Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/48B7CB7AF50511EF97072D9E762E951A.roa
File: 48B7CB7AF50511EF97072D9E762E951A.roa (raw, json)
Hash identifier: ITYVblnh2a9y2RhNj2OQyxjv0OW2uYdpEbKKkw+Zyw0=
Subject key identifier: 85:EA:C3:BA:E6:1B:2D:37:59:CF:16:28:D5:46:49:1F:40:46:9E:35
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 016837
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/48B7CB7AF50511EF97072D9E762E951A.roa
Signing time: Thu 27 Feb 2025 12:20:52 +0000
ROA not before: Thu 27 Feb 2025 12:20:48 +0000
ROA not after: Wed 26 Mar 2025 12:20:48 +0000
asID: 62240
IP address blocks: 154.195.108.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 92215 (0x16837)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Feb 27 12:20:48 2025 GMT
Not After : Mar 26 12:20:48 2025 GMT
Subject: CN=67c058a3-3ac6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:cb:04:4b:d4:35:76:74:53:9d:6a:e1:30:75:
96:67:69:f4:59:dc:60:7f:4b:a9:45:ed:52:26:71:
26:52:35:df:2d:67:72:58:d4:c4:4a:7c:aa:fe:f1:
32:cd:6f:3b:af:5f:8c:98:99:f8:41:f0:26:08:7c:
d0:91:18:76:7e:ef:44:9f:66:65:ee:77:9c:38:b3:
7d:d7:72:6f:13:6a:31:e6:f0:0e:f7:be:9a:5d:74:
99:a4:f0:35:1a:4f:44:ac:47:4d:78:84:ef:3d:34:
a4:54:3f:52:3a:78:22:01:01:bd:9c:20:23:8e:e0:
1f:3a:15:d3:ef:71:03:cd:24:ac:94:fb:52:5a:52:
b3:a0:ea:5d:6b:99:f0:e5:59:23:5a:2b:8d:06:20:
f3:ee:28:a7:10:b4:4b:ca:f0:33:72:2e:8b:e8:25:
31:8a:67:5c:a9:bf:d4:78:bd:b1:4f:0e:7c:1d:d8:
42:34:76:f1:3b:14:ff:68:a7:6f:b2:83:c9:21:9a:
01:8e:d8:2f:04:ae:b9:59:56:dd:84:c8:1b:3a:3f:
c4:2c:79:0c:c0:99:9c:a7:89:ad:35:96:e9:64:18:
df:31:e1:88:58:9b:0a:8b:5a:2a:71:ab:b1:02:41:
f0:1a:a9:22:a7:6c:ad:0f:30:a4:58:35:a7:02:b6:
98:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:EA:C3:BA:E6:1B:2D:37:59:CF:16:28:D5:46:49:1F:40:46:9E:35
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/48B7CB7AF50511EF97072D9E762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.195.108.0/24
Signature Algorithm: sha256WithRSAEncryption
68:c2:f3:e6:77:10:4b:d8:1f:d9:0c:50:56:e2:5f:ba:01:d1:
43:47:04:8f:c6:b9:90:13:97:fc:e2:f9:b1:2c:94:b0:a7:af:
e4:a4:0e:e7:2b:09:16:53:03:53:17:fc:25:00:1f:a0:3a:a9:
6f:00:e5:dd:de:d7:98:0b:14:bb:bf:ba:c8:b3:68:08:07:16:
26:fc:15:c0:4b:06:93:7d:c1:f9:76:60:c0:36:bd:a5:cc:ea:
6f:f4:ed:a3:f7:64:1d:36:45:86:56:94:a0:d2:28:98:28:47:
38:64:3c:36:26:0d:64:6b:c4:a1:d8:4f:9a:f2:04:64:f5:92:
9a:16:a9:ba:97:7b:71:c3:de:dd:df:36:c7:eb:68:99:2f:4d:
9d:33:e5:e7:0d:10:24:0b:88:64:7a:17:b6:6b:5e:13:2f:a2:
7a:29:a6:56:d5:ce:36:45:a0:f6:ed:04:c8:87:5d:f9:53:81:
12:71:af:7c:d8:94:3e:b6:ef:f6:a7:12:9e:1b:1b:d1:43:41:
25:87:cc:55:ba:39:5a:25:c6:9b:48:c1:30:90:eb:af:54:e6:
4f:c6:35:4f:75:db:9a:57:e7:e2:4f:08:90:cf:69:47:dd:0b:
28:f6:b4:4c:2e:76:a4:be:e3:40:3a:e2:17:b7:d2:07:04:90:
07:65:49:c5
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAWg3MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMjI3MTIyMDQ4WhcNMjUwMzI2MTIyMDQ4WjAYMRYw
FAYDVQQDEw02N2MwNThhMy0zYWM2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA1MsES9Q1dnRTnWrhMHWWZ2n0Wdxgf0upRe1SJnEmUjXfLWdyWNTESnyq
/vEyzW87r1+MmJn4QfAmCHzQkRh2fu9En2Zl7necOLN913JvE2ox5vAO976aXXSZ
pPA1Gk9ErEdNeITvPTSkVD9SOngiAQG9nCAjjuAfOhXT73EDzSSslPtSWlKzoOpd
a5nw5VkjWiuNBiDz7iinELRLyvAzci6L6CUximdcqb/UeL2xTw58HdhCNHbxOxT/
aKdvsoPJIZoBjtgvBK65WVbdhMgbOj/ELHkMwJmcp4mtNZbpZBjfMeGIWJsKi1oq
cauxAkHwGqkip2ytDzCkWDWnAraY1QIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFIXq
w7rmGy03Wc8WKNVGSR9ARp41MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC80OEI3Q0I3QUY1MDUxMUVGOTcwNzJEOUU3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmsNsMA0GCSqGSIb3DQEB
CwUAA4IBAQBowvPmdxBL2B/ZDFBW4l+6AdFDRwSPxrmQE5f84vmxLJSwp6/kpA7n
KwkWUwNTF/wlAB+gOqlvAOXd3teYCxS7v7rIs2gIBxYm/BXASwaTfcH5dmDANr2l
zOpv9O2j92QdNkWGVpSg0iiYKEc4ZDw2Jg1ka8Sh2E+a8gRk9ZKaFqm6l3txw97d
3zbH62iZL02dM+XnDRAkC4hkehe2a14TL6J6KaZW1c42RaD27QTIh135U4ESca98
2JQ+tu/2pxKeGxvRQ0Elh8xVujlaJcabSMEwkOuvVOZPxjVPdduaV+fiTwiQz2lH
3Qso9rRMLnakvuNAOuIXt9IHBJAHZUnF
-----END CERTIFICATE-----
Generated at Fri May 9 06:27:31 2025 by rpki-client