Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/0F267F2AF50D11EFB446E555762E951A.roa
File: 0F267F2AF50D11EFB446E555762E951A.roa (raw, json)
Hash identifier: +CpvLqb4jBXr3WdznSBofv8hVDsTwuc4wLk9hxo2uJM=
Subject key identifier: CE:DC:D0:06:E9:97:1B:26:64:AC:D2:18:79:A8:F1:5F:34:92:8B:93
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 016876
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/0F267F2AF50D11EFB446E555762E951A.roa
Signing time: Thu 27 Feb 2025 13:16:31 +0000
ROA not before: Thu 27 Feb 2025 13:16:27 +0000
ROA not after: Wed 26 Mar 2025 13:16:27 +0000
asID: 62240
IP address blocks: 154.196.52.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 92278 (0x16876)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Feb 27 13:16:27 2025 GMT
Not After : Mar 26 13:16:27 2025 GMT
Subject: CN=67c065af-df31
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:d9:fd:82:c9:69:b2:35:97:45:c6:aa:84:91:
c3:92:ab:79:43:0e:3d:13:28:56:05:0d:75:55:e0:
3f:74:7d:5f:d8:22:0b:eb:f6:56:e9:6e:57:86:7f:
69:9f:cc:ee:5d:6c:1b:ad:62:84:a8:f1:70:48:06:
95:42:27:97:37:af:d8:12:cb:10:85:bf:c9:21:4e:
15:a6:8d:ad:97:b6:56:84:ac:42:df:64:16:56:d3:
1e:a3:ab:cd:df:3d:9b:ee:5b:60:3f:08:67:1c:57:
6c:c9:e6:a5:86:f2:09:53:79:4a:77:be:23:90:6c:
c2:bb:a9:97:0a:2f:56:ee:2c:6b:99:0a:73:e1:a5:
18:04:4a:8d:d0:ad:9c:32:bc:3b:78:2d:21:47:33:
10:f4:2c:09:a7:50:a3:cf:d3:10:48:d5:b1:23:e3:
80:67:7b:12:69:d8:f9:76:87:25:23:c7:7b:88:67:
ef:bc:a5:a7:e4:42:01:e9:88:63:c7:a7:ec:b2:f4:
91:c3:6c:f0:2e:9b:ca:56:2d:10:00:a5:43:53:7d:
7f:54:04:50:18:44:99:2e:63:68:dd:38:a7:7d:61:
2d:86:ee:67:f2:42:59:40:e1:8f:bf:92:02:15:b4:
ba:f3:5a:69:cf:e0:be:bf:1a:cc:1a:8f:90:3b:3f:
13:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:DC:D0:06:E9:97:1B:26:64:AC:D2:18:79:A8:F1:5F:34:92:8B:93
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/0F267F2AF50D11EFB446E555762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.196.52.0/24
Signature Algorithm: sha256WithRSAEncryption
20:19:34:c3:5b:61:d7:61:7d:80:29:ce:f5:da:ad:5d:8a:d7:
40:0f:90:e0:85:b4:cc:6b:bd:ac:d0:5b:15:16:b6:5b:42:1d:
19:10:3a:62:95:27:34:59:39:52:6c:9d:02:91:4d:f7:f3:45:
d5:29:eb:66:41:1e:27:ab:c1:42:ea:d1:06:4c:31:b7:42:06:
0a:09:9e:b2:19:ef:9b:1a:13:97:c5:d0:07:2f:57:5e:a9:2b:
8b:e5:b9:e3:51:24:71:49:df:cc:6d:be:2c:2f:05:71:de:13:
04:82:0e:6c:69:a1:ae:e3:3d:d4:e7:cc:53:88:2c:89:a1:34:
48:29:c9:f0:30:58:a6:da:20:fe:48:53:28:c1:3b:53:5e:02:
a1:4a:54:f2:64:5d:e8:ba:d6:14:0f:04:a5:7c:7f:84:ab:9f:
c9:ed:95:54:ce:03:e5:63:5f:f3:1c:92:62:17:25:67:76:69:
ce:e5:bf:91:7a:36:72:6c:7c:7a:76:d0:9a:ea:5a:ca:0c:3a:
31:81:0c:7c:e9:d5:3c:83:85:1f:13:88:23:4b:94:1f:42:d9:
2e:67:19:8f:8e:b4:a7:76:84:b1:3e:d7:b7:e9:cf:7b:9c:55:
e2:70:56:b7:a4:21:a2:fd:de:b4:aa:2f:6a:15:eb:a5:d9:31:
49:0a:ff:15
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAWh2MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMjI3MTMxNjI3WhcNMjUwMzI2MTMxNjI3WjAYMRYw
FAYDVQQDEw02N2MwNjVhZi1kZjMxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAvtn9gslpsjWXRcaqhJHDkqt5Qw49EyhWBQ11VeA/dH1f2CIL6/ZW6W5X
hn9pn8zuXWwbrWKEqPFwSAaVQieXN6/YEssQhb/JIU4Vpo2tl7ZWhKxC32QWVtMe
o6vN3z2b7ltgPwhnHFdsyealhvIJU3lKd74jkGzCu6mXCi9W7ixrmQpz4aUYBEqN
0K2cMrw7eC0hRzMQ9CwJp1Cjz9MQSNWxI+OAZ3sSadj5doclI8d7iGfvvKWn5EIB
6Yhjx6fssvSRw2zwLpvKVi0QAKVDU31/VARQGESZLmNo3TinfWEthu5n8kJZQOGP
v5ICFbS681ppz+C+vxrMGo+QOz8T8QIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFM7c
0AbplxsmZKzSGHmo8V80kouTMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8wRjI2N0YyQUY1MEQxMUVGQjQ0NkU1NTU3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmsQ0MA0GCSqGSIb3DQEB
CwUAA4IBAQAgGTTDW2HXYX2AKc712q1ditdAD5DghbTMa72s0FsVFrZbQh0ZEDpi
lSc0WTlSbJ0CkU3380XVKetmQR4nq8FC6tEGTDG3QgYKCZ6yGe+bGhOXxdAHL1de
qSuL5bnjUSRxSd/Mbb4sLwVx3hMEgg5saaGu4z3U58xTiCyJoTRIKcnwMFim2iD+
SFMowTtTXgKhSlTyZF3outYUDwSlfH+Eq5/J7ZVUzgPlY1/zHJJiFyVndmnO5b+R
ejZybHx6dtCa6lrKDDoxgQx86dU8g4UfE4gjS5QfQtkuZxmPjrSndoSxPte36c97
nFXicFa3pCGi/d60qi9qFeul2TFJCv8V
-----END CERTIFICATE-----
Generated at Fri May 9 12:07:32 2025 by rpki-client