Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/461D636CF16711EFB07129BD762E951A.roa
File: 461D636CF16711EFB07129BD762E951A.roa (raw, json)
Hash identifier: wUgl9BdZey7QdrEZZLHbuo1ovBhr7qYfvD0WGkuKJZY=
Subject key identifier: A5:13:1B:DB:3A:26:9C:9A:08:6C:F0:4A:F2:B5:5B:F6:19:5E:F3:EB
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 015A9B
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/461D636CF16711EFB07129BD762E951A.roa
Signing time: Sat 22 Feb 2025 21:52:13 +0000
ROA not before: Sat 22 Feb 2025 21:52:09 +0000
ROA not after: Tue 25 Mar 2025 21:52:09 +0000
asID: 59187
IP address blocks: 154.221.32.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 88731 (0x15a9b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Feb 22 21:52:09 2025 GMT
Not After : Mar 25 21:52:09 2025 GMT
Subject: CN=67ba470d-9e02
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:72:8e:7d:c9:d1:f5:b9:a6:f5:d9:f8:ab:24:
00:8d:1d:d8:b4:33:14:70:16:03:e8:7d:f7:bb:c2:
a9:16:81:7d:d5:87:6d:64:92:8b:a1:24:bf:78:7c:
ea:34:57:af:5f:9a:86:4d:9e:e9:5b:c0:83:a2:c1:
d3:44:af:81:32:7a:52:a6:0e:61:88:1e:23:97:84:
fb:45:a6:98:4c:0e:c0:c8:c6:5b:51:a1:f7:46:e0:
54:d7:59:ac:c9:63:59:5f:37:e3:87:62:c9:05:9c:
89:9d:06:f7:4c:08:57:83:83:d0:c0:e4:04:22:9c:
c2:41:1e:db:a8:d3:4c:52:72:64:32:01:d7:95:4d:
3a:44:cf:4c:bb:03:5b:10:e2:cd:28:1c:c8:11:24:
6e:8a:04:eb:57:77:df:72:c6:f2:8c:87:d3:ef:71:
6b:9c:35:60:ca:15:4a:9d:31:e1:ec:d9:9b:9e:a0:
d9:e6:eb:df:60:18:88:1e:aa:91:39:87:9f:21:15:
a0:57:56:8e:3a:35:32:6c:48:c0:a7:1c:34:57:a2:
b5:5c:b4:91:0e:71:e7:99:6d:96:61:40:b2:7d:ba:
79:05:02:47:ef:59:06:9f:91:7d:2d:4d:6f:bb:6c:
76:5d:e4:72:50:eb:18:bf:91:ce:ca:37:cc:5a:a1:
ae:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:13:1B:DB:3A:26:9C:9A:08:6C:F0:4A:F2:B5:5B:F6:19:5E:F3:EB
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/461D636CF16711EFB07129BD762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.221.32.0/22
Signature Algorithm: sha256WithRSAEncryption
d5:e3:8b:6f:9f:f2:cb:3a:1a:42:af:46:6f:b4:7f:1e:35:11:
0b:63:d3:40:c8:f4:b4:ac:bb:35:88:2c:1b:78:7f:75:29:3e:
82:f8:50:2e:6e:91:06:1b:76:b4:61:b9:ae:4e:6a:a2:a4:bd:
f2:4b:e5:a0:b6:25:1a:cf:54:7c:8f:23:dc:08:90:5d:2a:e0:
6e:90:de:04:92:f0:5e:30:8d:c4:8e:55:d4:b5:8f:b3:75:b4:
89:d3:35:48:2a:07:bc:52:fc:b5:b6:11:ee:19:3e:3b:1f:2f:
a9:18:94:87:34:ba:2f:ec:82:ea:8a:8a:2d:98:13:8b:b2:e3:
a8:7f:20:8c:e5:2e:1a:d6:77:a9:c2:f4:f3:42:9d:ff:e5:6b:
17:cd:72:2c:03:3f:53:0a:6f:c2:08:d3:73:dd:8e:eb:d5:9a:
da:b9:b6:17:6e:a7:d9:62:74:f0:d6:85:d2:15:7c:86:55:f1:
de:c7:6d:df:4a:a9:dd:4b:cb:ef:ec:42:48:75:b2:25:85:f2:
1a:63:ed:f8:db:a9:dc:1d:47:79:de:6a:6a:fd:63:13:2a:b8:
54:d8:84:d8:2d:69:4d:63:f6:e4:57:9b:d0:8d:be:a5:ea:44:
10:0c:e8:c2:c5:c6:d5:b3:b2:1b:a3:e4:bc:6d:a5:fd:38:de:
85:ac:82:10
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAVqbMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMjIyMjE1MjA5WhcNMjUwMzI1MjE1MjA5WjAYMRYw
FAYDVQQDEw02N2JhNDcwZC05ZTAyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEApHKOfcnR9bmm9dn4qyQAjR3YtDMUcBYD6H33u8KpFoF91YdtZJKLoSS/
eHzqNFevX5qGTZ7pW8CDosHTRK+BMnpSpg5hiB4jl4T7RaaYTA7AyMZbUaH3RuBU
11msyWNZXzfjh2LJBZyJnQb3TAhXg4PQwOQEIpzCQR7bqNNMUnJkMgHXlU06RM9M
uwNbEOLNKBzIESRuigTrV3ffcsbyjIfT73FrnDVgyhVKnTHh7NmbnqDZ5uvfYBiI
HqqROYefIRWgV1aOOjUybEjApxw0V6K1XLSRDnHnmW2WYUCyfbp5BQJH71kGn5F9
LU1vu2x2XeRyUOsYv5HOyjfMWqGuyQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFKUT
G9s6JpyaCGzwSvK1W/YZXvPrMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC80NjFENjM2Q0YxNjcxMUVGQjA3MTI5QkQ3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCmt0gMA0GCSqGSIb3DQEB
CwUAA4IBAQDV44tvn/LLOhpCr0ZvtH8eNRELY9NAyPS0rLs1iCwbeH91KT6C+FAu
bpEGG3a0YbmuTmqipL3yS+WgtiUaz1R8jyPcCJBdKuBukN4EkvBeMI3EjlXUtY+z
dbSJ0zVIKge8Uvy1thHuGT47Hy+pGJSHNLov7ILqiootmBOLsuOofyCM5S4a1nep
wvTzQp3/5WsXzXIsAz9TCm/CCNNz3Y7r1ZraubYXbqfZYnTw1oXSFXyGVfHex23f
SqndS8vv7EJIdbIlhfIaY+3426ncHUd53mpq/WMTKrhU2ITYLWlNY/bkV5vQjb6l
6kQQDOjCxcbVs7Ibo+S8baX9ON6FrIIQ
-----END CERTIFICATE-----
Generated at Fri May 9 07:10:57 2025 by rpki-client