Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/4D038560F17311EFA5844D86762E951A.roa
File: 4D038560F17311EFA5844D86762E951A.roa (raw, json)
Hash identifier: Ofbg2nx0olc956sxUVbMTFrzFWkskNejuy8sgHaKkU8=
Subject key identifier: 3A:3B:E3:7E:25:AA:89:D7:2B:13:81:8B:65:46:EC:F1:59:9B:73:F3
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 0129CE
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/4D038560F17311EFA5844D86762E951A.roa
Signing time: Sat 22 Feb 2025 23:18:19 +0000
ROA not before: Sat 22 Feb 2025 23:18:15 +0000
ROA not after: Fri 04 Apr 2025 23:18:15 +0000
asID: 21859
IP address blocks: 156.225.8.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 76238 (0x129ce)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Feb 22 23:18:15 2025 GMT
Not After : Apr 4 23:18:15 2025 GMT
Subject: CN=67ba5b3b-d60e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:fe:b1:08:2d:41:59:ba:89:19:95:df:ba:b5:ec:
c5:94:7a:c8:f8:42:b6:00:8a:32:59:32:cd:a3:d8:
2a:f5:fc:e0:ba:eb:72:10:31:bb:05:af:06:db:ba:
13:0a:41:3a:77:36:fb:0e:a1:28:95:7b:f0:c3:46:
0a:20:f5:e0:5a:e8:35:e2:8f:26:c6:99:8b:2d:0f:
7f:b0:e3:b6:50:74:e4:b3:77:2b:b4:b0:eb:d6:45:
6f:20:12:e9:32:f0:3f:19:cb:05:48:19:f3:c4:b7:
41:17:b4:ec:9c:47:73:f7:27:41:bc:ab:a5:6b:27:
a8:73:35:89:92:0e:d5:54:b4:82:4b:fb:9f:ff:4a:
79:f7:6c:9d:ed:51:b6:ed:07:48:b3:7f:25:ff:55:
16:cc:0a:3e:8d:64:2a:42:e5:b3:4d:f9:06:f3:14:
8d:b9:29:2d:d3:c0:ee:aa:9d:b0:49:7d:6d:8c:4f:
ad:5c:84:9d:f2:8e:2b:22:32:87:5d:30:d2:f8:60:
02:90:91:6d:5e:2e:e1:6e:f8:79:de:2c:6a:e5:64:
50:06:97:81:64:46:d5:12:13:2b:8d:0f:a5:e0:ea:
c8:5e:0a:5a:41:14:60:75:17:6b:9f:74:f7:00:dd:
b9:2f:95:8c:43:65:5c:ee:f5:45:0b:4e:be:e1:87:
58:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:3B:E3:7E:25:AA:89:D7:2B:13:81:8B:65:46:EC:F1:59:9B:73:F3
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/4D038560F17311EFA5844D86762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.225.8.0/24
Signature Algorithm: sha256WithRSAEncryption
6f:22:09:ac:d0:99:fd:96:f8:b3:bd:16:7b:39:1c:99:f1:c3:
a2:ad:c3:2e:fe:2a:b9:66:1a:22:5f:d0:c6:da:18:49:88:3d:
3c:50:33:dc:2e:c5:c7:9b:22:c6:f4:1d:db:d8:28:2b:c9:8d:
1e:84:6b:c5:98:61:52:b8:87:33:62:87:8a:86:7d:da:dc:6f:
73:32:65:f8:c1:79:ad:ae:f3:16:37:a5:68:ed:3e:2e:db:16:
80:72:24:fb:52:b9:da:a8:3f:4a:5a:3b:ac:5a:dc:10:a8:ad:
b4:5c:a4:43:3d:0d:85:a2:a5:a0:f3:08:a5:ca:15:cf:c9:e5:
21:4a:7d:07:de:aa:09:6e:ea:32:93:33:d4:0b:66:c3:8c:4a:
32:6b:57:25:8c:92:57:a2:65:f2:ee:7c:f1:96:3e:06:36:f6:
99:00:f8:94:9f:39:9c:41:f4:bd:bf:24:f1:be:c1:17:86:45:
d0:29:31:de:d7:60:79:ac:88:86:b7:14:a7:59:b9:bc:58:56:
33:6c:93:03:4e:0c:81:a0:ff:d4:6e:35:12:d2:18:d0:eb:e4:
50:8f:87:51:f7:1f:ba:d6:07:27:78:86:5c:54:56:ae:0b:dc:
ab:9a:14:28:09:5c:f5:53:5f:b1:c1:b6:d7:84:83:24:93:2b:
1c:1b:33:ea
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDASnOMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMjIyMjMxODE1WhcNMjUwNDA0MjMxODE1WjAYMRYw
FAYDVQQDEw02N2JhNWIzYi1kNjBlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA/rEILUFZuokZld+6tezFlHrI+EK2AIoyWTLNo9gq9fzguutyEDG7Ba8G
27oTCkE6dzb7DqEolXvww0YKIPXgWug14o8mxpmLLQ9/sOO2UHTks3crtLDr1kVv
IBLpMvA/GcsFSBnzxLdBF7TsnEdz9ydBvKulayeoczWJkg7VVLSCS/uf/0p592yd
7VG27QdIs38l/1UWzAo+jWQqQuWzTfkG8xSNuSkt08Duqp2wSX1tjE+tXISd8o4r
IjKHXTDS+GACkJFtXi7hbvh53ixq5WRQBpeBZEbVEhMrjQ+l4OrIXgpaQRRgdRdr
n3T3AN25L5WMQ2Vc7vVFC06+4YdY6QIDAQABo4ICojCCAp4wHQYDVR0OBBYEFDo7
434lqonXKxOBi2VG7PFZm3PzMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC80RDAzODU2MEYxNzMxMUVGQTU4NDREODY3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOEIMA0GCSqGSIb3DQEBCwUA
A4IBAQBvIgms0Jn9lvizvRZ7ORyZ8cOircMu/iq5ZhoiX9DG2hhJiD08UDPcLsXH
myLG9B3b2CgryY0ehGvFmGFSuIczYoeKhn3a3G9zMmX4wXmtrvMWN6Vo7T4u2xaA
ciT7UrnaqD9KWjusWtwQqK20XKRDPQ2FoqWg8wilyhXPyeUhSn0H3qoJbuoykzPU
C2bDjEoya1cljJJXomXy7nzxlj4GNvaZAPiUnzmcQfS9vyTxvsEXhkXQKTHe12B5
rIiGtxSnWbm8WFYzbJMDTgyBoP/UbjUS0hjQ6+RQj4dR9x+61gcneIZcVFauC9yr
mhQoCVz1U1+xwbbXhIMkkyscGzPq
-----END CERTIFICATE-----
Generated at Sat Apr 5 09:18:54 2025 by rpki-client