Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/E4BF56C0F4E511EF9EB9464A762E951A.roa
File: E4BF56C0F4E511EF9EB9464A762E951A.roa (raw, json)
Hash identifier: p2bfKCoAdxRR9BJK2UBnTjX2KxeKP40F45A2OCEmYfM=
Subject key identifier: F8:78:94:A8:38:6D:8C:67:CF:0A:9F:3F:2B:38:B0:CA:F3:B1:9F:9A
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0166F3
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/E4BF56C0F4E511EF9EB9464A762E951A.roa
Signing time: Thu 27 Feb 2025 08:36:09 +0000
ROA not before: Thu 27 Feb 2025 08:36:06 +0000
ROA not after: Wed 26 Mar 2025 08:36:06 +0000
asID: 62240
IP address blocks: 154.195.187.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 91891 (0x166f3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Feb 27 08:36:06 2025 GMT
Not After : Mar 26 08:36:06 2025 GMT
Subject: CN=67c023f9-659b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:65:c6:92:59:b4:83:ac:4d:33:d8:5e:39:66:
c4:b2:9d:5a:2a:71:6f:8d:cf:78:e5:46:1a:1b:02:
2c:1e:8a:02:c4:b8:90:a4:d9:f9:6c:48:98:00:f8:
a5:8f:0d:7b:ee:60:48:fb:1e:ba:00:9a:dc:04:25:
31:b6:3d:22:90:76:16:3d:12:14:f5:ad:96:fb:90:
de:f5:60:e4:60:b1:4e:7a:46:04:b1:af:11:a0:37:
e9:6b:44:cd:0e:b6:e4:f9:21:01:df:c5:32:8f:5b:
7a:97:60:af:95:e8:40:cc:81:7b:5d:a9:8b:12:00:
60:40:09:cf:b3:e7:45:3f:9f:97:a1:d6:9b:d7:13:
fe:3c:5d:cc:f9:84:fc:82:bf:9b:0b:17:d1:42:f0:
72:c1:cc:3a:e1:55:3c:8d:d1:86:da:fd:76:81:06:
81:40:e0:93:95:5e:b9:ff:90:2d:9c:47:ee:c2:33:
1a:10:10:08:41:36:08:51:b1:8a:ee:14:22:e8:da:
10:c4:22:3b:65:b3:ac:b2:b7:7e:f0:6d:f4:37:71:
cf:a3:1a:1a:51:9f:07:5a:02:b0:37:66:5c:30:c6:
a1:40:b9:43:ad:63:db:2a:cc:6d:42:9a:d3:8f:93:
c9:98:d4:42:2c:f8:73:94:42:63:27:f2:af:b2:4a:
0b:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:78:94:A8:38:6D:8C:67:CF:0A:9F:3F:2B:38:B0:CA:F3:B1:9F:9A
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/E4BF56C0F4E511EF9EB9464A762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.195.187.0/24
Signature Algorithm: sha256WithRSAEncryption
2c:dd:6f:ea:80:35:8a:5a:d1:d7:61:fc:40:9a:04:63:65:f3:
dd:e4:f4:73:dd:4a:88:f3:0b:29:1a:53:28:e5:5d:e6:54:cf:
4c:d6:74:35:35:8f:37:fb:f5:c3:d8:63:d8:19:11:8d:fb:67:
ab:61:1a:cf:af:0f:5e:e0:fe:4f:f0:44:c6:14:70:15:af:9e:
f3:3f:a0:ee:b0:94:cd:6f:5c:fa:ee:e5:b0:1e:89:0f:cf:de:
8e:e0:ef:94:e0:88:2c:a1:92:5b:5b:7b:39:86:80:45:df:8c:
14:79:21:40:a2:30:12:4f:1b:e7:d1:4f:ec:55:1e:96:b7:ec:
67:9b:ee:3e:e1:1c:39:95:2c:eb:af:99:32:49:22:7e:a3:7f:
9e:b1:a3:2f:a6:30:ec:45:57:3a:ed:7c:ba:fc:0a:7c:3f:38:
cd:80:a4:2e:0f:f4:26:a3:6c:26:82:92:0c:3e:d8:a0:46:ef:
41:d4:e0:2c:67:98:50:f2:86:db:cc:b2:ad:5e:55:b4:95:c8:
3e:65:8d:dd:e0:7c:87:79:32:0b:62:72:40:3c:41:dd:bd:17:
c5:71:21:fe:86:f9:3c:8b:b9:56:11:aa:dd:3e:e1:b7:11:33:
3a:01:60:61:59:99:cd:38:21:2a:cc:62:46:44:e2:b7:33:2b:
51:0e:cf:cc
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAWbzMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMjI3MDgzNjA2WhcNMjUwMzI2MDgzNjA2WjAYMRYw
FAYDVQQDEw02N2MwMjNmOS02NTliMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA6WXGklm0g6xNM9heOWbEsp1aKnFvjc945UYaGwIsHooCxLiQpNn5bEiY
APiljw177mBI+x66AJrcBCUxtj0ikHYWPRIU9a2W+5De9WDkYLFOekYEsa8RoDfp
a0TNDrbk+SEB38Uyj1t6l2CvlehAzIF7XamLEgBgQAnPs+dFP5+Xodab1xP+PF3M
+YT8gr+bCxfRQvBywcw64VU8jdGG2v12gQaBQOCTlV65/5AtnEfuwjMaEBAIQTYI
UbGK7hQi6NoQxCI7ZbOssrd+8G30N3HPoxoaUZ8HWgKwN2ZcMMahQLlDrWPbKsxt
QprTj5PJmNRCLPhzlEJjJ/KvskoLkQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFPh4
lKg4bYxnzwqfPys4sMrzsZ+aMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9FNEJGNTZDMEY0RTUxMUVGOUVCOTQ2NEE3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmsO7MA0GCSqGSIb3DQEB
CwUAA4IBAQAs3W/qgDWKWtHXYfxAmgRjZfPd5PRz3UqI8wspGlMo5V3mVM9M1nQ1
NY83+/XD2GPYGRGN+2erYRrPrw9e4P5P8ETGFHAVr57zP6DusJTNb1z67uWwHokP
z96O4O+U4IgsoZJbW3s5hoBF34wUeSFAojASTxvn0U/sVR6Wt+xnm+4+4Rw5lSzr
r5kySSJ+o3+esaMvpjDsRVc67Xy6/Ap8PzjNgKQuD/Qmo2wmgpIMPtigRu9B1OAs
Z5hQ8obbzLKtXlW0lcg+ZY3d4HyHeTILYnJAPEHdvRfFcSH+hvk8i7lWEardPuG3
ETM6AWBhWZnNOCEqzGJGROK3MytRDs/M
-----END CERTIFICATE-----
Generated at Fri May 9 13:23:10 2025 by rpki-client