Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/4758EEA2FA7E11EF960A5B58762E951A.roa
File: 4758EEA2FA7E11EF960A5B58762E951A.roa (raw, json)
Hash identifier: LqAn/ufQr5rMAvVuLzUS6T8FO6AYoQ5xjBCbAMYUllA=
Subject key identifier: 0A:A7:53:B2:8A:51:65:80:D1:06:5B:BC:2B:66:E2:4F:43:75:38:0B
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 0143B9
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/4758EEA2FA7E11EF960A5B58762E951A.roa
Signing time: Thu 06 Mar 2025 11:29:34 +0000
ROA not before: Thu 06 Mar 2025 11:29:30 +0000
ROA not after: Wed 19 Mar 2025 11:29:30 +0000
asID: 39600
IP address blocks: 156.237.121.0/24 maxlen: 24
156.237.122.0/24 maxlen: 24
156.237.123.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 82873 (0x143b9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Mar 6 11:29:30 2025 GMT
Not After : Mar 19 11:29:30 2025 GMT
Subject: CN=67c9871e-30a7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:b1:df:65:38:a9:d8:a7:cd:88:ef:bf:18:65:
5e:2e:35:e9:26:c0:d4:40:21:a8:ae:fb:61:9b:87:
75:e3:28:cd:21:8a:f6:a7:e0:20:05:43:7a:e8:d1:
5b:83:b2:8a:10:5d:af:58:6c:0a:7a:96:43:6d:28:
da:24:54:2a:a3:15:7d:46:cd:ac:52:96:9b:3e:dc:
0b:f9:b3:04:8b:59:42:58:d2:e2:20:ce:7f:5d:6c:
62:8a:dd:96:6c:35:fb:98:f6:29:2a:a7:b3:49:0a:
6f:a5:e5:87:b9:ee:7c:be:22:61:fb:c9:82:02:b7:
b1:88:11:a0:7a:ff:7f:4f:7d:b2:49:bf:ba:03:1d:
55:cc:6f:9a:4d:b4:2e:b2:5f:5f:79:81:24:b0:dc:
71:05:9c:23:66:62:26:a2:98:c1:6c:c9:42:c4:ca:
1f:47:45:70:dd:fe:24:0f:cf:b6:5a:ac:5e:85:61:
24:9b:b9:1f:5b:5f:a2:3f:83:09:a7:33:29:cc:82:
cf:b5:e3:a8:33:b0:74:32:43:a9:6a:c5:5c:b8:e0:
82:79:6d:a3:c7:bb:77:55:ce:53:af:55:92:73:d7:
da:66:f1:08:15:36:8f:1a:93:f3:ae:a2:ca:ac:38:
cc:78:e3:e0:9e:52:b1:16:e2:eb:f3:b0:4c:ff:ee:
62:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:A7:53:B2:8A:51:65:80:D1:06:5B:BC:2B:66:E2:4F:43:75:38:0B
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/4758EEA2FA7E11EF960A5B58762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.237.121.0-156.237.123.255
Signature Algorithm: sha256WithRSAEncryption
b6:55:7c:cf:93:1a:40:fc:71:25:1f:d8:57:bc:cf:4f:f4:aa:
47:52:bc:46:62:e4:2f:0d:a7:79:66:d4:a7:20:52:b9:bb:58:
91:64:08:58:b6:fa:e4:c6:bb:80:61:7a:a4:6b:68:0a:91:9d:
4e:01:3f:91:5a:66:e6:ad:fc:10:3b:74:d9:95:cd:69:9a:84:
bc:68:c1:5e:02:d8:fc:44:b8:1b:48:ea:59:3c:32:fd:b2:b3:
85:22:38:f5:de:b3:2f:66:ff:f3:2c:80:ac:39:56:a6:b9:3b:
df:47:31:e4:3f:fd:de:64:98:99:a2:d0:85:53:5b:33:49:69:
85:d7:a8:ff:3e:07:f8:04:cc:c4:1a:8a:43:39:d8:c6:7a:18:
29:24:6e:bf:26:b0:42:c6:b1:da:cb:fd:ef:78:51:e7:1f:52:
ef:1e:c9:b9:b3:d4:6a:a9:2f:d1:46:59:12:6c:5a:6b:b2:5c:
68:c5:af:af:11:a5:ce:fc:c3:65:53:b6:8a:ab:32:8a:a3:2c:
d0:e9:07:00:57:b8:f9:6d:0a:11:7e:a3:b8:c3:75:56:df:03:
0f:dc:61:a5:6e:05:dc:80:27:2d:41:68:c3:40:e1:84:d7:a1:
1c:22:77:45:99:df:5f:72:3f:e0:4d:05:50:a7:a7:03:4b:9d:
6f:54:21:2b
-----BEGIN CERTIFICATE-----
MIIFiTCCBHGgAwIBAgIDAUO5MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMzA2MTEyOTMwWhcNMjUwMzE5MTEyOTMwWjAYMRYw
FAYDVQQDEw02N2M5ODcxZS0zMGE3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAybHfZTip2KfNiO+/GGVeLjXpJsDUQCGorvthm4d14yjNIYr2p+AgBUN6
6NFbg7KKEF2vWGwKepZDbSjaJFQqoxV9Rs2sUpabPtwL+bMEi1lCWNLiIM5/XWxi
it2WbDX7mPYpKqezSQpvpeWHue58viJh+8mCArexiBGgev9/T32ySb+6Ax1VzG+a
TbQusl9feYEksNxxBZwjZmImopjBbMlCxMofR0Vw3f4kD8+2WqxehWEkm7kfW1+i
P4MJpzMpzILPteOoM7B0MkOpasVcuOCCeW2jx7t3Vc5Tr1WSc9faZvEIFTaPGpPz
rqLKrDjMeOPgnlKxFuLr87BM/+5iFQIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFAqn
U7KKUWWA0QZbvCtm4k9DdTgLMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC80NzU4RUVBMkZBN0UxMUVGOTYwQTVCNTg3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBACc7XkDBAKc7XgwDQYJKoZI
hvcNAQELBQADggEBALZVfM+TGkD8cSUf2Fe8z0/0qkdSvEZi5C8Np3lm1KcgUrm7
WJFkCFi2+uTGu4BheqRraAqRnU4BP5FaZuat/BA7dNmVzWmahLxowV4C2PxEuBtI
6lk8Mv2ys4UiOPXesy9m//MsgKw5Vqa5O99HMeQ//d5kmJmi0IVTWzNJaYXXqP8+
B/gEzMQaikM52MZ6GCkkbr8msELGsdrL/e94UecfUu8eybmz1GqpL9FGWRJsWmuy
XGjFr68Rpc78w2VTtoqrMoqjLNDpBwBXuPltChF+o7jDdVbfAw/cYaVuBdyAJy1B
aMNA4YTXoRwid0WZ319yP+BNBVCnpwNLnW9UISs=
-----END CERTIFICATE-----
Generated at Sat May 10 05:12:53 2025 by rpki-client