Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/E07BB95AF51C11EF9D9B51BF762E951A.roa
File: E07BB95AF51C11EF9D9B51BF762E951A.roa (raw, json)
Hash identifier: UJQWxDX2yTrdEubqueyBzYnl323qD93ibDEswaeHFTw=
Subject key identifier: E6:41:86:45:D8:F0:86:DE:69:FD:A0:D6:5B:F8:4D:C4:C5:26:42:B6
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0168EC
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/E07BB95AF51C11EF9D9B51BF762E951A.roa
Signing time: Thu 27 Feb 2025 15:09:45 +0000
ROA not before: Thu 27 Feb 2025 15:09:41 +0000
ROA not after: Wed 26 Mar 2025 15:09:41 +0000
asID: 62240
IP address blocks: 154.196.60.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 92396 (0x168ec)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Feb 27 15:09:41 2025 GMT
Not After : Mar 26 15:09:41 2025 GMT
Subject: CN=67c08038-8768
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:f1:37:c3:24:63:fd:b9:d6:5a:af:e4:8e:f1:
86:aa:32:67:d2:0e:20:ee:d3:c2:ec:32:e0:0f:07:
04:12:23:d3:53:6b:ba:0e:94:7d:fe:9c:f4:8e:31:
84:74:9b:5f:4a:1a:82:43:33:19:95:a6:0c:c9:ec:
fd:8e:dd:b9:3e:4b:5b:ac:00:1c:02:3c:22:22:57:
eb:72:1f:63:c1:48:70:d2:fc:ab:1a:c0:00:fa:c5:
c4:6e:ab:8e:99:47:97:66:4c:63:aa:41:28:f8:5c:
f7:be:8c:7f:47:20:7a:5c:b7:86:62:f2:bc:e7:73:
bb:28:ae:db:61:67:f4:b8:79:9d:99:43:58:10:e5:
73:58:81:79:af:12:9e:20:87:71:94:43:c6:f9:04:
5a:92:36:81:d6:f3:a2:ff:db:d4:13:74:b8:d5:5c:
be:39:85:93:95:d3:b3:4d:93:21:f8:35:52:34:f8:
82:75:56:d7:f7:10:00:d2:ab:4a:40:cd:26:31:07:
b1:20:7a:62:a7:90:4b:37:8e:a1:5b:33:65:d0:57:
3d:c8:06:f4:18:ca:6c:44:57:cc:e9:e9:40:59:76:
b9:09:ab:bf:84:1d:6d:9e:62:4b:83:16:66:72:a7:
75:fc:e5:bc:07:44:9f:e4:7f:6b:d6:e2:6a:dc:09:
20:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:41:86:45:D8:F0:86:DE:69:FD:A0:D6:5B:F8:4D:C4:C5:26:42:B6
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/E07BB95AF51C11EF9D9B51BF762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.196.60.0/24
Signature Algorithm: sha256WithRSAEncryption
d2:35:1d:9c:bc:91:0f:0f:9c:bb:b4:5f:c6:6e:30:ef:5c:63:
f3:0c:da:ee:61:d4:08:ea:f1:11:9d:0d:01:93:6f:56:67:b5:
bc:70:de:f0:45:9d:5b:0f:52:f1:e4:9c:23:94:6e:d7:e3:c9:
06:45:8f:7a:34:cd:61:4b:96:33:8b:51:c6:dd:89:6f:a8:dc:
56:e3:02:5a:2f:0c:a7:2e:f0:98:19:fe:d7:2a:9b:30:42:dc:
a8:95:92:a8:4e:0b:72:ce:d2:4f:5c:68:e4:1a:f6:36:93:f0:
fb:3e:f7:37:12:66:ab:37:e5:45:76:d4:38:b1:15:aa:77:03:
11:86:a2:5f:7a:ee:7a:85:07:40:da:f5:57:cd:80:70:4f:56:
8b:b9:86:85:2d:f5:da:9a:4a:59:97:b6:8b:e4:44:9a:f3:0d:
c4:21:23:9c:f0:83:fa:e6:45:0f:8b:88:d7:b7:68:d8:78:35:
c8:d0:05:94:d8:85:9a:f8:02:ed:c5:8e:e4:10:9c:d9:8e:b7:
a8:6f:30:52:1e:d1:ce:eb:4a:5c:19:78:3d:19:eb:1d:56:80:
ff:f4:19:3b:ab:f3:68:0a:7d:db:e6:e3:db:b9:ee:83:e6:e9:
4d:0b:07:e6:93:b3:96:d7:81:6d:72:0f:58:15:a8:79:55:d6:
5a:40:90:1b
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAWjsMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMjI3MTUwOTQxWhcNMjUwMzI2MTUwOTQxWjAYMRYw
FAYDVQQDEw02N2MwODAzOC04NzY4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAmvE3wyRj/bnWWq/kjvGGqjJn0g4g7tPC7DLgDwcEEiPTU2u6DpR9/pz0
jjGEdJtfShqCQzMZlaYMyez9jt25PktbrAAcAjwiIlfrch9jwUhw0vyrGsAA+sXE
bquOmUeXZkxjqkEo+Fz3vox/RyB6XLeGYvK853O7KK7bYWf0uHmdmUNYEOVzWIF5
rxKeIIdxlEPG+QRakjaB1vOi/9vUE3S41Vy+OYWTldOzTZMh+DVSNPiCdVbX9xAA
0qtKQM0mMQexIHpip5BLN46hWzNl0Fc9yAb0GMpsRFfM6elAWXa5Cau/hB1tnmJL
gxZmcqd1/OW8B0Sf5H9r1uJq3Akg9wIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFOZB
hkXY8Ibeaf2g1lv4TcTFJkK2MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9FMDdCQjk1QUY1MUMxMUVGOUQ5QjUxQkY3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmsQ8MA0GCSqGSIb3DQEB
CwUAA4IBAQDSNR2cvJEPD5y7tF/GbjDvXGPzDNruYdQI6vERnQ0Bk29WZ7W8cN7w
RZ1bD1Lx5JwjlG7X48kGRY96NM1hS5Yzi1HG3YlvqNxW4wJaLwynLvCYGf7XKpsw
QtyolZKoTgtyztJPXGjkGvY2k/D7Pvc3EmarN+VFdtQ4sRWqdwMRhqJfeu56hQdA
2vVXzYBwT1aLuYaFLfXamkpZl7aL5ESa8w3EISOc8IP65kUPi4jXt2jYeDXI0AWU
2IWa+ALtxY7kEJzZjreobzBSHtHO60pcGXg9GesdVoD/9Bk7q/NoCn3b5uPbue6D
5ulNCwfmk7OW14Ftcg9YFah5VdZaQJAb
-----END CERTIFICATE-----
Generated at Fri May 9 06:59:00 2025 by rpki-client