Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/DB9F4864070C11F090F02650762E951A.roa
File: DB9F4864070C11F090F02650762E951A.roa (raw, json)
Hash identifier: hi7Vabc9nWukT0/ulBrYLir2Gq16ZV+CRFCKbt6u+D0=
Subject key identifier: 0D:F0:42:D1:A3:9D:03:BC:05:74:C7:C3:BA:65:A2:8F:CB:2B:94:D9
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 014789
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/DB9F4864070C11F090F02650762E951A.roa
Signing time: Sat 22 Mar 2025 11:00:25 +0000
ROA not before: Sat 22 Mar 2025 11:00:21 +0000
ROA not after: Sun 30 Mar 2025 11:00:21 +0000
asID: 136970
IP address blocks: 156.236.64.0/24 maxlen: 24
156.236.65.0/24 maxlen: 24
156.236.67.0/24 maxlen: 24
156.236.68.0/24 maxlen: 24
156.236.69.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 83849 (0x14789)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Mar 22 11:00:21 2025 GMT
Not After : Mar 30 11:00:21 2025 GMT
Subject: CN=67de9849-7758
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:86:6b:7e:30:f6:32:13:58:9a:95:85:5a:1d:
27:01:b0:2b:fb:76:65:6b:a2:30:cc:b8:c9:6b:ff:
8d:27:8e:ee:a2:4d:66:dd:15:4c:b9:b1:a2:a2:ff:
5a:f6:9c:8d:65:25:5b:12:dd:9e:70:4b:99:46:49:
8b:f4:58:4d:99:cc:2a:b2:b2:64:2a:4f:e8:70:db:
db:46:e1:16:72:c0:50:31:9e:2b:25:9f:f5:96:3f:
45:66:5f:a7:b3:74:91:8a:18:37:34:11:f4:09:f4:
37:ac:4c:a2:00:91:2c:b3:29:a1:37:a1:5b:a9:d0:
7b:58:8f:fa:6f:ec:65:ab:3b:c9:b3:3b:b3:27:56:
b4:de:23:93:95:24:12:a2:ab:a8:a0:0e:81:64:7a:
71:9a:6c:52:b1:23:07:a2:37:54:82:65:34:c7:d9:
1b:e5:99:d7:7d:ca:3e:a3:18:12:d9:e2:22:09:f1:
d5:34:b7:a1:4b:58:d6:68:a7:27:1e:e0:38:0a:d0:
20:39:ec:e8:53:7b:e2:e0:0d:5e:68:05:20:61:a7:
d5:02:e6:72:dc:29:6e:8f:46:6f:a0:59:38:7f:64:
11:3d:e2:4f:23:37:d9:e1:61:56:c7:93:5a:e2:ff:
5e:da:66:44:ad:f5:c1:06:c0:c7:c8:08:5f:c0:e9:
91:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:F0:42:D1:A3:9D:03:BC:05:74:C7:C3:BA:65:A2:8F:CB:2B:94:D9
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/DB9F4864070C11F090F02650762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.236.64.0/23
156.236.67.0-156.236.69.255
Signature Algorithm: sha256WithRSAEncryption
ae:ce:46:51:d8:8b:a7:1c:0b:60:53:96:fc:bd:fe:be:da:82:
0a:5c:56:93:7c:01:94:48:8c:e3:57:c8:c4:41:b2:c1:66:5e:
9d:81:de:99:36:5d:1e:4a:62:bb:2d:be:f9:14:db:0f:14:c8:
70:55:b1:93:13:ed:6b:3a:e7:4d:3b:b5:63:d7:0d:7c:45:75:
81:59:0c:ba:71:c5:1e:f6:7e:fb:f7:ca:f1:1c:c9:42:21:9c:
00:d7:f8:4d:47:19:3c:bf:fa:a3:6a:15:4c:83:53:ea:b0:d2:
b8:b7:e8:f1:c6:86:53:34:9d:24:6a:63:42:c0:0e:4e:36:20:
74:99:2d:1e:85:1c:db:e7:9f:92:71:83:d6:01:34:89:23:6e:
23:1f:f5:41:1e:b8:d6:53:c2:c3:75:1e:7d:b7:80:d7:73:0d:
80:18:de:f3:95:ce:f6:ff:43:a9:95:bd:3d:52:81:ec:11:7b:
6b:99:8c:20:31:47:7a:e4:c9:b3:86:db:11:38:6c:f1:11:d5:
81:a3:47:53:77:35:a9:62:83:d7:87:0c:3f:1c:e3:41:05:6e:
04:3f:27:22:7e:a3:84:2d:3a:47:4f:5e:bd:b2:fa:d0:61:2b:
b9:77:46:e3:61:18:1d:d3:6c:61:4d:50:e0:21:c0:21:86:72:
9a:50:44:6e
-----BEGIN CERTIFICATE-----
MIIFjzCCBHegAwIBAgIDAUeJMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMzIyMTEwMDIxWhcNMjUwMzMwMTEwMDIxWjAYMRYw
FAYDVQQDEw02N2RlOTg0OS03NzU4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA1IZrfjD2MhNYmpWFWh0nAbAr+3Zla6IwzLjJa/+NJ47uok1m3RVMubGi
ov9a9pyNZSVbEt2ecEuZRkmL9FhNmcwqsrJkKk/ocNvbRuEWcsBQMZ4rJZ/1lj9F
Zl+ns3SRihg3NBH0CfQ3rEyiAJEssymhN6FbqdB7WI/6b+xlqzvJszuzJ1a03iOT
lSQSoquooA6BZHpxmmxSsSMHojdUgmU0x9kb5ZnXfco+oxgS2eIiCfHVNLehS1jW
aKcnHuA4CtAgOezoU3vi4A1eaAUgYafVAuZy3Cluj0ZvoFk4f2QRPeJPIzfZ4WFW
x5Na4v9e2mZErfXBBsDHyAhfwOmRMQIDAQABo4ICsDCCAqwwHQYDVR0OBBYEFA3w
QtGjnQO8BXTHw7ploo/LK5TZMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9EQjlGNDg2NDA3MEMxMUYwOTBGMDI2NTA3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQBnOxAMAwDBACc7EMDBAGc7EQw
DQYJKoZIhvcNAQELBQADggEBAK7ORlHYi6ccC2BTlvy9/r7aggpcVpN8AZRIjONX
yMRBssFmXp2B3pk2XR5KYrstvvkU2w8UyHBVsZMT7Ws65007tWPXDXxFdYFZDLpx
xR72fvv3yvEcyUIhnADX+E1HGTy/+qNqFUyDU+qw0ri36PHGhlM0nSRqY0LADk42
IHSZLR6FHNvnn5Jxg9YBNIkjbiMf9UEeuNZTwsN1Hn23gNdzDYAY3vOVzvb/Q6mV
vT1SgewRe2uZjCAxR3rkybOG2xE4bPER1YGjR1N3Nalig9eHDD8c40EFbgQ/JyJ+
o4QtOkdPXr2y+tBhK7l3RuNhGB3TbGFNUOAhwCGGcppQRG4=
-----END CERTIFICATE-----
Generated at Sat Apr 5 11:41:51 2025 by rpki-client