Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D27A9966F50D11EFB5B55A5C762E951A.roa
File: D27A9966F50D11EFB5B55A5C762E951A.roa (raw, json)
Hash identifier: FZzByQnX0a4er6dPTMDtYm2SLAqOeIHeVwDp4z54j7g=
Subject key identifier: 04:47:26:FB:10:6B:B2:5F:27:14:A8:65:D4:4C:DF:4A:B6:36:4D:93
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01687E
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D27A9966F50D11EFB5B55A5C762E951A.roa
Signing time: Thu 27 Feb 2025 13:21:59 +0000
ROA not before: Thu 27 Feb 2025 13:21:55 +0000
ROA not after: Wed 26 Mar 2025 13:21:55 +0000
asID: 62240
IP address blocks: 154.196.16.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 92286 (0x1687e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Feb 27 13:21:55 2025 GMT
Not After : Mar 26 13:21:55 2025 GMT
Subject: CN=67c066f7-c8cf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:0a:2b:23:c9:4f:fd:d3:ab:8a:bd:f4:31:7a:
b2:b9:15:2a:06:7b:dc:36:5d:c2:19:1a:36:cb:22:
da:a4:9b:ce:3c:46:ec:20:8b:03:09:0e:11:d3:10:
ff:4b:8c:a2:6c:ae:2c:43:ce:c4:52:cb:bd:f6:c3:
bf:49:f1:13:9e:7c:45:38:d2:fe:67:5b:08:2d:94:
77:11:90:45:9f:25:fa:20:72:96:1c:1b:bb:0b:96:
fc:23:83:ef:ce:c1:31:0c:70:a1:e0:61:8f:2f:b4:
e8:d2:56:be:dc:01:9a:ae:69:09:4d:26:1b:80:6c:
6b:df:36:ec:6b:95:7f:b2:c4:4b:c5:17:db:5e:d5:
e9:dc:87:f9:63:30:03:ed:5f:6d:cf:e5:86:cd:0e:
2e:cc:07:44:37:d0:fe:a8:e0:c4:54:31:60:20:7d:
98:2d:57:20:74:d8:2d:38:95:5f:6d:32:c2:29:04:
42:12:40:40:16:08:26:5a:79:a9:85:56:64:23:b2:
20:7d:d9:28:78:ed:a5:d0:5f:c4:48:e9:00:c2:93:
6b:f5:c1:f9:24:38:b6:37:be:a8:fd:1f:04:a6:f6:
2f:a4:03:9b:1d:86:7b:21:fe:ce:ac:f0:d9:55:43:
cb:24:bf:da:da:f3:fd:0b:ae:35:29:5c:ec:64:37:
c7:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:47:26:FB:10:6B:B2:5F:27:14:A8:65:D4:4C:DF:4A:B6:36:4D:93
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D27A9966F50D11EFB5B55A5C762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.196.16.0/24
Signature Algorithm: sha256WithRSAEncryption
96:85:ed:d2:e4:e6:f0:e4:39:bd:36:ae:8d:d6:06:7c:f4:51:
8a:72:ac:a6:88:c5:ac:48:8f:ab:3b:cd:d3:36:8f:9d:25:c5:
17:6e:93:7c:84:fc:99:3a:fa:7e:29:22:8c:df:01:b8:ca:d3:
48:65:48:b5:91:0a:71:63:b2:26:da:a7:23:17:5d:f8:a9:09:
c8:bc:96:77:30:32:c2:4f:f1:51:6c:7c:0c:2a:9e:51:07:03:
84:89:5f:c3:eb:ce:1b:8c:22:bf:a2:f7:ff:f5:15:3d:25:b3:
c6:f0:62:bf:19:18:3b:9a:81:e6:ab:b8:75:48:6c:ba:12:3a:
dd:12:85:10:45:14:6c:8f:56:de:1f:fe:a1:12:4b:4c:de:81:
32:30:84:90:05:8f:68:77:59:91:b5:26:74:2a:62:84:ed:16:
c0:db:d9:6d:0b:46:fc:89:1a:86:18:25:48:57:0c:c6:de:e9:
1d:7a:d1:c4:b3:5b:d4:01:77:b3:b6:b3:9c:ec:68:4e:8e:7b:
76:c4:3b:56:b7:18:a5:32:cf:00:98:43:9e:c5:55:03:23:d6:
45:2a:19:0c:0c:51:60:d3:d7:ec:74:3f:b9:cd:3e:ad:09:2c:
1b:c0:4e:3e:c6:5b:51:bf:97:07:8d:19:1f:ac:d5:be:18:3c:
b2:77:3a:ee
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAWh+MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMjI3MTMyMTU1WhcNMjUwMzI2MTMyMTU1WjAYMRYw
FAYDVQQDEw02N2MwNjZmNy1jOGNmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA0AorI8lP/dOrir30MXqyuRUqBnvcNl3CGRo2yyLapJvOPEbsIIsDCQ4R
0xD/S4yibK4sQ87EUsu99sO/SfETnnxFONL+Z1sILZR3EZBFnyX6IHKWHBu7C5b8
I4PvzsExDHCh4GGPL7To0la+3AGarmkJTSYbgGxr3zbsa5V/ssRLxRfbXtXp3If5
YzAD7V9tz+WGzQ4uzAdEN9D+qODEVDFgIH2YLVcgdNgtOJVfbTLCKQRCEkBAFggm
WnmphVZkI7IgfdkoeO2l0F/ESOkAwpNr9cH5JDi2N76o/R8EpvYvpAObHYZ7If7O
rPDZVUPLJL/a2vP9C641KVzsZDfHtQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFARH
JvsQa7JfJxSoZdRM30q2Nk2TMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9EMjdBOTk2NkY1MEQxMUVGQjVCNTVBNUM3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmsQQMA0GCSqGSIb3DQEB
CwUAA4IBAQCWhe3S5Obw5Dm9Nq6N1gZ89FGKcqymiMWsSI+rO83TNo+dJcUXbpN8
hPyZOvp+KSKM3wG4ytNIZUi1kQpxY7Im2qcjF134qQnIvJZ3MDLCT/FRbHwMKp5R
BwOEiV/D684bjCK/ovf/9RU9JbPG8GK/GRg7moHmq7h1SGy6EjrdEoUQRRRsj1be
H/6hEktM3oEyMISQBY9od1mRtSZ0KmKE7RbA29ltC0b8iRqGGCVIVwzG3ukdetHE
s1vUAXeztrOc7GhOjnt2xDtWtxilMs8AmEOexVUDI9ZFKhkMDFFg09fsdD+5zT6t
CSwbwE4+xltRv5cHjRkfrNW+GDyydzru
-----END CERTIFICATE-----
Generated at Fri May 9 06:57:12 2025 by rpki-client