Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/63BE0392273911F0BC1A8EE6DAE4EC9C.roa
File: 63BE0392273911F0BC1A8EE6DAE4EC9C.roa (raw, json)
Hash identifier: v+j3du1cuoHV/eb0vVkaUWYVcaf8yvVlUx0Lovx8Wgs=
Subject key identifier: F2:FC:64:B3:69:0A:46:71:40:01:B1:DF:94:CD:E6:54:1A:A2:C0:72
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 017E60
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/63BE0392273911F0BC1A8EE6DAE4EC9C.roa
Signing time: Fri 02 May 2025 09:39:49 +0000
ROA not before: Fri 02 May 2025 09:39:44 +0000
ROA not after: Mon 12 May 2025 09:39:44 +0000
asID: 142267
IP address blocks: 154.91.4.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 97888 (0x17e60)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: May 2 09:39:44 2025 GMT
Not After : May 12 09:39:44 2025 GMT
Subject: CN=681492e5-78e8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:b5:e6:3d:3f:fa:95:26:79:99:d8:61:0a:de:
06:11:8e:45:6b:a2:38:1b:c9:e0:d4:bf:49:6f:3a:
eb:6b:9d:51:7f:50:e5:8d:80:a5:df:33:fb:32:15:
b0:2e:89:21:dc:d6:6c:31:9e:ff:5d:49:9f:d0:e5:
a8:67:2a:9f:47:6b:57:72:c4:a2:62:50:7b:66:00:
36:4e:b4:02:f8:a8:ff:37:b5:26:f0:af:5a:69:15:
77:ea:eb:f2:28:a0:69:6e:53:ad:f2:6b:2d:9f:7c:
72:29:f4:00:00:03:8f:90:fa:2d:fd:18:ae:1e:61:
1a:7f:3b:41:00:f3:33:87:eb:de:6e:65:81:cf:23:
2b:61:d0:d0:59:49:9a:4c:c4:5f:8f:a5:2d:ae:3b:
06:9f:25:71:25:18:56:86:45:c9:bd:d8:74:10:c0:
48:f1:aa:3f:94:e4:cd:68:30:47:23:de:97:e3:42:
9e:ca:85:4c:26:c1:14:e6:97:1c:24:63:ce:7c:27:
df:a2:20:38:10:6d:de:8d:f5:61:c1:5c:cd:ce:65:
b0:b7:f8:49:c1:91:e3:01:d9:60:58:6a:b7:f9:a5:
0a:fd:62:00:11:b7:ea:46:82:41:18:5d:f3:a1:06:
30:32:26:37:2e:dd:5c:aa:3b:b4:8c:b0:d0:57:9b:
8a:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:FC:64:B3:69:0A:46:71:40:01:B1:DF:94:CD:E6:54:1A:A2:C0:72
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/63BE0392273911F0BC1A8EE6DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.91.4.0/24
Signature Algorithm: sha256WithRSAEncryption
8a:82:0a:70:95:51:13:82:cb:f1:42:fc:38:7b:e2:1e:68:5f:
2c:e2:a5:95:ae:b9:8c:b2:b2:15:73:29:b9:1d:e9:c9:63:da:
8c:80:da:55:76:e5:bc:72:9a:40:2d:00:84:72:70:8c:be:d1:
0d:b0:dc:ae:06:3c:5d:63:3e:5e:42:95:54:13:a9:a0:18:c9:
1b:53:fe:24:d7:e4:bf:b0:c4:77:dc:01:25:8b:90:0b:8f:7d:
f4:dd:41:bd:6a:01:bd:ed:7b:50:cc:0d:56:6f:83:55:df:d8:
dd:15:13:1e:10:79:24:85:b2:f6:04:1c:f3:ec:e7:d6:50:ac:
66:fd:c6:bb:b0:a1:2f:5e:1c:32:e9:ba:27:41:b6:06:81:45:
8b:4d:33:51:77:44:7a:3a:47:9f:71:e7:2b:a1:7d:60:f6:c7:
a9:c9:f9:e5:2a:ff:9b:91:24:d6:2b:64:3e:af:a8:cb:df:1d:
20:9f:e2:d3:43:3a:9d:7b:c3:55:88:58:eb:ff:56:2b:29:f9:
30:9f:df:95:b7:35:ee:bf:fc:00:d4:29:cd:14:56:bc:1c:41:
4b:2a:21:d6:83:ac:72:72:44:b0:b0:ed:fa:93:90:2b:06:33:
49:77:f4:99:35:af:bc:75:2e:2d:51:18:18:54:67:c3:f7:c0:
94:1e:33:46
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAX5gMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNTAyMDkzOTQ0WhcNMjUwNTEyMDkzOTQ0WjAYMRYw
FAYDVQQDEw02ODE0OTJlNS03OGU4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAurXmPT/6lSZ5mdhhCt4GEY5Fa6I4G8ng1L9Jbzrra51Rf1DljYCl3zP7
MhWwLokh3NZsMZ7/XUmf0OWoZyqfR2tXcsSiYlB7ZgA2TrQC+Kj/N7Um8K9aaRV3
6uvyKKBpblOt8mstn3xyKfQAAAOPkPot/RiuHmEafztBAPMzh+vebmWBzyMrYdDQ
WUmaTMRfj6UtrjsGnyVxJRhWhkXJvdh0EMBI8ao/lOTNaDBHI96X40KeyoVMJsEU
5pccJGPOfCffoiA4EG3ejfVhwVzNzmWwt/hJwZHjAdlgWGq3+aUK/WIAEbfqRoJB
GF3zoQYwMiY3Lt1cqju0jLDQV5uK0QIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFPL8
ZLNpCkZxQAGx35TN5lQaosByMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC82M0JFMDM5MjI3MzkxMUYwQkMxQThFRTZEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmlsEMA0GCSqGSIb3DQEB
CwUAA4IBAQCKggpwlVETgsvxQvw4e+IeaF8s4qWVrrmMsrIVcym5HenJY9qMgNpV
duW8cppALQCEcnCMvtENsNyuBjxdYz5eQpVUE6mgGMkbU/4k1+S/sMR33AEli5AL
j3303UG9agG97XtQzA1Wb4NV39jdFRMeEHkkhbL2BBzz7OfWUKxm/ca7sKEvXhwy
6bonQbYGgUWLTTNRd0R6OkefcecroX1g9sepyfnlKv+bkSTWK2Q+r6jL3x0gn+LT
Qzqde8NViFjr/1YrKfkwn9+VtzXuv/wA1CnNFFa8HEFLKiHWg6xyckSwsO36k5Ar
BjNJd/SZNa+8dS4tURgYVGfD98CUHjNG
-----END CERTIFICATE-----
Generated at Wed May 14 02:41:08 2025 by rpki-client