Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/E569EA7AF62C11EFB182E883762E951A.roa
File: E569EA7AF62C11EFB182E883762E951A.roa (raw, json)
Hash identifier: cYAIgsNjWNWbSSsQ8ZkDGFLbjKeGIMZs/RTA1kKelX4=
Subject key identifier: 4B:54:12:2F:15:54:F9:4C:38:E1:FD:5B:A6:D2:1C:95:5F:57:93:DE
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 016CD9
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/E569EA7AF62C11EFB182E883762E951A.roa
Signing time: Fri 28 Feb 2025 23:36:56 +0000
ROA not before: Fri 28 Feb 2025 23:36:52 +0000
ROA not after: Wed 26 Mar 2025 23:36:52 +0000
asID: 62240
IP address blocks: 154.194.4.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 93401 (0x16cd9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Feb 28 23:36:52 2025 GMT
Not After : Mar 26 23:36:52 2025 GMT
Subject: CN=67c24898-1e29
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:5a:59:97:e6:d5:17:eb:ef:28:58:01:c8:cf:
e0:1d:a1:ec:ad:fc:54:bb:5e:d6:ef:4f:cd:2c:cd:
c2:1b:fb:fd:91:41:d8:56:31:4a:55:26:f9:4e:0b:
58:7e:bf:7a:ac:d1:05:ab:88:e5:e3:8c:da:e9:3c:
f8:3e:bc:9e:ca:d1:59:52:ac:1f:40:e4:03:86:54:
56:be:73:2c:2f:d2:8c:51:a1:d9:40:cf:50:93:65:
f2:d2:7d:9c:9d:a9:fc:c0:62:68:2d:89:8e:55:5f:
32:2c:96:ff:d2:4a:ab:da:8a:88:b6:43:4f:42:9b:
c5:34:21:3b:e2:89:91:34:d6:4b:b2:a4:bd:d0:7b:
d1:d3:05:d9:a0:9e:a5:17:43:b8:d9:f2:95:e1:94:
2b:d9:53:20:11:64:c5:b4:87:40:e4:3c:72:c0:0a:
16:4c:b3:5e:31:85:02:4a:99:db:30:73:35:12:d3:
d0:d0:b9:79:59:12:fc:39:2c:56:57:18:3c:ba:4f:
3c:84:ab:bc:ef:23:c9:d3:92:38:8e:a0:de:45:ec:
04:59:13:3f:e7:a4:85:ee:9f:23:f6:f8:39:be:74:
2e:39:37:2b:82:a7:5b:24:41:42:00:d8:a0:fc:87:
10:8e:f1:2c:f0:f3:e3:91:8e:0b:5e:e5:39:38:12:
bd:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:54:12:2F:15:54:F9:4C:38:E1:FD:5B:A6:D2:1C:95:5F:57:93:DE
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/E569EA7AF62C11EFB182E883762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.194.4.0/24
Signature Algorithm: sha256WithRSAEncryption
67:77:d5:85:65:1a:04:03:ed:0a:56:e6:eb:55:e9:8b:e2:db:
30:d0:bc:a0:09:38:27:70:bf:74:fb:e3:cf:41:38:b8:ce:6d:
e6:49:e5:a0:f4:b1:e8:80:2c:9f:5c:e5:8e:82:25:06:5d:8e:
6b:e1:17:67:0f:38:b0:90:05:ae:96:f9:5d:59:d0:d6:2b:d6:
2c:03:31:38:15:80:b4:95:da:de:bf:59:cf:fe:b2:6e:72:32:
1b:50:b8:c5:1d:79:34:2a:95:d2:8c:57:8b:fd:12:ac:96:af:
12:1b:3f:6d:a7:f2:c4:a5:41:c4:49:af:93:b4:1e:e7:ca:72:
0d:05:f5:44:d4:00:cf:3c:a0:57:4d:c7:de:dd:ac:81:ef:5a:
3e:74:b2:e4:cd:96:b5:1e:11:36:b9:78:74:af:80:d8:09:c3:
b8:31:d7:58:75:b3:1e:f7:10:f8:83:98:78:a6:6d:50:9c:77:
52:54:e9:ca:ea:a5:93:49:64:b1:48:0a:05:b5:ed:2a:c9:2b:
ab:dc:6b:09:e4:b5:75:fa:56:7c:99:3b:a6:ce:69:16:33:8a:
7a:a2:ae:5a:28:94:15:8e:77:a3:18:40:00:ed:fc:95:16:88:
ad:18:ff:f7:29:fc:dc:53:45:49:c5:9a:73:8b:f2:a4:aa:c6:
bf:96:2e:d6
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAWzZMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMjI4MjMzNjUyWhcNMjUwMzI2MjMzNjUyWjAYMRYw
FAYDVQQDEw02N2MyNDg5OC0xZTI5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAtFpZl+bVF+vvKFgByM/gHaHsrfxUu17W70/NLM3CG/v9kUHYVjFKVSb5
TgtYfr96rNEFq4jl44za6Tz4PryeytFZUqwfQOQDhlRWvnMsL9KMUaHZQM9Qk2Xy
0n2cnan8wGJoLYmOVV8yLJb/0kqr2oqItkNPQpvFNCE74omRNNZLsqS90HvR0wXZ
oJ6lF0O42fKV4ZQr2VMgEWTFtIdA5DxywAoWTLNeMYUCSpnbMHM1EtPQ0Ll5WRL8
OSxWVxg8uk88hKu87yPJ05I4jqDeRewEWRM/56SF7p8j9vg5vnQuOTcrgqdbJEFC
ANig/IcQjvEs8PPjkY4LXuU5OBK99wIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFEtU
Ei8VVPlMOOH9W6bSHJVfV5PeMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9FNTY5RUE3QUY2MkMxMUVGQjE4MkU4ODM3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmsIEMA0GCSqGSIb3DQEB
CwUAA4IBAQBnd9WFZRoEA+0KVubrVemL4tsw0LygCTgncL90++PPQTi4zm3mSeWg
9LHogCyfXOWOgiUGXY5r4RdnDziwkAWulvldWdDWK9YsAzE4FYC0ldrev1nP/rJu
cjIbULjFHXk0KpXSjFeL/RKslq8SGz9tp/LEpUHESa+TtB7nynINBfVE1ADPPKBX
Tcfe3ayB71o+dLLkzZa1HhE2uXh0r4DYCcO4MddYdbMe9xD4g5h4pm1QnHdSVOnK
6qWTSWSxSAoFte0qySur3GsJ5LV1+lZ8mTumzmkWM4p6oq5aKJQVjnejGEAA7fyV
FoitGP/3KfzcU0VJxZpzi/Kkqsa/li7W
-----END CERTIFICATE-----
Generated at Fri May 9 06:40:17 2025 by rpki-client