Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/33ED67B0F5DA11EF8A9CCB54762E951A.roa
File: 33ED67B0F5DA11EF8A9CCB54762E951A.roa (raw, json)
Hash identifier: VahwtVDeg0rjmE8AlZJmhoYnOmXqf77ilY3gVBhuAOU=
Subject key identifier: 14:6B:50:3D:10:6D:3F:08:95:F1:F8:A5:57:82:74:EE:05:72:82:1A
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 013E00
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/33ED67B0F5DA11EF8A9CCB54762E951A.roa
Signing time: Fri 28 Feb 2025 13:44:59 +0000
ROA not before: Fri 28 Feb 2025 13:44:56 +0000
ROA not after: Sun 30 Mar 2025 13:44:56 +0000
asID: 203020
IP address blocks: 156.228.25.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 81408 (0x13e00)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Feb 28 13:44:56 2025 GMT
Not After : Mar 30 13:44:56 2025 GMT
Subject: CN=67c1bddb-00aa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:42:f4:59:95:28:9a:6d:f8:c4:4a:b9:cb:50:
80:03:38:a2:b3:00:a0:ff:33:9b:96:8e:6a:52:63:
d0:ed:fa:31:dd:fc:40:8c:32:96:d7:0d:e8:6b:25:
13:81:30:97:2c:83:c3:5f:19:ee:9b:2d:02:21:bc:
ee:0a:05:fe:ff:a9:5c:48:03:71:9a:28:b8:e1:9c:
f3:05:ae:18:87:4d:a9:cf:e0:55:b6:99:70:5d:42:
95:19:ac:51:c1:59:6b:46:e5:22:43:5a:73:95:30:
1f:2e:78:e2:16:03:0a:25:2f:cc:80:5e:36:a7:f9:
6c:84:93:c3:9a:8d:d9:86:43:75:0a:c2:e3:41:4f:
1b:4b:a4:3b:a7:4d:49:62:d5:2d:b9:2b:d7:f6:9a:
92:e1:f6:cf:bc:d6:3d:a7:a8:34:bf:ae:3d:d4:a6:
54:7e:f1:89:bb:1e:67:a6:dc:47:54:9e:de:8e:61:
15:1f:eb:32:35:aa:16:ca:8d:13:3d:22:96:ae:04:
73:7c:46:78:a4:6f:19:32:c7:6e:29:62:6c:84:06:
48:b3:50:65:18:a4:88:be:3c:7c:de:cc:33:53:88:
2f:09:7a:37:93:1a:2b:39:fb:ea:8a:b4:46:50:9a:
c6:4d:68:46:7e:eb:e5:fa:62:4f:38:ff:f6:7c:81:
35:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:6B:50:3D:10:6D:3F:08:95:F1:F8:A5:57:82:74:EE:05:72:82:1A
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/33ED67B0F5DA11EF8A9CCB54762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.228.25.0/24
Signature Algorithm: sha256WithRSAEncryption
25:86:5c:6a:65:7f:91:b5:78:b7:de:6e:d0:a3:e6:9a:72:d7:
1c:5d:bd:a3:dd:0e:2f:e4:39:51:ae:36:bc:66:c9:84:d2:bf:
d6:91:a9:bd:bb:f0:cf:39:78:29:0d:a2:6e:33:e7:02:4c:8b:
ea:39:87:ff:60:4a:26:7d:5d:6f:ea:3b:52:ea:fc:9b:0c:f3:
08:9d:ec:ba:a7:93:ac:bb:94:f5:83:e8:90:65:b4:a2:d0:1d:
82:50:fa:5e:eb:93:32:c3:cb:76:45:0c:2f:66:68:ab:4c:1b:
9a:ef:3a:54:13:e8:3e:dd:78:a9:18:a2:ed:49:05:eb:f8:77:
69:ba:3f:a8:04:95:ea:ce:c6:34:c4:8b:90:c0:1b:df:02:81:
da:df:0a:54:e5:8d:d5:eb:18:0a:c0:3d:c2:e1:7d:d5:ed:d1:
fd:41:94:63:91:b1:21:06:7e:4e:d1:ad:04:30:7f:6f:4f:25:
3a:0e:fe:af:36:47:19:a3:18:06:7b:a7:e3:e1:a5:63:fd:9b:
25:fd:b6:78:52:56:db:b3:f4:be:5e:f3:3b:0c:c1:2e:30:dc:
c6:72:d2:3a:a1:f6:85:c7:a5:ca:bd:71:84:32:06:03:15:d3:
52:ce:0f:6d:e6:1b:df:43:4d:d1:cf:3d:2d:c6:f7:f7:b8:74:
75:b2:13:ae
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAT4AMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMjI4MTM0NDU2WhcNMjUwMzMwMTM0NDU2WjAYMRYw
FAYDVQQDEw02N2MxYmRkYi0wMGFhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAn0L0WZUomm34xEq5y1CAAziiswCg/zOblo5qUmPQ7fox3fxAjDKW1w3o
ayUTgTCXLIPDXxnumy0CIbzuCgX+/6lcSANxmii44ZzzBa4Yh02pz+BVtplwXUKV
GaxRwVlrRuUiQ1pzlTAfLnjiFgMKJS/MgF42p/lshJPDmo3ZhkN1CsLjQU8bS6Q7
p01JYtUtuSvX9pqS4fbPvNY9p6g0v6491KZUfvGJux5nptxHVJ7ejmEVH+syNaoW
yo0TPSKWrgRzfEZ4pG8ZMsduKWJshAZIs1BlGKSIvjx83swzU4gvCXo3kxorOfvq
irRGUJrGTWhGfuvl+mJPOP/2fIE1SQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFBRr
UD0QbT8IlfH4pVeCdO4FcoIaMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8zM0VENjdCMEY1REExMUVGOEE5Q0NCNTQ3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOQZMA0GCSqGSIb3DQEBCwUA
A4IBAQAlhlxqZX+RtXi33m7Qo+aactccXb2j3Q4v5DlRrja8ZsmE0r/Wkam9u/DP
OXgpDaJuM+cCTIvqOYf/YEomfV1v6jtS6vybDPMIney6p5Osu5T1g+iQZbSi0B2C
UPpe65Myw8t2RQwvZmirTBua7zpUE+g+3XipGKLtSQXr+Hdpuj+oBJXqzsY0xIuQ
wBvfAoHa3wpU5Y3V6xgKwD3C4X3V7dH9QZRjkbEhBn5O0a0EMH9vTyU6Dv6vNkcZ
oxgGe6fj4aVj/Zsl/bZ4Ulbbs/S+XvM7DMEuMNzGctI6ofaFx6XKvXGEMgYDFdNS
zg9t5hvfQ03Rzz0txvf3uHR1shOu
-----END CERTIFICATE-----
Generated at Sat Apr 12 05:10:14 2025 by rpki-client