Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/DF9A5388F8DD11EF9F75095C762E951A.roa
File: DF9A5388F8DD11EF9F75095C762E951A.roa (raw, json)
Hash identifier: xHwaIEwTijuvu2UjkaMqeoUS0Jr1bPb0YIhM+a6LQfs=
Subject key identifier: A0:14:D4:BF:8A:CF:31:17:7C:4B:52:83:76:34:B5:B4:79:C1:00:1D
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01719A
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/DF9A5388F8DD11EF9F75095C762E951A.roa
Signing time: Tue 04 Mar 2025 09:48:49 +0000
ROA not before: Tue 04 Mar 2025 09:48:46 +0000
ROA not after: Sun 06 Apr 2025 09:48:46 +0000
asID: 147176
IP address blocks: 154.212.139.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 94618 (0x1719a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Mar 4 09:48:46 2025 GMT
Not After : Apr 6 09:48:46 2025 GMT
Subject: CN=67c6cc81-5cc0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:26:84:74:f2:e8:20:11:ec:63:02:3f:be:17:
a3:f2:5d:63:f2:08:04:98:b9:c3:6e:51:9d:0e:ea:
2a:53:d1:7f:83:41:d4:ab:1f:f7:0e:81:e5:80:25:
83:80:fa:82:c1:09:f3:f4:ca:65:88:d8:c2:3f:f5:
42:a0:85:0d:94:21:e0:f0:cc:dd:c4:bd:a7:e1:1e:
a9:48:70:e7:89:00:50:05:64:6e:13:0a:66:d5:69:
a8:93:53:18:a7:f6:68:fe:0a:b1:57:3b:9b:bf:b2:
39:91:85:60:29:1f:19:57:29:b1:d5:ad:2f:6b:e7:
8b:7d:34:38:9e:79:6d:26:f2:7d:bf:70:eb:91:f6:
32:aa:02:83:cf:a0:d1:9a:ed:ae:a1:30:cd:35:af:
c2:a1:6b:b5:77:f8:44:58:65:f8:d8:1c:5b:c7:a2:
0f:a3:78:d9:df:50:79:d7:e6:2c:42:1d:e8:0f:f6:
24:cc:7d:c1:54:44:19:24:6b:d5:00:51:b1:b5:b1:
32:8a:14:fd:bc:d5:54:56:14:78:18:96:10:02:52:
af:6e:6d:37:44:7e:27:36:ed:00:53:6c:99:f8:4e:
00:b8:14:85:cf:b6:b5:0b:26:3b:9a:5d:62:25:f4:
20:fe:de:a6:d6:60:a7:a1:ec:7c:84:7c:a1:bd:1d:
fa:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:14:D4:BF:8A:CF:31:17:7C:4B:52:83:76:34:B5:B4:79:C1:00:1D
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/DF9A5388F8DD11EF9F75095C762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.212.139.0/24
Signature Algorithm: sha256WithRSAEncryption
91:b9:59:a7:c4:7e:58:54:7a:35:b4:3d:f3:e6:6d:29:11:da:
4f:b6:c3:39:4c:b7:69:b8:e0:64:fb:6d:d6:a1:eb:37:e5:e3:
b9:8e:5e:aa:01:e2:9c:b2:2e:ba:b6:54:79:9a:11:5e:4f:10:
70:60:01:2e:1d:11:f1:5b:ee:40:cd:ea:c7:0a:35:6f:65:e7:
43:47:8b:a4:90:9a:d3:0e:06:2a:31:b1:03:6c:2d:8b:a2:8f:
99:8d:4d:7e:22:2f:b2:56:4d:6c:a2:f7:20:15:09:b3:bb:35:
c5:8e:b9:4b:4a:b4:ec:35:c0:ac:59:a0:8d:e3:56:5d:6e:fd:
8a:46:67:d1:90:bd:f5:dc:75:a1:97:26:3b:da:89:cc:99:05:
8a:b9:4e:44:5b:65:15:a3:50:72:96:c2:b9:7f:d1:0b:6f:81:
ef:b7:c1:8f:65:20:f4:c5:b0:dc:66:59:95:83:2b:8f:cf:2f:
e7:b5:2b:49:dd:c3:3d:51:71:00:2e:e7:9a:a7:2f:0f:11:d7:
d7:90:a1:5e:f5:f4:6b:01:3a:65:f0:40:db:0d:25:c8:e3:29:
9c:fc:c5:e5:dc:47:45:cb:0e:1f:54:e0:a5:54:31:d8:be:c9:
9f:c8:5c:d6:17:89:cd:0f:aa:76:54:dc:a3:93:ae:15:25:a1:
e4:a6:fd:d9
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAXGaMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMzA0MDk0ODQ2WhcNMjUwNDA2MDk0ODQ2WjAYMRYw
FAYDVQQDEw02N2M2Y2M4MS01Y2MwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEApiaEdPLoIBHsYwI/vhej8l1j8ggEmLnDblGdDuoqU9F/g0HUqx/3DoHl
gCWDgPqCwQnz9MpliNjCP/VCoIUNlCHg8MzdxL2n4R6pSHDniQBQBWRuEwpm1Wmo
k1MYp/Zo/gqxVzubv7I5kYVgKR8ZVymx1a0va+eLfTQ4nnltJvJ9v3DrkfYyqgKD
z6DRmu2uoTDNNa/CoWu1d/hEWGX42Bxbx6IPo3jZ31B51+YsQh3oD/YkzH3BVEQZ
JGvVAFGxtbEyihT9vNVUVhR4GJYQAlKvbm03RH4nNu0AU2yZ+E4AuBSFz7a1CyY7
ml1iJfQg/t6m1mCnoex8hHyhvR36iQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFKAU
1L+KzzEXfEtSg3Y0tbR5wQAdMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9ERjlBNTM4OEY4REQxMUVGOUY3NTA5NUM3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmtSLMA0GCSqGSIb3DQEB
CwUAA4IBAQCRuVmnxH5YVHo1tD3z5m0pEdpPtsM5TLdpuOBk+23Woes35eO5jl6q
AeKcsi66tlR5mhFeTxBwYAEuHRHxW+5AzerHCjVvZedDR4ukkJrTDgYqMbEDbC2L
oo+ZjU1+Ii+yVk1sovcgFQmzuzXFjrlLSrTsNcCsWaCN41Zdbv2KRmfRkL313HWh
lyY72onMmQWKuU5EW2UVo1BylsK5f9ELb4Hvt8GPZSD0xbDcZlmVgyuPzy/ntStJ
3cM9UXEALueapy8PEdfXkKFe9fRrATpl8EDbDSXI4ymc/MXl3EdFyw4fVOClVDHY
vsmfyFzWF4nND6p2VNyjk64VJaHkpv3Z
-----END CERTIFICATE-----
Generated at Thu Apr 10 16:42:12 2025 by rpki-client