Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/E9D59D62F29D11EFBDBA6FA7762E951A.roa
File: E9D59D62F29D11EFBDBA6FA7762E951A.roa (raw, json)
Hash identifier: pxb4k6iheLiKTzrrMrcYXXSQoaUrpsoCsF+EVHtmJIg=
Subject key identifier: 14:6C:89:85:FF:2C:02:50:CF:B8:03:F1:31:08:FB:12:B1:29:15:8F
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 015BC6
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/E9D59D62F29D11EFBDBA6FA7762E951A.roa
Signing time: Mon 24 Feb 2025 10:55:52 +0000
ROA not before: Mon 24 Feb 2025 10:55:48 +0000
ROA not after: Wed 26 Mar 2025 10:55:48 +0000
asID: 5065
IP address blocks: 154.94.37.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 89030 (0x15bc6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Feb 24 10:55:48 2025 GMT
Not After : Mar 26 10:55:48 2025 GMT
Subject: CN=67bc5038-257c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:4e:45:b8:34:d3:5b:62:ec:04:bf:5c:48:37:
53:36:84:7a:bf:67:31:2d:f3:f2:cf:14:cc:34:16:
2c:2e:0a:2b:9f:e7:36:51:60:4c:40:f6:82:8d:fc:
1f:82:0d:15:ea:7d:12:10:08:ce:59:9b:a4:f4:59:
fc:fe:41:e4:82:c4:5c:07:1a:b6:90:15:60:67:86:
2b:6c:0e:72:ff:4e:6a:9d:0b:32:51:97:4f:84:8b:
b1:a7:f7:ca:0e:b1:01:c5:fd:73:1c:30:73:d7:d1:
2b:b6:81:f5:fd:fe:b3:b2:d8:be:f9:e1:e1:f5:a2:
e1:3c:8e:da:7a:0c:93:00:61:6b:c4:cd:0a:d3:34:
2b:d7:cb:bb:14:a7:32:ff:6f:4c:db:c7:b7:17:8b:
c8:05:a8:3c:fa:eb:69:fb:61:2d:a2:ed:8b:30:45:
e5:3f:b8:b2:68:69:8d:97:04:8e:0a:8e:fe:40:70:
70:d9:ed:52:52:ef:bb:f1:d3:75:07:31:3f:ad:c3:
a9:f3:8b:f6:87:d0:66:38:23:9d:42:06:99:26:6e:
fe:06:e6:97:3e:86:da:91:6d:be:12:db:93:15:b4:
61:28:fe:d1:4a:16:ce:ed:89:2e:32:af:08:7d:59:
a3:40:2a:66:7f:81:93:bd:16:df:b1:91:0e:3e:cf:
d9:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:6C:89:85:FF:2C:02:50:CF:B8:03:F1:31:08:FB:12:B1:29:15:8F
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/E9D59D62F29D11EFBDBA6FA7762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.94.37.0/24
Signature Algorithm: sha256WithRSAEncryption
22:ae:ac:b7:78:16:00:24:7b:90:40:57:5c:ed:da:6c:09:73:
a1:3b:44:7c:17:d5:2c:29:57:d3:9a:88:a0:d4:df:ee:43:f4:
62:f3:03:fd:33:38:f7:88:9c:9e:68:2e:20:9a:09:97:b7:fb:
88:89:82:98:36:03:b4:57:c7:97:1d:e9:df:0a:be:c1:b2:59:
d0:85:84:be:05:30:79:8f:42:9c:43:f9:60:6d:ba:3d:e6:bf:
d5:c1:99:f9:74:9a:6b:d6:40:88:bd:b5:fb:17:fa:b6:59:b1:
31:d3:8b:07:7a:d3:f7:8f:e4:55:0d:60:0f:df:44:a8:de:2e:
b7:87:14:68:15:c1:e6:d9:65:a0:ab:e8:74:09:87:d1:97:6b:
86:8e:fa:83:e2:de:48:d4:4c:8a:df:0f:54:e7:90:12:89:5d:
81:5a:c8:40:e5:c5:55:80:b9:1e:1b:24:58:43:4f:ff:31:e5:
c5:b2:9c:0d:13:dc:58:76:b4:70:d2:e0:30:7d:b6:92:42:d8:
2d:98:7e:a8:b4:8c:c4:b2:7c:f4:f1:bf:5f:c2:71:3a:6e:d3:
e6:56:83:59:58:bd:a1:00:d8:0b:6b:64:91:4b:39:3a:07:29:
3f:d8:ef:67:23:37:53:32:47:20:a5:f3:35:a5:cd:4b:51:74:
dd:10:df:43
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAVvGMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMjI0MTA1NTQ4WhcNMjUwMzI2MTA1NTQ4WjAYMRYw
FAYDVQQDEw02N2JjNTAzOC0yNTdjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAzU5FuDTTW2LsBL9cSDdTNoR6v2cxLfPyzxTMNBYsLgorn+c2UWBMQPaC
jfwfgg0V6n0SEAjOWZuk9Fn8/kHkgsRcBxq2kBVgZ4YrbA5y/05qnQsyUZdPhIux
p/fKDrEBxf1zHDBz19ErtoH1/f6zsti++eHh9aLhPI7aegyTAGFrxM0K0zQr18u7
FKcy/29M28e3F4vIBag8+utp+2Etou2LMEXlP7iyaGmNlwSOCo7+QHBw2e1SUu+7
8dN1BzE/rcOp84v2h9BmOCOdQgaZJm7+BuaXPobakW2+EtuTFbRhKP7RShbO7Yku
Mq8IfVmjQCpmf4GTvRbfsZEOPs/ZiQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFBRs
iYX/LAJQz7gD8TEI+xKxKRWPMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9FOUQ1OUQ2MkYyOUQxMUVGQkRCQTZGQTc3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAml4lMA0GCSqGSIb3DQEB
CwUAA4IBAQAirqy3eBYAJHuQQFdc7dpsCXOhO0R8F9UsKVfTmoig1N/uQ/Ri8wP9
Mzj3iJyeaC4gmgmXt/uIiYKYNgO0V8eXHenfCr7BslnQhYS+BTB5j0KcQ/lgbbo9
5r/VwZn5dJpr1kCIvbX7F/q2WbEx04sHetP3j+RVDWAP30So3i63hxRoFcHm2WWg
q+h0CYfRl2uGjvqD4t5I1EyK3w9U55ASiV2BWshA5cVVgLkeGyRYQ0//MeXFspwN
E9xYdrRw0uAwfbaSQtgtmH6otIzEsnz08b9fwnE6btPmVoNZWL2hANgLa2SRSzk6
Byk/2O9nIzdTMkcgpfM1pc1LUXTdEN9D
-----END CERTIFICATE-----
Generated at Fri May 9 11:54:23 2025 by rpki-client