Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/F4F0DF78F4D111EF97713544762E951A.roa
File: F4F0DF78F4D111EF97713544762E951A.roa (raw, json)
Hash identifier: /qBBZ/OLzBo80A0l34fQzIQEDhiAd1I1Xx8GQnctIFc=
Subject key identifier: B9:88:E1:BD:DF:C7:5A:CC:D2:FD:91:65:C8:37:A3:59:DD:45:C9:98
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01664D
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/F4F0DF78F4D111EF97713544762E951A.roa
Signing time: Thu 27 Feb 2025 06:13:27 +0000
ROA not before: Thu 27 Feb 2025 06:13:23 +0000
ROA not after: Wed 26 Mar 2025 06:13:23 +0000
asID: 62240
IP address blocks: 154.195.146.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 91725 (0x1664d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Feb 27 06:13:23 2025 GMT
Not After : Mar 26 06:13:23 2025 GMT
Subject: CN=67c00287-de51
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:82:cc:60:df:13:b8:b0:95:56:73:d7:7a:4d:
3f:ca:5b:65:fa:24:18:70:59:e9:0b:7a:e9:a8:75:
ee:33:b5:46:8f:ce:c5:13:b6:86:eb:6b:ed:eb:af:
32:44:93:1e:54:da:8b:82:bd:c3:4c:fd:db:2c:76:
87:b6:19:fd:09:47:db:d3:a7:18:9d:77:7f:a5:53:
1b:08:56:48:f6:17:b3:a2:25:f7:83:6e:db:60:1c:
f7:b0:e9:ba:ef:8c:0e:52:4f:6f:5e:fe:5b:57:4a:
5e:26:ce:69:3f:f1:d7:df:95:b1:2c:9d:a0:1e:36:
9e:ce:d9:2c:bd:0b:3a:a9:af:20:f9:41:5e:e5:ff:
17:17:c7:7f:40:cc:c2:81:69:fa:ee:13:69:6b:dc:
fd:a1:a0:dd:09:f2:f1:83:7c:49:a8:46:ef:39:60:
82:e3:d0:e8:13:34:b1:98:4f:52:de:dd:19:89:66:
26:7a:cf:71:48:4f:8f:02:f2:07:5c:0e:85:00:b4:
49:04:22:a2:da:d2:a8:20:ff:20:d5:19:c5:fa:70:
eb:48:0a:1c:91:01:63:28:6a:16:37:62:c1:b7:b8:
90:ea:23:53:5a:be:5f:c4:db:8e:36:f4:a1:47:f8:
2d:ff:13:b7:ab:93:4e:35:81:66:a5:79:5d:6e:bb:
9e:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:88:E1:BD:DF:C7:5A:CC:D2:FD:91:65:C8:37:A3:59:DD:45:C9:98
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/F4F0DF78F4D111EF97713544762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.195.146.0/24
Signature Algorithm: sha256WithRSAEncryption
0f:48:8b:6e:00:04:26:b5:95:fb:87:c5:a4:18:86:8f:9f:8e:
2f:17:ed:45:9c:9a:32:0c:ef:a0:8a:0d:f6:65:11:6e:a0:42:
29:d5:f1:6a:1c:0f:20:59:14:71:9b:5c:78:fd:f0:e1:f7:3c:
c2:90:cf:09:1e:55:53:71:d3:33:88:0c:70:f4:78:6a:71:fc:
02:30:de:47:e7:a7:a1:63:c7:16:97:32:52:e8:88:9c:1e:2e:
14:97:79:34:d8:af:df:15:8b:c2:5e:66:0a:d8:5b:0e:8e:83:
0a:a5:19:33:33:e6:dc:15:10:a6:28:9c:ae:51:25:c0:55:58:
65:c7:f3:73:ea:e5:71:ef:b7:a6:fe:79:48:79:06:e6:c8:ed:
c7:cd:17:f6:5f:6d:19:f6:e1:71:a3:41:c7:92:6a:5d:83:1a:
46:2a:c0:2b:ff:e0:ea:ba:7c:3a:c0:fc:ba:70:54:c2:0a:05:
14:df:b8:e1:d3:b6:a5:5a:76:b6:d3:6f:d9:83:47:80:98:30:
2a:55:20:83:27:b8:24:3c:87:3a:a2:4f:c3:34:45:83:94:38:
d9:f2:9a:cf:e7:df:21:6e:48:50:58:c7:af:e5:c1:13:a3:71:
f1:b9:a6:2e:0f:20:0c:5a:3e:43:a9:6c:93:d4:57:0f:18:51:
9b:5e:c7:cb
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAWZNMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMjI3MDYxMzIzWhcNMjUwMzI2MDYxMzIzWjAYMRYw
FAYDVQQDEw02N2MwMDI4Ny1kZTUxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA6oLMYN8TuLCVVnPXek0/yltl+iQYcFnpC3rpqHXuM7VGj87FE7aG62vt
668yRJMeVNqLgr3DTP3bLHaHthn9CUfb06cYnXd/pVMbCFZI9hezoiX3g27bYBz3
sOm674wOUk9vXv5bV0peJs5pP/HX35WxLJ2gHjaeztksvQs6qa8g+UFe5f8XF8d/
QMzCgWn67hNpa9z9oaDdCfLxg3xJqEbvOWCC49DoEzSxmE9S3t0ZiWYmes9xSE+P
AvIHXA6FALRJBCKi2tKoIP8g1RnF+nDrSAockQFjKGoWN2LBt7iQ6iNTWr5fxNuO
NvShR/gt/xO3q5NONYFmpXldbrueDwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFLmI
4b3fx1rM0v2RZcg3o1ndRcmYMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9GNEYwREY3OEY0RDExMUVGOTc3MTM1NDQ3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmsOSMA0GCSqGSIb3DQEB
CwUAA4IBAQAPSItuAAQmtZX7h8WkGIaPn44vF+1FnJoyDO+gig32ZRFuoEIp1fFq
HA8gWRRxm1x4/fDh9zzCkM8JHlVTcdMziAxw9HhqcfwCMN5H56ehY8cWlzJS6Iic
Hi4Ul3k02K/fFYvCXmYK2FsOjoMKpRkzM+bcFRCmKJyuUSXAVVhlx/Nz6uVx77em
/nlIeQbmyO3HzRf2X20Z9uFxo0HHkmpdgxpGKsAr/+Dqunw6wPy6cFTCCgUU37jh
07alWna202/Zg0eAmDAqVSCDJ7gkPIc6ok/DNEWDlDjZ8prP598hbkhQWMev5cET
o3HxuaYuDyAMWj5DqWyT1FcPGFGbXsfL
-----END CERTIFICATE-----
Generated at Fri May 9 06:53:34 2025 by rpki-client