Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/48BE2A54F2D211EFA7FEA27D762E951A.roa
File: 48BE2A54F2D211EFA7FEA27D762E951A.roa (raw, json)
Hash identifier: JPsLZWEK7ZOHBe18AK7DoK3dLHmWVOwdxnUx+JxJ9X0=
Subject key identifier: 2F:8B:99:53:13:31:5C:75:5A:EE:55:A5:A6:7D:AA:88:26:77:BD:77
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 012CC3
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/48BE2A54F2D211EFA7FEA27D762E951A.roa
Signing time: Mon 24 Feb 2025 17:10:45 +0000
ROA not before: Mon 24 Feb 2025 17:10:41 +0000
ROA not after: Sat 29 Mar 2025 17:10:41 +0000
asID: 203020
IP address blocks: 156.225.69.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 76995 (0x12cc3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Feb 24 17:10:41 2025 GMT
Not After : Mar 29 17:10:41 2025 GMT
Subject: CN=67bca815-4f05
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:0e:fd:54:81:dd:68:26:3c:24:0c:df:05:c8:
96:bf:e0:e8:c4:ec:47:ac:0c:61:53:9c:d1:0f:2d:
a2:3f:8b:27:da:af:7b:6e:48:57:60:95:dc:70:07:
7d:8b:c8:9c:60:76:4f:b2:59:4f:6d:9f:99:59:7a:
91:f5:0f:bc:00:f6:86:a6:20:cd:85:93:4f:03:69:
d1:65:6d:e7:37:54:6d:01:02:0b:c4:24:9a:e3:12:
86:b7:e9:cf:32:8c:a1:d1:60:74:cf:8d:ca:47:c9:
36:69:c1:47:9b:4d:2f:c2:08:5d:f0:6f:ee:b1:8a:
18:6c:f8:b8:fd:55:07:b1:d7:16:30:8d:3b:4a:30:
de:a0:fc:ce:f5:6d:a9:90:dd:6a:65:61:d0:a4:21:
6c:dd:63:a5:d3:49:0a:61:b8:a5:d5:f6:7c:47:36:
e6:a4:a7:b5:94:b4:5d:83:d0:28:84:a0:0f:ce:48:
0f:61:2a:93:49:69:27:7d:21:66:08:ab:43:a1:ac:
ac:c8:c5:c2:0c:3a:91:d7:02:7d:6f:21:38:48:66:
90:99:cd:2f:e3:91:31:30:6f:40:18:11:34:49:dc:
8b:d7:45:a3:89:eb:01:14:0e:77:27:7d:3f:87:fa:
82:e9:e0:d3:18:26:e5:94:67:80:61:41:b0:c7:66:
91:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:8B:99:53:13:31:5C:75:5A:EE:55:A5:A6:7D:AA:88:26:77:BD:77
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/48BE2A54F2D211EFA7FEA27D762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.225.69.0/24
Signature Algorithm: sha256WithRSAEncryption
5c:60:f8:ca:69:a5:e6:d5:ce:c9:30:40:67:88:70:82:ef:75:
a1:d8:66:30:51:13:b1:3c:df:e4:e9:52:86:1e:f7:27:f9:83:
cb:1c:37:9b:64:93:d6:c2:15:07:11:e4:18:1d:f6:a8:b6:d5:
c3:66:d2:01:6f:b6:c9:29:69:c6:7e:c1:e0:5b:40:8f:25:ba:
30:4a:05:99:ba:5c:40:39:57:19:c3:ba:c1:e2:63:b8:ce:e8:
82:59:d3:00:a0:5d:c3:b8:97:6c:39:5f:e6:22:5a:e8:b4:23:
72:0d:48:e3:d1:db:c3:ff:9b:ff:e9:19:74:7c:cd:ff:5f:a9:
84:da:b6:f7:d2:fb:1d:7b:83:b0:35:10:53:55:30:d2:71:d6:
8a:7e:a0:53:bf:35:07:18:65:4e:ce:65:65:58:0a:df:c5:b2:
cc:0e:1c:e2:6b:c9:e6:99:6b:8d:0d:9d:40:ab:e6:1a:41:a0:
45:24:7b:da:d8:73:9e:43:4e:17:07:11:d2:6c:27:bb:5d:7d:
29:ca:c6:2a:87:0c:f2:ab:e3:bb:ed:2e:4f:24:d6:21:75:10:
8d:b8:fc:ac:0f:d4:91:ea:aa:d7:2a:cb:e6:9d:81:a1:e0:0e:
6e:47:fc:8c:77:5d:c0:80:f0:80:47:3f:54:ff:ec:97:bc:bc:
07:20:54:df
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDASzDMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMjI0MTcxMDQxWhcNMjUwMzI5MTcxMDQxWjAYMRYw
FAYDVQQDEw02N2JjYTgxNS00ZjA1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA7A79VIHdaCY8JAzfBciWv+DoxOxHrAxhU5zRDy2iP4sn2q97bkhXYJXc
cAd9i8icYHZPsllPbZ+ZWXqR9Q+8APaGpiDNhZNPA2nRZW3nN1RtAQILxCSa4xKG
t+nPMoyh0WB0z43KR8k2acFHm00vwghd8G/usYoYbPi4/VUHsdcWMI07SjDeoPzO
9W2pkN1qZWHQpCFs3WOl00kKYbil1fZ8RzbmpKe1lLRdg9AohKAPzkgPYSqTSWkn
fSFmCKtDoaysyMXCDDqR1wJ9byE4SGaQmc0v45ExMG9AGBE0SdyL10WjiesBFA53
J30/h/qC6eDTGCbllGeAYUGwx2aRPwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFC+L
mVMTMVx1Wu5VpaZ9qogmd713MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC80OEJFMkE1NEYyRDIxMUVGQTdGRUEyN0Q3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOFFMA0GCSqGSIb3DQEBCwUA
A4IBAQBcYPjKaaXm1c7JMEBniHCC73Wh2GYwUROxPN/k6VKGHvcn+YPLHDebZJPW
whUHEeQYHfaottXDZtIBb7bJKWnGfsHgW0CPJbowSgWZulxAOVcZw7rB4mO4zuiC
WdMAoF3DuJdsOV/mIlrotCNyDUjj0dvD/5v/6Rl0fM3/X6mE2rb30vsde4OwNRBT
VTDScdaKfqBTvzUHGGVOzmVlWArfxbLMDhzia8nmmWuNDZ1Aq+YaQaBFJHva2HOe
Q04XBxHSbCe7XX0pysYqhwzyq+O77S5PJNYhdRCNuPysD9SR6qrXKsvmnYGh4A5u
R/yMd13AgPCARz9U/+yXvLwHIFTf
-----END CERTIFICATE-----
Generated at Sat Apr 12 05:08:34 2025 by rpki-client