Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/5A6208C8FA7C11EF921B2B4A762E951A.roa
File: 5A6208C8FA7C11EF921B2B4A762E951A.roa (raw, json)
Hash identifier: 44Y5zbHPQQuqXiqr5vmbcQQd/zxdXW+eHKxjvdBJY28=
Subject key identifier: FA:FA:97:9D:9A:D4:0D:B0:88:10:73:7E:36:5C:00:76:0E:5F:E1:1E
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 0143B5
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/5A6208C8FA7C11EF921B2B4A762E951A.roa
Signing time: Thu 06 Mar 2025 11:15:47 +0000
ROA not before: Thu 06 Mar 2025 11:15:43 +0000
ROA not after: Wed 19 Mar 2025 11:15:43 +0000
asID: 39600
IP address blocks: 156.237.106.0/24 maxlen: 24
156.237.107.0/24 maxlen: 24
156.237.112.0/24 maxlen: 24
156.237.113.0/24 maxlen: 24
156.237.114.0/24 maxlen: 24
156.237.115.0/24 maxlen: 24
156.237.116.0/24 maxlen: 24
156.255.83.0/24 maxlen: 24
156.255.85.0/24 maxlen: 24
156.255.86.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 82869 (0x143b5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Mar 6 11:15:43 2025 GMT
Not After : Mar 19 11:15:43 2025 GMT
Subject: CN=67c983e3-d91c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:00:94:c5:84:38:79:63:48:b6:8a:d0:a4:a9:
48:06:ff:1a:b7:1a:4a:c4:19:6c:ef:8f:d5:3b:2e:
15:b3:f1:7f:c7:e8:20:20:8b:7e:ce:da:a8:69:77:
d8:ae:9c:6f:fc:2d:54:fe:1c:80:6d:70:92:09:f7:
e6:db:6a:9b:49:0f:df:6f:a5:58:4a:7a:0c:84:06:
c5:2e:d0:9c:49:a1:33:09:17:ef:1f:10:ad:b4:da:
38:b4:57:6c:60:f5:74:3e:f2:0f:4c:1b:a2:60:f3:
19:61:d0:17:51:db:51:44:a1:f0:7f:8f:8b:c0:0b:
f6:5e:3f:bf:cd:a5:c6:6a:d1:4e:52:bc:fa:81:15:
c5:5b:01:8c:af:ee:6a:ac:c2:97:3f:4d:15:0a:6c:
3e:a1:de:91:c5:40:7e:9f:6d:f2:0c:9c:0a:3e:5b:
a1:73:4a:1e:d2:3b:a1:69:07:79:8b:99:0e:a8:be:
ed:87:a7:37:32:f2:ad:3a:26:f1:ed:35:a0:31:14:
10:aa:13:d6:80:6b:c5:2b:62:d5:87:80:9b:14:ee:
46:b3:46:90:91:f2:fc:b8:a3:33:1a:e2:0a:c3:86:
5b:a5:9d:8f:4f:02:11:d0:56:50:db:c1:7d:f3:57:
35:f2:e3:ca:a8:2a:08:0a:dc:da:76:36:1f:0c:cd:
5f:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:FA:97:9D:9A:D4:0D:B0:88:10:73:7E:36:5C:00:76:0E:5F:E1:1E
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/5A6208C8FA7C11EF921B2B4A762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.237.106.0/23
156.237.112.0-156.237.116.255
