Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/482D93F2F35111EFB6DFB462762E951A.roa
File: 482D93F2F35111EFB6DFB462762E951A.roa (raw, json)
Hash identifier: tZ7AcJWzPrqjZw6M7dTtKs8DS3qwigZn2CZF0dt1wKw=
Subject key identifier: 27:15:DD:54:D9:AD:2C:E3:6E:4F:8F:A8:B7:EE:65:DA:BE:A9:23:6A
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 015D96
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/482D93F2F35111EFB6DFB462762E951A.roa
Signing time: Tue 25 Feb 2025 08:19:50 +0000
ROA not before: Tue 25 Feb 2025 08:19:46 +0000
ROA not after: Thu 27 Mar 2025 08:19:46 +0000
asID: 984
IP address blocks: 154.200.132.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 89494 (0x15d96)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Feb 25 08:19:46 2025 GMT
Not After : Mar 27 08:19:46 2025 GMT
Subject: CN=67bd7d26-cc83
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:a7:62:72:70:47:57:6e:73:5c:cb:c4:0e:ca:
ce:0c:fe:9e:59:b1:b9:37:09:09:e2:ea:8e:af:06:
b1:93:b3:7c:c9:ee:cb:0e:9b:97:bc:be:6d:18:e9:
ee:b0:87:aa:a9:69:3f:f5:8a:c3:02:00:43:3c:0c:
4b:6a:d6:0e:99:5f:ce:d6:62:08:83:21:04:30:eb:
21:46:d0:eb:80:29:2b:8e:ab:5a:f5:36:98:0f:0e:
8a:59:07:6d:29:a7:9b:55:21:ae:f7:81:7f:43:82:
8b:bb:4f:9a:37:cd:93:97:f0:26:da:3c:d3:8a:9e:
d3:76:6d:e8:46:ff:fc:1e:3d:51:03:c5:bd:62:89:
83:6a:0b:bf:c3:7d:da:57:70:84:9a:71:b2:60:5d:
3a:93:1a:95:f9:48:e7:11:f7:20:bd:f2:3e:ed:c3:
3a:bb:06:41:18:71:c1:65:3c:fd:8f:06:e9:7c:0e:
12:c6:a1:ed:0b:d6:b1:46:4d:30:e9:86:4d:19:47:
e2:72:8a:c5:e0:b0:05:43:3a:45:48:70:5f:80:f5:
b4:6f:a9:ad:6f:4d:ba:67:83:dd:b1:ad:b4:1b:98:
55:8b:92:67:b8:4b:80:2e:80:78:2d:dd:03:e6:a2:
bc:28:59:7d:b4:a1:ef:ae:ca:23:43:2c:82:62:79:
66:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:15:DD:54:D9:AD:2C:E3:6E:4F:8F:A8:B7:EE:65:DA:BE:A9:23:6A
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/482D93F2F35111EFB6DFB462762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.200.132.0/24
Signature Algorithm: sha256WithRSAEncryption
0b:50:c1:a0:35:33:56:97:e8:ad:63:4e:ee:6d:4d:1e:7c:3a:
39:79:22:5a:f7:b4:9c:cd:60:89:b5:03:ed:1d:1c:f6:c7:45:
86:14:15:ea:76:92:c4:80:3b:f7:1f:d3:10:50:b6:3e:d1:86:
82:7a:e2:d9:36:3c:a2:f2:8f:b9:aa:35:35:ce:55:40:bd:ad:
e7:a2:4b:28:eb:25:bf:1f:30:f9:b7:5b:c3:9e:a1:5e:74:eb:
26:51:03:54:a5:f9:ba:b2:4f:ae:ed:df:bc:24:8e:68:5e:e3:
4e:1a:08:ed:4b:a8:7d:ec:f2:db:ff:7b:f0:bf:6d:85:86:34:
a1:67:b9:9c:05:4d:55:b8:f4:1d:b0:b0:b5:09:4d:cd:4a:2e:
b6:4d:38:3a:f4:76:b2:5b:ef:c4:c5:02:16:d9:d0:f8:39:fa:
97:42:a4:a2:8a:89:de:0b:1d:8c:13:18:04:da:89:67:05:70:
7b:f0:8a:9e:61:bc:f5:e4:45:ba:22:da:1a:dc:24:2e:5b:34:
a7:d6:dc:47:45:00:1e:46:f1:bf:45:e4:10:55:e3:17:35:9e:
dd:1f:7d:8d:db:3a:06:6e:c2:2a:b6:30:68:53:1c:f4:36:b2:
b5:3c:da:c9:be:04:b5:0b:d8:7b:f9:a5:b8:3c:32:ff:83:96:
64:98:e2:26
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAV2WMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMjI1MDgxOTQ2WhcNMjUwMzI3MDgxOTQ2WjAYMRYw
FAYDVQQDEw02N2JkN2QyNi1jYzgzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAv6dicnBHV25zXMvEDsrODP6eWbG5NwkJ4uqOrwaxk7N8ye7LDpuXvL5t
GOnusIeqqWk/9YrDAgBDPAxLatYOmV/O1mIIgyEEMOshRtDrgCkrjqta9TaYDw6K
WQdtKaebVSGu94F/Q4KLu0+aN82Tl/Am2jzTip7Tdm3oRv/8Hj1RA8W9YomDagu/
w33aV3CEmnGyYF06kxqV+UjnEfcgvfI+7cM6uwZBGHHBZTz9jwbpfA4SxqHtC9ax
Rk0w6YZNGUficorF4LAFQzpFSHBfgPW0b6mtb026Z4Pdsa20G5hVi5JnuEuALoB4
Ld0D5qK8KFl9tKHvrsojQyyCYnlmDQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFCcV
3VTZrSzjbk+PqLfuZdq+qSNqMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC80ODJEOTNGMkYzNTExMUVGQjZERkI0NjI3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmsiEMA0GCSqGSIb3DQEB
CwUAA4IBAQALUMGgNTNWl+itY07ubU0efDo5eSJa97SczWCJtQPtHRz2x0WGFBXq
dpLEgDv3H9MQULY+0YaCeuLZNjyi8o+5qjU1zlVAva3nokso6yW/HzD5t1vDnqFe
dOsmUQNUpfm6sk+u7d+8JI5oXuNOGgjtS6h97PLb/3vwv22FhjShZ7mcBU1VuPQd
sLC1CU3NSi62TTg69HayW+/ExQIW2dD4OfqXQqSiioneCx2MExgE2olnBXB78Iqe
Ybz15EW6Itoa3CQuWzSn1txHRQAeRvG/ReQQVeMXNZ7dH32N2zoGbsIqtjBoUxz0
NrK1PNrJvgS1C9h7+aW4PDL/g5ZkmOIm
-----END CERTIFICATE-----
Generated at Fri May 9 06:32:47 2025 by rpki-client