Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/FFA11110F2E511EFAD3F9C83762E951A.roa
File: FFA11110F2E511EFAD3F9C83762E951A.roa (raw, json)
Hash identifier: mmwGQNjp4KHTJciNC3MduSAI2e2po73k2C4nsZS/zoI=
Subject key identifier: 43:1F:50:77:FE:CC:78:CF:F9:F0:53:AE:26:E6:7F:7D:92:6E:FF:4D
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 015D04
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/FFA11110F2E511EFAD3F9C83762E951A.roa
Signing time: Mon 24 Feb 2025 19:31:52 +0000
ROA not before: Mon 24 Feb 2025 19:31:48 +0000
ROA not after: Wed 26 Mar 2025 19:31:48 +0000
asID: 5065
IP address blocks: 154.94.48.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 89348 (0x15d04)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Feb 24 19:31:48 2025 GMT
Not After : Mar 26 19:31:48 2025 GMT
Subject: CN=67bcc928-f394
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:3f:18:f2:4a:aa:18:0a:89:d6:14:77:d1:de:
0c:c6:fa:6f:99:45:87:f5:80:de:19:41:f5:25:56:
60:aa:05:02:eb:b3:3d:45:03:c5:a6:10:55:a3:83:
3b:41:be:26:2e:44:70:da:77:0a:c5:1c:e1:6e:df:
88:4f:8f:fd:2c:ca:16:1c:ab:93:9a:b2:7e:93:71:
ab:42:99:d2:9e:86:d7:16:97:04:9c:44:ca:74:46:
b5:7f:56:21:43:59:8f:e9:d1:4e:8a:56:a4:7b:41:
12:75:54:34:55:15:08:c9:07:a6:30:c2:2f:d9:79:
c5:51:10:36:f6:0d:e1:7f:2d:16:07:11:0b:1d:13:
5f:e9:f8:42:a5:9b:c1:a8:f7:ca:cb:3f:2b:fc:e1:
d4:ea:60:74:54:79:b0:51:1b:49:e7:02:1f:e1:ab:
4e:1e:66:f6:1f:fd:bc:42:57:57:60:4f:9e:08:b6:
cc:fa:a6:e2:24:42:c6:3f:03:46:9f:81:d4:3d:c7:
17:08:d8:9e:ee:8a:98:5e:04:68:f7:ce:f4:e7:19:
cc:5a:1c:ee:1c:bf:bd:34:39:38:91:ef:94:ba:81:
99:80:0e:5b:1b:9b:5b:a5:32:f6:08:5c:9d:e0:c8:
12:85:1f:6d:98:46:51:ad:6d:71:6e:cb:2b:c4:34:
92:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:1F:50:77:FE:CC:78:CF:F9:F0:53:AE:26:E6:7F:7D:92:6E:FF:4D
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/FFA11110F2E511EFAD3F9C83762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.94.48.0/24
Signature Algorithm: sha256WithRSAEncryption
2a:d9:28:4b:f9:3d:06:75:78:82:2b:82:e8:70:16:2e:06:cb:
64:b3:fe:3f:91:ae:64:a3:85:42:0f:85:df:a1:a6:5d:77:05:
58:e5:d9:39:33:f6:3b:d0:ae:41:d0:0d:ac:a4:60:0b:bc:69:
31:29:ac:dc:4f:d7:7e:5a:5d:a4:04:ed:0d:2c:23:30:22:a8:
a2:ad:fc:f9:b5:a9:df:74:51:ae:90:8d:89:06:e1:24:e6:59:
4e:00:3e:63:41:fc:d8:f5:a2:90:05:0a:a3:bc:23:a4:23:78:
a1:d4:0d:ab:33:de:a6:52:f0:59:df:1e:ae:26:19:d8:98:60:
f4:53:62:ef:05:8d:79:6a:36:a4:03:b5:62:6c:a0:07:ba:5b:
86:c8:f8:50:96:08:89:28:eb:b8:61:62:39:60:65:fe:9e:9c:
f6:43:ac:80:4e:80:34:99:12:81:45:d7:7f:7f:46:a1:f1:a0:
6c:11:84:5d:fc:ef:c1:26:25:1f:a6:80:2c:98:8e:da:07:ad:
a0:7b:07:6a:f2:16:a3:d8:36:bb:25:62:19:ae:0d:82:de:33:
48:b2:fe:81:c6:e8:01:70:f0:c8:91:28:67:16:0d:e9:a7:58:
07:88:20:db:d6:f4:fb:a6:e2:34:2b:91:2a:24:58:44:c6:b6:
71:aa:d0:17
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAV0EMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMjI0MTkzMTQ4WhcNMjUwMzI2MTkzMTQ4WjAYMRYw
FAYDVQQDEw02N2JjYzkyOC1mMzk0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAlT8Y8kqqGAqJ1hR30d4MxvpvmUWH9YDeGUH1JVZgqgUC67M9RQPFphBV
o4M7Qb4mLkRw2ncKxRzhbt+IT4/9LMoWHKuTmrJ+k3GrQpnSnobXFpcEnETKdEa1
f1YhQ1mP6dFOilake0ESdVQ0VRUIyQemMMIv2XnFURA29g3hfy0WBxELHRNf6fhC
pZvBqPfKyz8r/OHU6mB0VHmwURtJ5wIf4atOHmb2H/28QldXYE+eCLbM+qbiJELG
PwNGn4HUPccXCNie7oqYXgRo98705xnMWhzuHL+9NDk4ke+UuoGZgA5bG5tbpTL2
CFyd4MgShR9tmEZRrW1xbssrxDSSqQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFEMf
UHf+zHjP+fBTribmf32Sbv9NMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9GRkExMTExMEYyRTUxMUVGQUQzRjlDODM3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAml4wMA0GCSqGSIb3DQEB
CwUAA4IBAQAq2ShL+T0GdXiCK4LocBYuBstks/4/ka5ko4VCD4XfoaZddwVY5dk5
M/Y70K5B0A2spGALvGkxKazcT9d+Wl2kBO0NLCMwIqiirfz5tanfdFGukI2JBuEk
5llOAD5jQfzY9aKQBQqjvCOkI3ih1A2rM96mUvBZ3x6uJhnYmGD0U2LvBY15ajak
A7VibKAHuluGyPhQlgiJKOu4YWI5YGX+npz2Q6yAToA0mRKBRdd/f0ah8aBsEYRd
/O/BJiUfpoAsmI7aB62gewdq8haj2Da7JWIZrg2C3jNIsv6BxugBcPDIkShnFg3p
p1gHiCDb1vT7puI0K5EqJFhExrZxqtAX
-----END CERTIFICATE-----
Generated at Fri May 9 06:14:12 2025 by rpki-client