156.255.83.0/24
156.255.85.0-156.255.86.255
Signature Algorithm: sha256WithRSAEncryption
35:f4:74:b9:0e:cd:80:23:4b:97:4e:59:40:a9:b5:0b:9d:f9:
5c:17:6f:e3:1e:5c:be:20:3e:4f:d5:ba:4c:ae:f0:12:ee:03:
f9:3c:6a:1e:11:23:64:da:47:f8:36:27:ee:70:cf:f0:e1:ea:
bf:52:ca:f7:01:ed:af:9f:70:ab:d0:4b:30:d1:d7:9f:8b:c5:
a7:ef:dd:59:c2:66:11:38:fd:0b:43:a7:cf:15:8b:c0:74:8b:
d6:92:f9:52:63:d1:0a:75:58:46:a0:c9:f5:f9:d2:ce:87:11:
47:b6:b4:f3:21:86:2c:8f:44:c0:34:06:6f:f5:5d:46:4b:c3:
2a:72:ae:b3:ee:2d:0d:36:e8:b8:fd:f1:f9:27:09:15:90:74:
28:1c:08:b1:3a:9d:77:bb:bb:01:27:34:d7:0c:98:a6:82:79:
6b:73:d4:38:5b:ca:79:a1:b6:0a:c6:34:d7:ef:92:79:38:e1:
e2:b0:76:af:86:bf:6f:39:e6:da:5d:cd:3b:11:1d:86:3f:b9:
cd:e4:58:89:72:b4:9a:7e:2d:d1:c1:0e:38:bd:20:78:e7:fd:
ef:6d:64:d5:3c:c6:1a:6f:e8:72:46:70:4d:21:f1:69:79:82:
dc:0f:d7:3d:14:16:1d:ff:ac:24:e7:f1:34:a1:e4:5e:21:6f:
f1:70:2d:57
-----BEGIN CERTIFICATE-----
MIIFozCCBIugAwIBAgIDAUO1MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMzA2MTExNTQzWhcNMjUwMzE5MTExNTQzWjAYMRYw
FAYDVQQDEw02N2M5ODNlMy1kOTFjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA1wCUxYQ4eWNItorQpKlIBv8atxpKxBls74/VOy4Vs/F/x+ggIIt+ztqo
aXfYrpxv/C1U/hyAbXCSCffm22qbSQ/fb6VYSnoMhAbFLtCcSaEzCRfvHxCttNo4
tFdsYPV0PvIPTBuiYPMZYdAXUdtRRKHwf4+LwAv2Xj+/zaXGatFOUrz6gRXFWwGM
r+5qrMKXP00VCmw+od6RxUB+n23yDJwKPluhc0oe0juhaQd5i5kOqL7th6c3MvKt
Oibx7TWgMRQQqhPWgGvFK2LVh4CbFO5Gs0aQkfL8uKMzGuIKw4ZbpZ2PTwIR0FZQ
28F981c18uPKqCoICtzadjYfDM1fZwIDAQABo4ICxDCCAsAwHQYDVR0OBBYEFPr6
l52a1A2wiBBzfjZcAHYOX+EeMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC81QTYyMDhDOEZBN0MxMUVGOTIxQjJCNEE3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MEEGCCsGAQUFBwEHAQH/BDIwMDAuBAIAATAoAwQBnO1qMAwDBASc7XADBACc7XQD
BACc/1MwDAMEAJz/VQMEAJz/VjANBgkqhkiG9w0BAQsFAAOCAQEANfR0uQ7NgCNL
l05ZQKm1C535XBdv4x5cviA+T9W6TK7wEu4D+TxqHhEjZNpH+DYn7nDP8OHqv1LK
9wHtr59wq9BLMNHXn4vFp+/dWcJmETj9C0OnzxWLwHSL1pL5UmPRCnVYRqDJ9fnS
zocRR7a08yGGLI9EwDQGb/VdRkvDKnKus+4tDTbouP3x+ScJFZB0KBwIsTqdd7u7
ASc01wyYpoJ5a3PUOFvKeaG2CsY01++SeTjh4rB2r4a/bznm2l3NOxEdhj+5zeRY
iXK0mn4t0cEOOL0geOf9721k1TzGGm/ockZwTSHxaXmC3A/XPRQWHf+sJOfxNKHk
XiFv8XAtVw==
-----END CERTIFICATE-----
Generated at Sat May 10 05:03:58 2025 by rpki-client