Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/DB942F06F4EC11EFA10DE278762E951A.roa
File: DB942F06F4EC11EFA10DE278762E951A.roa (raw, json)
Hash identifier: sRE9520E5lQp9xFsv8W6fQshmUiiFa39VQ4cQKyZL7A=
Subject key identifier: 28:DD:C4:7B:B1:9A:BC:2F:CD:2E:0C:1A:4B:12:29:F5:8A:2E:74:B8
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01672F
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/DB942F06F4EC11EFA10DE278762E951A.roa
Signing time: Thu 27 Feb 2025 09:26:01 +0000
ROA not before: Thu 27 Feb 2025 09:25:57 +0000
ROA not after: Wed 26 Mar 2025 09:25:57 +0000
asID: 62240
IP address blocks: 154.195.30.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 91951 (0x1672f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Feb 27 09:25:57 2025 GMT
Not After : Mar 26 09:25:57 2025 GMT
Subject: CN=67c02fa8-9474
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:49:63:e1:9d:e4:ff:95:07:94:12:d5:77:dd:
b4:65:8b:2c:ff:96:62:d4:0c:5a:91:f4:6f:fd:3f:
10:66:2c:15:d4:a7:94:03:0e:51:e2:98:cd:3a:82:
24:3e:d0:10:05:3f:c9:12:88:4d:19:0b:ca:0f:2f:
52:e8:fb:60:d9:f2:80:4c:f9:bf:73:27:2a:4f:fc:
58:2a:e8:19:a1:47:2b:99:b2:4c:96:0d:c7:d5:c9:
19:69:3a:7e:73:52:b3:0c:da:55:0f:23:72:cc:28:
97:56:1c:e1:b9:28:ea:cb:b1:1a:64:b6:f2:30:30:
3f:09:fe:c9:8e:64:9c:d5:24:2f:3e:66:ab:bf:ae:
15:f9:bb:b9:9f:3e:99:ec:4c:4c:48:2c:08:03:2e:
ce:a5:e1:3d:0b:a3:c3:1a:45:b5:9d:92:f7:8f:4b:
9d:9d:91:bf:4c:be:bb:19:f9:ba:cc:12:aa:2f:fb:
1e:48:62:71:40:15:e4:7d:93:71:45:00:11:f6:09:
ef:04:bc:b9:76:61:8c:6e:98:94:f0:c9:27:89:64:
25:b2:86:03:97:48:75:f8:3f:04:e3:dc:d2:d2:82:
be:46:5c:14:29:26:29:eb:9e:74:82:76:fc:4b:2b:
e5:75:b6:1c:21:2b:68:5f:fb:5f:89:3e:17:fb:ac:
30:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:DD:C4:7B:B1:9A:BC:2F:CD:2E:0C:1A:4B:12:29:F5:8A:2E:74:B8
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/DB942F06F4EC11EFA10DE278762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.195.30.0/24
Signature Algorithm: sha256WithRSAEncryption
5b:08:ec:d2:87:8e:c7:58:1a:b8:51:d8:25:d6:db:50:2b:40:
6e:16:83:e6:d0:83:d6:59:61:8d:cb:3b:aa:5a:29:1f:ac:c7:
e2:8a:f6:07:3d:87:77:b7:92:bf:31:42:f8:77:9c:31:3a:4a:
54:23:17:b3:75:e8:7f:f1:45:80:0e:ed:88:ec:b5:75:9b:cd:
4a:07:89:ec:b9:39:9c:62:eb:84:88:95:45:c8:75:00:46:c3:
67:25:a7:ce:37:30:f8:9e:59:a1:b5:9e:49:d5:a5:32:71:1f:
3f:df:e1:95:26:90:14:58:fc:85:57:b8:20:cf:3c:a4:4c:a0:
1f:3e:a1:57:22:9d:f3:43:f6:20:94:67:43:3d:db:c2:16:87:
ac:7c:e6:5c:5f:cd:23:ca:a7:6c:23:eb:cd:84:4a:e2:4a:a4:
6c:ea:9f:2a:2b:3d:c8:b6:fa:e7:cb:76:49:5f:b6:d1:97:39:
89:95:02:7c:f3:4b:42:82:95:e9:b8:bc:d5:39:b2:34:e0:cd:
61:fa:06:a7:3e:83:e3:a1:5e:1d:4f:73:84:07:a1:b1:97:95:
3e:09:f2:76:b1:91:24:b5:f0:7c:a4:3c:58:f2:47:60:c4:be:
b3:49:98:4b:07:aa:63:76:14:12:e3:9b:2f:1b:49:86:b0:da:
f8:28:f0:44
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAWcvMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMjI3MDkyNTU3WhcNMjUwMzI2MDkyNTU3WjAYMRYw
FAYDVQQDEw02N2MwMmZhOC05NDc0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA0Elj4Z3k/5UHlBLVd920ZYss/5Zi1AxakfRv/T8QZiwV1KeUAw5R4pjN
OoIkPtAQBT/JEohNGQvKDy9S6Ptg2fKATPm/cycqT/xYKugZoUcrmbJMlg3H1ckZ
aTp+c1KzDNpVDyNyzCiXVhzhuSjqy7EaZLbyMDA/Cf7JjmSc1SQvPmarv64V+bu5
nz6Z7ExMSCwIAy7OpeE9C6PDGkW1nZL3j0udnZG/TL67Gfm6zBKqL/seSGJxQBXk
fZNxRQAR9gnvBLy5dmGMbpiU8MkniWQlsoYDl0h1+D8E49zS0oK+RlwUKSYp6550
gnb8SyvldbYcIStoX/tfiT4X+6wwrwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFCjd
xHuxmrwvzS4MGksSKfWKLnS4MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9EQjk0MkYwNkY0RUMxMUVGQTEwREUyNzg3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmsMeMA0GCSqGSIb3DQEB
CwUAA4IBAQBbCOzSh47HWBq4Udgl1ttQK0BuFoPm0IPWWWGNyzuqWikfrMfiivYH
PYd3t5K/MUL4d5wxOkpUIxezdeh/8UWADu2I7LV1m81KB4nsuTmcYuuEiJVFyHUA
RsNnJafONzD4nlmhtZ5J1aUycR8/3+GVJpAUWPyFV7ggzzykTKAfPqFXIp3zQ/Yg
lGdDPdvCFoesfOZcX80jyqdsI+vNhEriSqRs6p8qKz3Itvrny3ZJX7bRlzmJlQJ8
80tCgpXpuLzVObI04M1h+ganPoPjoV4dT3OEB6Gxl5U+CfJ2sZEktfB8pDxY8kdg
xL6zSZhLB6pjdhQS45svG0mGsNr4KPBE
-----END CERTIFICATE-----
Generated at Fri May 9 06:26:49 2025 by rpki-client