Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/F9953342F29E11EFA8802AAF762E951A.roa
File: F9953342F29E11EFA8802AAF762E951A.roa (raw, json)
Hash identifier: bvy+x3RM4N/UMqumXXlcQNY3rvnkrZEWV9aYUZ/9LpA=
Subject key identifier: E9:1C:37:A7:A2:E0:ED:80:65:79:39:4A:99:26:89:68:DE:5D:DA:F3
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 015BCC
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/F9953342F29E11EFA8802AAF762E951A.roa
Signing time: Mon 24 Feb 2025 11:03:28 +0000
ROA not before: Mon 24 Feb 2025 11:03:24 +0000
ROA not after: Wed 26 Mar 2025 11:03:24 +0000
asID: 5065
IP address blocks: 154.94.63.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 89036 (0x15bcc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Feb 24 11:03:24 2025 GMT
Not After : Mar 26 11:03:24 2025 GMT
Subject: CN=67bc5200-38a2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:bb:38:7c:28:33:0a:a9:0e:6e:4c:4d:8c:14:
78:ce:c7:eb:2f:14:22:2a:cb:06:97:fc:9a:0c:1b:
aa:cf:1a:76:71:66:63:c7:80:09:48:4a:44:cc:36:
8a:27:d3:fe:1a:d1:e5:29:dd:1a:78:ef:f2:8d:f4:
81:1a:1d:8f:7c:05:65:a3:cc:9f:40:5f:02:b1:85:
61:97:fa:98:61:a9:81:ac:b9:6e:d1:51:05:47:1d:
ff:4c:3d:3b:d3:3c:30:b8:33:ec:14:69:55:90:a7:
02:a5:9f:fd:81:9c:45:fe:90:40:3f:14:e7:20:6f:
4e:74:58:d9:00:20:95:7d:7d:0e:4a:db:81:3f:4e:
28:cd:e9:59:d6:98:37:1f:7f:2b:29:f4:24:fd:f2:
2d:47:da:58:28:ab:66:1c:f8:82:89:2b:95:a3:aa:
6c:47:74:5b:0c:ff:50:3d:b0:a3:b2:80:9f:e5:bb:
d8:33:db:df:8c:e7:7b:f6:4d:d8:f6:be:47:db:86:
58:ab:77:cc:92:82:6a:b3:53:e0:e5:a8:e4:61:31:
f9:9c:78:e7:fe:10:f5:a8:33:5c:4e:65:39:84:12:
fd:6d:5d:75:10:db:75:3b:d2:22:5f:4a:35:1a:f6:
c3:92:74:99:74:08:0c:76:31:33:98:97:e4:13:fd:
08:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E9:1C:37:A7:A2:E0:ED:80:65:79:39:4A:99:26:89:68:DE:5D:DA:F3
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/F9953342F29E11EFA8802AAF762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.94.63.0/24
Signature Algorithm: sha256WithRSAEncryption
b5:04:dd:79:6e:85:35:88:b2:88:22:20:c3:97:82:e4:e8:a7:
b5:6b:2d:5e:0a:dc:ff:4f:be:88:52:07:3f:7d:21:2f:67:e3:
17:2d:e5:f9:ad:3d:69:b0:3a:70:f3:9f:26:66:c8:30:5c:a8:
dd:34:68:e7:5d:99:c8:40:f1:fb:8a:83:cc:de:cd:da:06:e4:
81:6b:50:c5:eb:3c:da:dd:a1:3d:73:88:04:7d:39:21:6c:72:
bc:0a:49:63:33:2a:40:63:fa:54:8b:0b:cd:a7:01:0d:cf:d5:
4d:85:7d:10:4b:34:11:4f:41:c7:f3:e4:2b:d5:70:37:4d:b0:
4b:cb:3d:fc:dc:7e:53:73:56:e2:76:a2:ac:d9:ae:43:6f:4e:
e3:9f:b0:ca:ff:ec:3b:80:69:1f:4e:c5:e8:7f:60:69:82:8e:
bb:50:c4:b3:61:c5:d8:55:9b:11:40:0d:91:0b:fc:c4:b9:d7:
44:8f:07:56:2b:40:1a:4b:3b:72:b8:5c:38:d7:fd:50:2d:18:
a6:40:df:12:c7:17:f4:8e:a9:95:f1:81:82:16:2d:1b:d1:09:
f7:b9:81:e3:26:9f:4e:e2:62:f9:5d:32:31:d8:54:24:62:14:
9a:f8:a9:b2:b4:bf:f5:63:35:d7:af:ea:09:57:fb:d2:36:3f:
d8:65:25:82
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAVvMMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMjI0MTEwMzI0WhcNMjUwMzI2MTEwMzI0WjAYMRYw
FAYDVQQDEw02N2JjNTIwMC0zOGEyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAtrs4fCgzCqkObkxNjBR4zsfrLxQiKssGl/yaDBuqzxp2cWZjx4AJSEpE
zDaKJ9P+GtHlKd0aeO/yjfSBGh2PfAVlo8yfQF8CsYVhl/qYYamBrLlu0VEFRx3/
TD070zwwuDPsFGlVkKcCpZ/9gZxF/pBAPxTnIG9OdFjZACCVfX0OStuBP04ozelZ
1pg3H38rKfQk/fItR9pYKKtmHPiCiSuVo6psR3RbDP9QPbCjsoCf5bvYM9vfjOd7
9k3Y9r5H24ZYq3fMkoJqs1Pg5ajkYTH5nHjn/hD1qDNcTmU5hBL9bV11ENt1O9Ii
X0o1GvbDknSZdAgMdjEzmJfkE/0IwwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFOkc
N6ei4O2AZXk5SpkmiWjeXdrzMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9GOTk1MzM0MkYyOUUxMUVGQTg4MDJBQUY3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAml4/MA0GCSqGSIb3DQEB
CwUAA4IBAQC1BN15boU1iLKIIiDDl4Lk6Ke1ay1eCtz/T76IUgc/fSEvZ+MXLeX5
rT1psDpw858mZsgwXKjdNGjnXZnIQPH7ioPM3s3aBuSBa1DF6zza3aE9c4gEfTkh
bHK8CkljMypAY/pUiwvNpwENz9VNhX0QSzQRT0HH8+Qr1XA3TbBLyz383H5Tc1bi
dqKs2a5Db07jn7DK/+w7gGkfTsXof2Bpgo67UMSzYcXYVZsRQA2RC/zEuddEjwdW
K0AaSztyuFw41/1QLRimQN8Sxxf0jqmV8YGCFi0b0Qn3uYHjJp9O4mL5XTIx2FQk
YhSa+KmytL/1YzXXr+oJV/vSNj/YZSWC
-----END CERTIFICATE-----
Generated at Fri May 9 06:42:52 2025 by rpki-client