Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/E1C61DB6F4F211EFBB4F21A2762E951A.roa
File: E1C61DB6F4F211EFBB4F21A2762E951A.roa (raw, json)
Hash identifier: KLNYQh6qyDZNtO231YuRCDRx/QuBzSAKtcRpxn0N18M=
Subject key identifier: CB:46:98:50:50:DC:EE:43:BC:12:E8:E2:19:3F:80:92:20:EF:7A:68
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01678D
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/E1C61DB6F4F211EFBB4F21A2762E951A.roa
Signing time: Thu 27 Feb 2025 10:09:08 +0000
ROA not before: Thu 27 Feb 2025 10:09:04 +0000
ROA not after: Wed 26 Mar 2025 10:09:04 +0000
asID: 62240
IP address blocks: 154.195.110.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 92045 (0x1678d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Feb 27 10:09:04 2025 GMT
Not After : Mar 26 10:09:04 2025 GMT
Subject: CN=67c039c4-6e00
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:9c:be:65:03:f3:f7:20:47:64:36:da:8d:4a:
76:7a:2c:cc:e1:54:ad:1b:71:02:0b:59:b0:bc:18:
15:b9:3c:db:04:64:51:02:a1:78:af:0d:9a:24:48:
86:8e:8d:fa:a7:4b:e0:48:cf:a1:18:01:f1:19:b5:
c0:b4:ab:a3:78:0b:da:32:e2:dd:46:55:19:76:4a:
03:2d:a6:81:1f:c6:b0:a7:ab:5b:e2:61:20:66:f5:
54:ca:18:14:9b:aa:a1:a1:d5:2e:83:c9:c8:91:c9:
c7:b0:c5:d3:86:0a:97:1a:5e:73:05:57:30:b9:51:
43:48:7f:03:c4:60:a0:6b:22:cd:d6:f1:ec:b5:d5:
c2:46:4c:07:cf:22:a7:63:fd:5e:33:dc:6b:47:cb:
1a:64:db:c2:a9:e8:6d:e6:14:0b:5d:3c:80:1a:f4:
fe:4d:a9:d8:81:64:a1:93:d6:6d:f0:d8:d4:a7:c7:
d3:4d:12:3a:b2:dd:63:8f:4d:76:87:8e:79:23:42:
bd:76:6c:b6:a7:79:f7:83:0e:28:04:5e:79:de:71:
cc:ca:ef:43:a3:1b:69:29:be:57:4c:b2:93:2a:29:
9c:5a:42:32:84:8b:70:96:95:8e:5f:d7:ea:d6:4b:
6a:a9:bc:53:f8:74:bf:5f:f2:98:44:f2:bc:4d:4d:
10:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:46:98:50:50:DC:EE:43:BC:12:E8:E2:19:3F:80:92:20:EF:7A:68
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/E1C61DB6F4F211EFBB4F21A2762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.195.110.0/24
Signature Algorithm: sha256WithRSAEncryption
2d:f1:a1:21:47:d5:13:80:7e:f2:d7:01:8b:94:60:64:f0:69:
28:a6:62:c3:2d:bc:29:39:77:23:c8:25:0e:9f:d5:7a:ea:ce:
61:b6:b8:e0:0d:c7:db:8f:11:07:25:9a:2c:ed:30:35:e1:98:
54:2e:7a:71:3c:31:4e:69:6c:c1:25:c0:3b:25:3b:35:96:a3:
d3:14:21:17:4a:1a:0a:cc:6f:00:77:d9:e3:97:3a:da:c6:a5:
ce:83:7d:67:2d:89:0b:30:74:94:2a:06:79:8f:65:a8:cc:1d:
43:61:be:bc:9c:2c:9e:60:01:9c:78:ad:80:a8:4d:3d:67:02:
85:3f:6b:23:a2:e5:26:48:0f:c4:07:d0:ec:ca:7c:74:ed:5c:
f9:7d:04:52:60:64:17:7c:3d:6a:06:0a:66:52:a7:bc:42:b8:
7e:d0:b3:fa:d3:01:12:41:3d:00:c9:cc:aa:c8:86:cd:df:49:
2c:2e:19:03:32:38:ae:f7:66:74:c2:ff:a8:c2:54:61:cc:a0:
cb:cd:a8:71:0d:df:8a:e1:8f:4b:4e:91:a2:77:65:bf:2a:24:
ca:f1:10:af:fe:66:76:32:29:69:23:85:97:70:a0:1a:4a:6f:
3f:5c:a5:c5:bf:98:78:0d:12:15:ab:33:e1:84:d3:98:52:22:
34:a6:8e:0a
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAWeNMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMjI3MTAwOTA0WhcNMjUwMzI2MTAwOTA0WjAYMRYw
FAYDVQQDEw02N2MwMzljNC02ZTAwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAy5y+ZQPz9yBHZDbajUp2eizM4VStG3ECC1mwvBgVuTzbBGRRAqF4rw2a
JEiGjo36p0vgSM+hGAHxGbXAtKujeAvaMuLdRlUZdkoDLaaBH8awp6tb4mEgZvVU
yhgUm6qhodUug8nIkcnHsMXThgqXGl5zBVcwuVFDSH8DxGCgayLN1vHstdXCRkwH
zyKnY/1eM9xrR8saZNvCqeht5hQLXTyAGvT+TanYgWShk9Zt8NjUp8fTTRI6st1j
j012h455I0K9dmy2p3n3gw4oBF553nHMyu9DoxtpKb5XTLKTKimcWkIyhItwlpWO
X9fq1ktqqbxT+HS/X/KYRPK8TU0QMQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFMtG
mFBQ3O5DvBLo4hk/gJIg73poMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9FMUM2MURCNkY0RjIxMUVGQkI0RjIxQTI3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmsNuMA0GCSqGSIb3DQEB
CwUAA4IBAQAt8aEhR9UTgH7y1wGLlGBk8GkopmLDLbwpOXcjyCUOn9V66s5htrjg
DcfbjxEHJZos7TA14ZhULnpxPDFOaWzBJcA7JTs1lqPTFCEXShoKzG8Ad9njlzra
xqXOg31nLYkLMHSUKgZ5j2WozB1DYb68nCyeYAGceK2AqE09ZwKFP2sjouUmSA/E
B9Dsynx07Vz5fQRSYGQXfD1qBgpmUqe8Qrh+0LP60wESQT0AycyqyIbN30ksLhkD
Mjiu92Z0wv+owlRhzKDLzahxDd+K4Y9LTpGid2W/KiTK8RCv/mZ2MilpI4WXcKAa
Sm8/XKXFv5h4DRIVqzPhhNOYUiI0po4K
-----END CERTIFICATE-----
Generated at Fri May 9 07:12:52 2025 by rpki-client