0:db:e3:e2:c2:6c:89:96:c4:aa:7f:e0:e9:c3:48:fb:23:
ad:13:5a:52:39:89:df:31:ce:8e:b8:6b:ec:ff:a1:d4:c7:32:
e1:b3:68:fd:cb:86:cb:26:2e:4d:2c:9c:1b:2b:70:79:f9:9b:
63:82:13:e0:ea:8e:45:d4:f1:e0:28:9d:30:8e:63:96:fd:43:
80:aa:16:88
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAWypMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMjI4MjMwMDMyWhcNMjUwMzI2MjMwMDMyWjAYMRYw
FAYDVQQDEw02N2MyNDAxNC0zZDUwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAqe3oINWASCwNQmK4hzToykZdVo/njLDxxtjzHAeuJ1gHPl6PWOV7BKNW
4oePGfo5l/lRO9cWkE57Ak4qa6ZYmHE3kSRwRxvIRFy5SviXqwmkhwqtJfnxNjMi
Dglfx9a/PTxFF43LTap5aavlwXWO0GtAFh8I5qDyrb2z1sxg4sbKnHBfbk01oIko
QYVdt8cjJft/MNGFeof3bIctImAY5LzaN7ahYi2NKMBgWgduRg1rllBuPIzzo+s7
F0RqA0C0hDfOT40BzcnOyB/i6Y0EQ+TDTNSMQJreK/S29MfQrJXswtrsf/xaq46o
6MNbZuHPveyDDrcqbL1Lbvb1ruU5uwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFPAr
h+4DcQEzYCwBIDz3kTre8V28MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9EMUQ2RUVGRUY2MjcxMUVGODdFQUY3NUY3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmsJ3MA0GCSqGSIb3DQEB
CwUAA4IBAQBRgxLlXxvyaixt8XlJqSijtp4VuRoxyEiUtuPVaYk+EqKM4Fm6gpqs
jUicDTIygmBn+8w8hbeDkshgVYkyDIYWbEFxDFvXxWsbIrGTHgozHa+LgGoLIlUP
xwivzJu6MfU5FGtm8IkNa05274lgLTUvZgKG92VaYvP7ApvEzMF/5LEEGQD6ihmq
JjKDBqKGjzWQr7qlxiu7rJGmlfWp0Kt8ouxhxnZ5h+xBEExUvNaARFfJ9uUF4Nvj
4sJsiZbEqn/g6cNI+yOtE1pSOYnfMc6OuGvs/6HUxzLhs2j9y4bLJi5NLJwbK3B5
+ZtjghPg6o5F1PHgKJ0wjmOW/UOAqhaI
-----END CERTIFICATE-----
Generated at Fri May 9 13:23:09 2025 by rpki-client