Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/5451EC8C393D11F0B71E2D88DAE4EC9C.roa
File: 5451EC8C393D11F0B71E2D88DAE4EC9C.roa (raw, json)
Hash identifier: 0uNHN3xCHlxAmhyq9ZyGWbt3AnSyp7MscdUtfHSdsXw=
Subject key identifier: CE:63:9A:4C:65:4F:5B:5A:BC:58:45:9E:DD:FF:C6:23:A0:CE:14:A6
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 015777
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/5451EC8C393D11F0B71E2D88DAE4EC9C.roa
Signing time: Sun 25 May 2025 07:53:22 +0000
ROA not before: Sun 25 May 2025 07:53:17 +0000
ROA not after: Mon 02 Jun 2025 07:53:17 +0000
asID: 55020
IP address blocks: 156.224.16.0/23 maxlen: 24
156.224.18.0/23 maxlen: 24
156.224.20.0/22 maxlen: 24
156.224.24.0/22 maxlen: 24
156.224.28.0/23 maxlen: 24
156.224.30.0/23 maxlen: 24
156.224.63.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 87927 (0x15777)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: May 25 07:53:17 2025 GMT
Not After : Jun 2 07:53:17 2025 GMT
Subject: CN=6832cc72-c40c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:b8:b0:86:2d:4b:ae:04:9a:d6:3b:b8:59:11:
4a:2a:47:17:5d:7b:2e:e4:9c:d6:c7:2c:98:a0:c4:
bb:9b:fe:ee:14:48:b3:f7:89:10:7f:60:21:5b:45:
06:08:df:a9:c3:17:20:9b:49:51:ca:a5:3b:da:9a:
28:10:ef:96:80:31:df:a5:ae:a0:f0:cb:0a:8f:f4:
3b:0c:cc:09:ca:a7:c6:fc:b0:24:05:27:10:02:68:
85:f2:02:6f:67:83:ca:40:1d:d8:3a:63:dd:c6:58:
c5:e3:2c:59:cf:23:c9:58:08:9d:ab:05:15:1f:69:
a6:a7:4b:e7:d8:50:fa:45:dd:bd:4a:b4:e2:1f:63:
08:a6:9e:54:9d:0c:7a:25:07:4f:d8:61:0e:6b:71:
e8:a6:0f:55:f7:e1:d2:27:70:70:e9:75:df:46:45:
06:3a:46:9f:0c:7a:b8:81:61:c5:04:28:3d:7b:90:
c8:65:d5:5f:57:0a:a0:d0:87:17:03:4d:2e:cc:eb:
66:bb:02:3f:03:22:da:20:2f:70:92:c2:ee:9d:99:
c2:d4:63:d5:40:9e:1c:58:4a:75:c0:19:75:da:78:
92:da:3b:78:59:3b:19:f7:8f:f2:5d:f5:f3:0f:ff:
73:45:c8:7d:8d:1f:70:8c:cc:a6:12:fb:e9:59:fb:
c7:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:63:9A:4C:65:4F:5B:5A:BC:58:45:9E:DD:FF:C6:23:A0:CE:14:A6
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/5451EC8C393D11F0B71E2D88DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.224.16.0/20
156.224.63.0/24
Signature Algorithm: sha256WithRSAEncryption
34:6f:08:14:24:67:9c:c2:df:27:f6:5e:cc:89:51:e6:99:2f:
55:a7:58:8e:2b:a4:95:88:03:72:80:70:da:01:af:d5:68:e3:
b3:ef:41:6d:03:d4:ab:71:38:db:a2:61:df:1f:9f:71:1d:d8:
cb:ad:b0:39:34:fc:91:47:bd:c2:df:70:af:e3:b7:d5:da:8a:
a8:48:e9:fc:14:a8:05:8e:1a:8b:68:e1:bb:38:a3:7b:94:4f:
fb:7e:43:da:ce:f9:16:5f:3c:d9:01:12:40:08:b5:66:6b:cd:
35:04:81:a5:bf:f9:2d:cd:7d:07:bd:0b:d2:72:fd:3e:99:68:
30:f8:e7:e3:c5:ff:6e:21:02:28:e3:a3:7b:d9:6d:4a:34:46:
83:a4:44:c7:6b:24:3b:8f:75:33:9e:ce:05:b6:fa:8a:a1:29:
16:ad:04:74:87:b2:dd:b8:43:53:4f:7d:11:cc:9d:6d:45:0b:
ea:28:7a:a0:6d:ac:36:5e:66:b4:d7:ed:55:1e:30:0e:ef:51:
f6:4c:b8:93:9a:0b:c8:80:26:b3:1d:41:7f:33:0d:10:e4:f5:
7c:0e:d1:88:af:6b:05:ec:06:28:72:db:cf:b4:9b:ca:a8:ed:
fd:76:cd:8d:0d:75:f8:3d:dc:f0:55:fb:43:c3:c7:41:36:a4:
e5:88:6d:8a
-----BEGIN CERTIFICATE-----
MIIFhzCCBG+gAwIBAgIDAVd3MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNTI1MDc1MzE3WhcNMjUwNjAyMDc1MzE3WjAYMRYw
FAYDVQQDEw02ODMyY2M3Mi1jNDBjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAsbiwhi1LrgSa1ju4WRFKKkcXXXsu5JzWxyyYoMS7m/7uFEiz94kQf2Ah
W0UGCN+pwxcgm0lRyqU72pooEO+WgDHfpa6g8MsKj/Q7DMwJyqfG/LAkBScQAmiF
8gJvZ4PKQB3YOmPdxljF4yxZzyPJWAidqwUVH2mmp0vn2FD6Rd29SrTiH2MIpp5U
nQx6JQdP2GEOa3Hopg9V9+HSJ3Bw6XXfRkUGOkafDHq4gWHFBCg9e5DIZdVfVwqg
0IcXA00uzOtmuwI/AyLaIC9wksLunZnC1GPVQJ4cWEp1wBl12niS2jt4WTsZ94/y
XfXzD/9zRch9jR9wjMymEvvpWfvHIQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFM5j
mkxlT1tavFhFnt3/xiOgzhSmMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC81NDUxRUM4QzM5M0QxMUYwQjcxRTJEODhEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQEnOAQAwQAnOA/MA0GCSqGSIb3
DQEBCwUAA4IBAQA0bwgUJGecwt8n9l7MiVHmmS9Vp1iOK6SViANygHDaAa/VaOOz
70FtA9SrcTjbomHfH59xHdjLrbA5NPyRR73C33Cv47fV2oqoSOn8FKgFjhqLaOG7
OKN7lE/7fkPazvkWXzzZARJACLVma801BIGlv/ktzX0HvQvScv0+mWgw+Ofjxf9u
IQIo46N72W1KNEaDpETHayQ7j3Uzns4FtvqKoSkWrQR0h7LduENTT30RzJ1tRQvq
KHqgbaw2Xma01+1VHjAO71H2TLiTmgvIgCazHUF/Mw0Q5PV8DtGIr2sF7AYoctvP
tJvKqO39ds2NDXX4PdzwVftDw8dBNqTliG2K
-----END CERTIFICATE-----
Generated at Tue Jun 3 08:26:54 2025 by rpki-client