Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/EB95BB14F4DC11EFABDA408E762E951A.roa
File: EB95BB14F4DC11EFABDA408E762E951A.roa (raw, json)
Hash identifier: /kr/Q857eYsaS80Ni1ukG7EvQwHFcoHjyjJIWd/G6vQ=
Subject key identifier: 2B:5D:96:83:FA:08:82:CE:28:7B:DD:63:9B:98:00:27:CD:9A:46:29
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0166AD
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/EB95BB14F4DC11EFABDA408E762E951A.roa
Signing time: Thu 27 Feb 2025 07:31:55 +0000
ROA not before: Thu 27 Feb 2025 07:31:52 +0000
ROA not after: Wed 26 Mar 2025 07:31:52 +0000
asID: 62240
IP address blocks: 154.195.164.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 91821 (0x166ad)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Feb 27 07:31:52 2025 GMT
Not After : Mar 26 07:31:52 2025 GMT
Subject: CN=67c014eb-85eb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:a7:9b:49:4e:34:79:56:c6:9c:ab:ba:da:34:
5f:70:7d:71:07:fa:ea:39:8a:5a:e3:ab:16:61:57:
d6:95:2b:9d:71:1d:94:b8:a6:9a:bd:83:d1:1b:43:
b5:dd:84:0d:ff:ef:32:8d:1b:b6:9c:f8:21:e3:7d:
fe:11:f1:fa:31:b7:dc:84:b6:af:fe:fb:35:ec:07:
75:e1:f4:cf:f8:64:e5:d4:8d:ec:ee:04:eb:c3:df:
25:bf:4e:b7:4b:9f:6a:4e:fa:0f:34:ed:a1:a6:3f:
8e:3b:b1:e0:b2:ef:c3:ed:1c:b8:59:55:83:9e:73:
dc:7f:54:43:78:e1:a0:ca:5f:61:5d:5d:f9:82:3d:
4e:a8:cd:76:96:90:38:ba:f9:d8:67:f8:7a:72:db:
59:ed:29:5d:b8:35:2e:4f:3b:b8:c8:93:fe:a6:8e:
09:96:ca:1b:38:ea:c5:58:3e:70:60:cf:7d:86:af:
bd:da:34:7d:25:aa:3b:ef:23:d4:d5:56:09:f2:28:
7b:d7:ad:85:33:d8:a7:00:fe:50:74:9e:be:6f:63:
34:08:c3:f9:60:38:14:7e:6d:b3:03:85:33:66:fc:
92:4d:a3:46:3c:01:27:58:5b:4f:cc:d2:7a:87:fd:
fd:03:ac:f3:cd:da:2a:7f:a1:6b:86:09:44:7e:78:
05:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:5D:96:83:FA:08:82:CE:28:7B:DD:63:9B:98:00:27:CD:9A:46:29
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/EB95BB14F4DC11EFABDA408E762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.195.164.0/24
Signature Algorithm: sha256WithRSAEncryption
c4:b9:6d:2e:68:f9:92:a5:e7:94:de:4c:83:ed:e4:27:07:59:
57:be:e3:af:0d:56:81:c7:13:f0:e2:91:30:bc:81:73:c9:92:
97:6d:68:d2:ef:d5:3c:7a:5a:bf:e1:ee:5d:94:c3:27:ff:a1:
2a:14:ab:6c:5f:80:ff:4e:4e:1f:4c:5e:58:f1:02:4a:bb:e8:
ff:4c:24:ba:62:23:27:c5:ba:c7:78:4f:dc:01:63:17:cb:cd:
3d:08:77:ea:30:63:e3:8d:93:23:77:6d:a3:a6:2a:ef:57:8f:
d0:2c:35:d9:9a:a8:01:aa:6a:81:f2:2f:4d:6c:15:da:d4:3c:
d5:32:54:f0:6b:b3:a8:a5:2a:7b:7a:4e:0c:9c:e9:eb:47:fa:
f5:39:ef:94:66:a0:26:26:d6:15:8f:44:3c:a9:7e:6a:8a:66:
3f:fc:2c:d0:28:ef:e1:b3:99:58:17:37:81:eb:03:91:f7:7c:
b6:13:8c:42:7d:4c:e5:a0:f1:a3:bb:a4:97:5b:40:f3:3e:e1:
be:ab:c9:b5:36:63:49:6e:1e:4a:60:0e:e9:48:26:c0:7d:0d:
81:d2:97:3f:34:54:ce:a1:6b:75:08:d9:63:0d:50:5a:fa:5f:
15:07:ca:79:83:44:af:fb:77:bd:2e:53:cf:66:d7:8a:b9:79:
41:ba:04:4c
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAWatMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMjI3MDczMTUyWhcNMjUwMzI2MDczMTUyWjAYMRYw
FAYDVQQDEw02N2MwMTRlYi04NWViMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA2aebSU40eVbGnKu62jRfcH1xB/rqOYpa46sWYVfWlSudcR2UuKaavYPR
G0O13YQN/+8yjRu2nPgh433+EfH6MbfchLav/vs17Ad14fTP+GTl1I3s7gTrw98l
v063S59qTvoPNO2hpj+OO7Hgsu/D7Ry4WVWDnnPcf1RDeOGgyl9hXV35gj1OqM12
lpA4uvnYZ/h6cttZ7SlduDUuTzu4yJP+po4JlsobOOrFWD5wYM99hq+92jR9Jao7
7yPU1VYJ8ih7162FM9inAP5QdJ6+b2M0CMP5YDgUfm2zA4UzZvySTaNGPAEnWFtP
zNJ6h/39A6zzzdoqf6FrhglEfngF1wIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFCtd
loP6CILOKHvdY5uYACfNmkYpMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9FQjk1QkIxNEY0REMxMUVGQUJEQTQwOEU3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmsOkMA0GCSqGSIb3DQEB
CwUAA4IBAQDEuW0uaPmSpeeU3kyD7eQnB1lXvuOvDVaBxxPw4pEwvIFzyZKXbWjS
79U8elq/4e5dlMMn/6EqFKtsX4D/Tk4fTF5Y8QJKu+j/TCS6YiMnxbrHeE/cAWMX
y809CHfqMGPjjZMjd22jpirvV4/QLDXZmqgBqmqB8i9NbBXa1DzVMlTwa7OopSp7
ek4MnOnrR/r1Oe+UZqAmJtYVj0Q8qX5qimY//CzQKO/hs5lYFzeB6wOR93y2E4xC
fUzloPGju6SXW0DzPuG+q8m1NmNJbh5KYA7pSCbAfQ2B0pc/NFTOoWt1CNljDVBa
+l8VB8p5g0Sv+3e9LlPPZteKuXlBugRM
-----END CERTIFICATE-----
Generated at Fri May 9 06:43:40 2025 by rpki-client