Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D367054EF61611EF93CDA66D762E951A.roa
File: D367054EF61611EF93CDA66D762E951A.roa (raw, json)
Hash identifier: T1no1DqlQM7jFsXxOfbpGBenSHf6i/ZLVSwLKPjhEiA=
Subject key identifier: BD:23:52:B2:7A:88:D6:20:8A:19:77:8A:B5:77:E9:DB:1F:D7:1B:64
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 016C17
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D367054EF61611EF93CDA66D762E951A.roa
Signing time: Fri 28 Feb 2025 20:58:57 +0000
ROA not before: Fri 28 Feb 2025 20:58:53 +0000
ROA not after: Wed 26 Mar 2025 20:58:53 +0000
asID: 62240
IP address blocks: 154.194.72.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 93207 (0x16c17)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Feb 28 20:58:53 2025 GMT
Not After : Mar 26 20:58:53 2025 GMT
Subject: CN=67c22391-616f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:28:fb:22:b9:60:dc:6b:c0:db:b9:4b:27:8d:
63:35:18:17:33:eb:78:e3:bd:fb:47:a9:44:4d:f6:
02:1f:44:f9:a3:23:d0:93:4a:c5:11:c1:8d:ef:8e:
bf:8f:02:fe:fb:ab:09:cc:c1:25:27:6e:20:24:d0:
3a:a1:c4:61:2c:3b:82:aa:a7:c5:ca:00:54:41:4a:
9f:5a:d1:26:f4:c8:7c:c2:97:06:00:bc:ff:fd:b1:
f4:c3:73:07:10:f7:56:f0:82:22:cf:8c:7e:41:92:
91:94:e3:97:7f:88:67:7b:71:5e:4e:bb:74:e4:33:
5b:c7:9f:4c:ce:16:ce:cb:f6:4f:35:e1:c5:2e:f9:
38:43:ea:e5:73:7d:68:c7:fb:bc:c1:9f:38:a0:e7:
c4:91:df:ec:12:73:bf:59:57:63:85:a3:01:88:e1:
5a:0b:57:9a:9b:60:4c:8b:d3:e4:dc:f5:df:41:1a:
7b:31:df:1d:41:39:bd:41:7a:09:00:dc:61:85:e8:
81:0b:8f:24:63:b2:ca:e6:39:b0:a3:cf:2c:30:d7:
80:9a:b4:bf:58:71:2c:10:b5:1a:92:39:5e:80:d2:
8a:18:3a:65:b1:56:56:51:69:d5:f3:dd:e0:7b:77:
fe:a8:bf:20:b6:50:d3:97:a6:ec:72:e9:a8:e5:ce:
2c:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:23:52:B2:7A:88:D6:20:8A:19:77:8A:B5:77:E9:DB:1F:D7:1B:64
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D367054EF61611EF93CDA66D762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.194.72.0/24
Signature Algorithm: sha256WithRSAEncryption
2d:a6:46:fe:33:4b:fe:97:0d:22:7c:8d:02:85:b7:f2:c9:c7:
ae:6f:07:32:1b:ce:c9:b4:de:f4:38:4d:9b:6f:ba:d8:5b:60:
9b:9e:c5:64:94:55:37:16:73:f7:f9:fd:7d:87:48:77:6b:97:
8e:ed:e8:88:50:61:94:f5:b6:5b:1a:69:70:e0:f2:1e:64:81:
11:e3:c4:29:8a:9b:7c:41:95:3c:d2:f9:35:fc:87:1a:88:93:
2a:01:d0:e8:85:2a:88:61:bc:38:55:30:85:d0:50:50:92:2e:
1f:39:70:55:bc:ec:96:d1:a0:d7:ef:04:dc:79:dc:1a:a1:ab:
7a:20:f5:19:17:d7:07:4d:b8:17:8e:d2:05:cc:63:40:aa:be:
76:99:36:1a:ab:a4:1d:83:ce:1c:40:e2:ff:6d:d2:af:71:18:
d0:32:30:c7:ce:ea:6d:8f:60:84:c6:71:77:94:d9:37:2c:49:
fb:35:49:93:72:e4:33:4a:c7:98:5e:48:36:e5:0b:94:52:74:
27:7d:31:d7:1f:79:0a:ca:bc:9e:d5:79:87:fb:41:4b:ea:93:
93:39:3c:fe:f2:a0:1d:fe:45:d7:47:30:e9:9a:99:70:e3:65:
df:5c:9a:62:90:91:bf:52:c6:71:db:f9:88:b8:fd:57:f9:75:
2c:4b:85:11
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAWwXMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMjI4MjA1ODUzWhcNMjUwMzI2MjA1ODUzWjAYMRYw
FAYDVQQDEw02N2MyMjM5MS02MTZmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAryj7Irlg3GvA27lLJ41jNRgXM+t44737R6lETfYCH0T5oyPQk0rFEcGN
746/jwL++6sJzMElJ24gJNA6ocRhLDuCqqfFygBUQUqfWtEm9Mh8wpcGALz//bH0
w3MHEPdW8IIiz4x+QZKRlOOXf4hne3FeTrt05DNbx59MzhbOy/ZPNeHFLvk4Q+rl
c31ox/u8wZ84oOfEkd/sEnO/WVdjhaMBiOFaC1eam2BMi9Pk3PXfQRp7Md8dQTm9
QXoJANxhheiBC48kY7LK5jmwo88sMNeAmrS/WHEsELUakjlegNKKGDplsVZWUWnV
893ge3f+qL8gtlDTl6bscumo5c4sRwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFL0j
UrJ6iNYgihl3irV36dsf1xtkMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9EMzY3MDU0RUY2MTYxMUVGOTNDREE2NkQ3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmsJIMA0GCSqGSIb3DQEB
CwUAA4IBAQAtpkb+M0v+lw0ifI0ChbfyyceubwcyG87JtN70OE2bb7rYW2CbnsVk
lFU3FnP3+f19h0h3a5eO7eiIUGGU9bZbGmlw4PIeZIER48Qpipt8QZU80vk1/Ica
iJMqAdDohSqIYbw4VTCF0FBQki4fOXBVvOyW0aDX7wTcedwaoat6IPUZF9cHTbgX
jtIFzGNAqr52mTYaq6Qdg84cQOL/bdKvcRjQMjDHzuptj2CExnF3lNk3LEn7NUmT
cuQzSseYXkg25QuUUnQnfTHXH3kKyrye1XmH+0FL6pOTOTz+8qAd/kXXRzDpmplw
42XfXJpikJG/UsZx2/mIuP1X+XUsS4UR
-----END CERTIFICATE-----
Generated at Fri May 9 05:41:31 2025 by rpki-client