Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/32AB48288A8711EEA70E1C6D4AD9E6FC.roa
File: 32AB48288A8711EEA70E1C6D4AD9E6FC.roa (raw, json)
Hash identifier: 9i4DDphIYNs5IReA1rIiZxAdlgDjNYtkBxdmaohPogY=
Subject key identifier: BA:F8:72:2E:E3:C7:87:44:D2:49:BB:16:EE:B1:6B:DF:72:E4:2C:73
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 5310
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/32AB48288A8711EEA70E1C6D4AD9E6FC.roa
Signing time: Fri 24 Nov 2023 05:06:17 +0000
ROA not before: Fri 24 Nov 2023 05:06:14 +0000
ROA not after: Tue 26 Dec 2023 05:06:14 +0000
asID: 62240
IP address blocks: 154.195.160.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 21264 (0x5310)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Nov 24 05:06:14 2023 GMT
Not After : Dec 26 05:06:14 2023 GMT
Subject: CN=65602f49-67c2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:d7:2c:93:49:c7:39:56:53:18:7f:7c:d0:74:
04:ff:4a:14:42:a1:68:42:f1:6c:b1:2e:d1:ae:61:
9d:89:79:14:e9:d2:f8:b5:87:85:3f:d3:8d:53:03:
13:c6:32:b5:78:26:26:39:d2:73:8e:2d:dd:0f:d4:
46:4f:7f:ed:9f:f4:86:eb:7a:fa:98:c4:5c:6c:13:
e3:5e:ae:74:8b:ea:1a:db:02:ec:50:cd:83:67:a7:
c0:6f:ad:a8:8b:b4:9f:e3:21:3c:61:c8:25:ba:b2:
d0:08:8f:cf:98:36:9b:19:a8:79:00:d3:95:7e:24:
54:a3:5e:27:c4:f1:60:63:0d:c1:a8:78:81:bf:c7:
12:8c:7b:d8:31:46:53:41:3c:83:57:c3:5f:ba:ad:
0c:bf:71:36:89:15:66:a0:fa:1f:e5:c3:2c:e9:02:
a1:20:07:13:ea:b1:da:9f:9a:99:7d:20:7d:71:56:
01:5f:e2:62:0e:55:a6:95:92:60:7e:85:44:84:c9:
ac:61:7e:e7:31:c5:e7:dc:cd:7c:e6:e4:8c:53:b2:
76:87:56:21:44:aa:fe:af:5e:2a:c8:f8:f8:d7:12:
18:c9:75:3b:16:d8:53:29:77:5d:0c:20:13:d4:7d:
00:d3:9c:ce:9e:d3:24:3c:39:65:b1:be:1f:d5:7a:
61:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:F8:72:2E:E3:C7:87:44:D2:49:BB:16:EE:B1:6B:DF:72:E4:2C:73
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/32AB48288A8711EEA70E1C6D4AD9E6FC.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.195.160.0/24
Signature Algorithm: sha256WithRSAEncryption
3d:59:31:31:05:ac:3e:4d:ca:72:4a:d2:a5:1f:ac:df:55:21:
c9:76:2d:32:df:ee:77:e2:c0:99:96:6c:61:1d:f7:b7:bd:ff:
2d:bd:97:88:e8:70:50:82:41:2a:98:3c:4c:9b:90:b0:fc:68:
89:a8:02:86:ab:46:33:ea:83:c2:d7:59:65:7c:0d:e0:2b:8f:
8f:1d:52:69:10:b5:b4:43:68:38:5e:3c:a6:7f:0b:7a:34:dd:
b0:3f:61:12:0f:f3:bb:34:93:b0:81:a2:3e:c6:27:b5:cf:f5:
1e:a6:eb:b9:ee:c1:74:6d:55:be:76:e6:ea:fd:e6:96:74:14:
b4:64:23:83:ec:3f:21:ad:b9:19:80:e3:98:40:55:b2:75:a9:
6f:db:e7:d8:74:2b:fd:cc:02:a6:19:fa:7e:24:18:8f:43:2f:
48:9e:51:a1:79:a4:8c:51:52:c3:5f:35:a0:11:fd:65:dc:4f:
5a:2f:0d:1f:ba:c0:8c:c3:8f:d7:ce:16:b7:23:97:ff:5d:fe:
ab:ea:2a:6b:07:f7:96:74:09:c1:5a:e3:b9:e4:4a:f1:1a:7e:
9a:d9:18:66:bd:83:14:ef:3f:ef:ed:df:fc:6b:14:72:d9:ea:
e2:84:f9:58:f5:92:03:97:27:6f:db:3a:76:b3:2b:95:7b:a1:
fd:c4:d6:3d
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICUxAwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
OEYyRDBBRjExMC8GA1UEBRMoMjVENjNFMDhFQUJFN0NGQTY3ODVENEMxRDZEMzQx
MTZERTE1QjNEQzAeFw0yMzExMjQwNTA2MTRaFw0yMzEyMjYwNTA2MTRaMBgxFjAU
BgNVBAMTDTY1NjAyZjQ5LTY3YzIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDB1yyTScc5VlMYf3zQdAT/ShRCoWhC8WyxLtGuYZ2JeRTp0vi1h4U/041T
AxPGMrV4JiY50nOOLd0P1EZPf+2f9IbrevqYxFxsE+NernSL6hrbAuxQzYNnp8Bv
raiLtJ/jITxhyCW6stAIj8+YNpsZqHkA05V+JFSjXifE8WBjDcGoeIG/xxKMe9gx
RlNBPINXw1+6rQy/cTaJFWag+h/lwyzpAqEgBxPqsdqfmpl9IH1xVgFf4mIOVaaV
kmB+hUSEyaxhfucxxefczXzm5IxTsnaHViFEqv6vXirI+PjXEhjJdTsW2FMpd10M
IBPUfQDTnM6e0yQ8OWWxvh/VemHdAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUuvhy
LuPHh0TSSbsW7rFr33LkLHMwHwYDVR0jBBgwFoAUJdY+COq+fPpnhdTB1tNBFt4V
s9wwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjhGMkQwLzdGNEE5OEVBNkUwNTExRTg5QzBENkU0QkY4QUVBMjI4L0pkWS1D
T3EtZlBwbmhkVEIxdE5CRnQ0VnM5dy5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0pkWS1DT3EtZlBwbmhkVEIxdE5CRnQ0VnM5dy5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjhGMkQwLzdGNEE5OEVBNkUwNTExRTg5QzBENkU0QkY4
QUVBMjI4LzMyQUI0ODI4OEE4NzExRUVBNzBFMUM2RDRBRDlFNkZDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACaw6AwDQYJKoZIhvcNAQEL
BQADggEBAD1ZMTEFrD5NynJK0qUfrN9VIcl2LTLf7nfiwJmWbGEd97e9/y29l4jo
cFCCQSqYPEybkLD8aImoAoarRjPqg8LXWWV8DeArj48dUmkQtbRDaDhePKZ/C3o0
3bA/YRIP87s0k7CBoj7GJ7XP9R6m67nuwXRtVb525ur95pZ0FLRkI4PsPyGtuRmA
45hAVbJ1qW/b59h0K/3MAqYZ+n4kGI9DL0ieUaF5pIxRUsNfNaAR/WXcT1ovDR+6
wIzDj9fOFrcjl/9d/qvqKmsH95Z0CcFa47nkSvEafprZGGa9gxTvP+/t3/xrFHLZ
6uKE+Vj1kgOXJ2/bOnazK5V7of3E1j0=
-----END CERTIFICATE-----
Generated at Fri May 9 11:21:00 2025 by rpki-client