Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/FF1DAE9437F311F0803E959CDAE4EC9C.roa
File: FF1DAE9437F311F0803E959CDAE4EC9C.roa (raw, json)
Hash identifier: hk+YBzRnir3BhXAn9ymYIWUApTT2sdBG7fI1jUYstgs=
Subject key identifier: 6E:52:5B:EE:19:3B:9C:31:52:E8:84:93:06:31:57:95:3F:4A:17:E6
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 018233
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/FF1DAE9437F311F0803E959CDAE4EC9C.roa
Signing time: Fri 23 May 2025 16:35:55 +0000
ROA not before: Fri 23 May 2025 16:35:50 +0000
ROA not after: Sat 14 Jun 2025 16:35:50 +0000
asID: 133180
IP address blocks: 154.82.32.0/19 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 98867 (0x18233)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: May 23 16:35:50 2025 GMT
Not After : Jun 14 16:35:50 2025 GMT
Subject: CN=6830a3eb-3f6d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:13:40:bd:a9:8a:a6:b5:ee:cd:eb:84:40:07:
69:38:d5:85:28:ed:bd:aa:ca:d1:66:5a:0b:cc:1e:
fb:76:bb:14:2d:0c:a1:f1:ea:40:a4:39:ab:06:9d:
57:48:a2:2f:b1:f9:fe:a7:7f:3b:78:91:b6:9b:3c:
ee:98:37:dc:e7:14:87:79:9e:8a:9c:27:52:e4:ad:
64:29:42:26:0c:e6:b6:7a:1d:5a:99:d6:a9:93:59:
96:c1:6d:c2:4f:87:9d:ba:a4:32:b1:c7:21:51:d3:
d9:31:34:5b:a7:65:9b:f4:61:54:82:5d:13:c4:3d:
6f:1d:39:95:e6:5e:fa:c3:b5:48:b1:c0:3a:65:46:
34:4f:2e:8a:f5:ee:17:1f:0f:69:d0:15:97:26:26:
a4:e1:d5:6a:cd:1a:f0:c7:96:77:7f:5d:44:6f:ce:
07:ea:f3:11:00:4c:0d:91:1f:9a:8d:88:3b:30:1a:
1a:51:89:61:4c:c7:7a:69:85:a8:34:92:9c:59:24:
83:95:fb:b8:e9:c7:ab:57:43:45:bf:e2:8e:3d:4a:
01:7a:96:32:43:4e:a9:a4:bc:b3:52:e8:58:99:19:
9d:fc:35:29:f9:77:b7:6e:33:78:02:d7:9f:66:fc:
5d:36:0c:39:2a:8d:08:e4:0a:32:75:fa:42:3c:60:
ac:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:52:5B:EE:19:3B:9C:31:52:E8:84:93:06:31:57:95:3F:4A:17:E6
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/FF1DAE9437F311F0803E959CDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.82.32.0/19
Signature Algorithm: sha256WithRSAEncryption
b3:a7:75:0e:b0:80:7c:32:e0:b5:c5:8c:90:04:0c:41:5c:b6:
32:6b:3c:60:67:33:25:68:a2:88:a7:a0:2a:b1:f5:67:66:63:
45:18:93:54:2f:f4:dd:8d:21:54:00:ee:9c:18:7c:e6:2a:5b:
80:0c:f0:a9:06:8b:3f:01:29:75:5c:e0:b9:74:c1:78:53:fa:
bf:cd:13:98:ed:bc:03:49:c7:3c:58:59:40:4f:8a:44:b7:38:
26:dc:76:ef:ac:eb:ce:5d:c2:57:30:eb:5e:7d:63:ca:fe:03:
51:ea:dd:0e:30:4b:c8:a1:04:9c:7b:e3:67:d3:2a:15:61:74:
5e:fb:9e:e2:72:0a:47:cf:a9:01:5f:0e:c5:d0:8b:ea:05:1e:
24:46:55:51:29:e0:2e:96:b2:05:12:69:c6:3b:ae:91:a3:1f:
e6:93:48:8f:95:04:6f:81:93:ba:2b:2d:d6:81:bb:0a:ec:83:
39:25:b9:2c:f0:a1:c2:77:fb:7a:b9:91:cb:4d:13:b6:c7:17:
f5:d4:fa:18:c3:45:0a:cb:04:26:73:4d:4d:18:03:c5:7e:a6:
00:52:20:ce:50:f7:bf:c2:33:bf:09:9d:89:0c:7a:82:5e:72:
4a:25:fe:a5:27:9f:4f:47:6d:6f:48:6f:8c:20:f2:1c:1e:60:
12:1b:b0:1a
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAYIzMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNTIzMTYzNTUwWhcNMjUwNjE0MTYzNTUwWjAYMRYw
FAYDVQQDEw02ODMwYTNlYi0zZjZkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA6BNAvamKprXuzeuEQAdpONWFKO29qsrRZloLzB77drsULQyh8epApDmr
Bp1XSKIvsfn+p387eJG2mzzumDfc5xSHeZ6KnCdS5K1kKUImDOa2eh1amdapk1mW
wW3CT4eduqQyscchUdPZMTRbp2Wb9GFUgl0TxD1vHTmV5l76w7VIscA6ZUY0Ty6K
9e4XHw9p0BWXJiak4dVqzRrwx5Z3f11Eb84H6vMRAEwNkR+ajYg7MBoaUYlhTMd6
aYWoNJKcWSSDlfu46cerV0NFv+KOPUoBepYyQ06ppLyzUuhYmRmd/DUp+Xe3bjN4
AtefZvxdNgw5Ko0I5AoydfpCPGCszwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFG5S
W+4ZO5wxUuiEkwYxV5U/ShfmMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9GRjFEQUU5NDM3RjMxMUYwODAzRTk1OUNEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQFmlIgMA0GCSqGSIb3DQEB
CwUAA4IBAQCzp3UOsIB8MuC1xYyQBAxBXLYyazxgZzMlaKKIp6AqsfVnZmNFGJNU
L/TdjSFUAO6cGHzmKluADPCpBos/ASl1XOC5dMF4U/q/zROY7bwDScc8WFlAT4pE
tzgm3HbvrOvOXcJXMOtefWPK/gNR6t0OMEvIoQSce+Nn0yoVYXRe+57icgpHz6kB
Xw7F0IvqBR4kRlVRKeAulrIFEmnGO66Rox/mk0iPlQRvgZO6Ky3WgbsK7IM5Jbks
8KHCd/t6uZHLTRO2xxf11PoYw0UKywQmc01NGAPFfqYAUiDOUPe/wjO/CZ2JDHqC
XnJKJf6lJ59PR21vSG+MIPIcHmASG7Aa
-----END CERTIFICATE-----
Generated at Sun Jun 15 04:50:03 2025 by rpki-client