Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/5E2EDD8C3AD711F0A07372F1DAE4EC9C.roa
File: 5E2EDD8C3AD711F0A07372F1DAE4EC9C.roa (raw, json)
Hash identifier: zjwnAVVmMT1gYxgmtT7tJTZ0jLAtv3/6h2+L8cvV/10=
Subject key identifier: 28:3C:8A:38:44:0B:B5:BA:F7:5D:CD:06:73:9B:EB:50:20:7E:C2:5C
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 0157BA
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/5E2EDD8C3AD711F0A07372F1DAE4EC9C.roa
Signing time: Tue 27 May 2025 08:48:33 +0000
ROA not before: Tue 27 May 2025 08:48:28 +0000
ROA not after: Mon 02 Jun 2025 08:48:28 +0000
asID: 400619
IP address blocks: 156.235.96.0/21 maxlen: 24
156.235.104.0/21 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 87994 (0x157ba)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: May 27 08:48:28 2025 GMT
Not After : Jun 2 08:48:28 2025 GMT
Subject: CN=68357c60-eafc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:92:ee:d3:00:2b:b3:7b:10:7c:10:dd:4e:88:
94:24:5d:e9:df:e6:c7:2f:45:92:d5:b0:96:b4:d3:
d7:ad:13:9a:50:82:e1:93:d8:83:87:11:92:a0:b5:
17:94:83:8c:ad:8c:76:46:be:25:9e:fe:ea:cf:10:
b3:bc:af:3b:04:da:63:88:0c:49:8b:a7:6d:f5:5d:
c8:bd:a3:54:e9:d9:1f:43:b3:5a:f6:7a:f1:29:24:
da:83:3f:5b:6f:ea:bd:44:ba:91:10:64:3e:57:fa:
9d:57:79:13:51:a4:09:a0:8c:b2:1d:75:c8:8f:e9:
ca:2d:7c:c7:56:20:ac:bd:72:6d:16:5c:79:25:86:
72:17:c2:5c:d3:4f:6f:c6:73:64:c7:63:78:35:d0:
87:66:0d:46:31:e3:9d:67:1c:eb:03:69:7a:12:4f:
13:67:a2:2c:ba:59:83:e4:8c:cf:a0:c1:e9:95:17:
18:58:c2:40:1a:a9:6a:c1:99:bc:92:93:8f:20:8d:
d3:26:2d:6c:22:df:25:d5:2d:a7:bf:ce:a5:bc:8a:
c7:07:3d:91:29:f6:8b:30:14:eb:48:08:34:27:88:
6c:1a:9a:35:01:11:e9:0e:5d:30:47:92:b5:9e:17:
1b:e6:f3:4c:6c:e4:97:f2:c8:80:a9:26:6b:47:6d:
fe:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:3C:8A:38:44:0B:B5:BA:F7:5D:CD:06:73:9B:EB:50:20:7E:C2:5C
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/5E2EDD8C3AD711F0A07372F1DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.235.96.0/20
Signature Algorithm: sha256WithRSAEncryption
a8:97:50:ea:1a:c1:2a:ec:7f:f8:c9:24:41:5a:6e:95:57:3a:
d7:b4:4e:dc:0d:54:fb:24:00:dc:cf:ed:31:c8:e1:b1:22:14:
81:35:8c:2f:6d:d9:8f:3d:16:9f:00:93:53:af:d2:2e:ae:71:
91:b4:73:58:ae:75:dc:f3:11:ff:1a:18:e9:29:1b:07:4a:eb:
4d:a1:0f:b3:0f:0b:28:b3:d5:3d:19:c1:72:3e:ec:1c:7f:a8:
2e:95:96:7d:29:66:29:23:9c:c6:67:5f:36:32:c6:cd:1c:d2:
1c:10:50:60:d6:bd:7b:f2:83:4d:9d:a5:4d:9b:f4:5f:20:19:
1b:d0:64:34:d3:1b:d3:dd:de:70:d0:58:bf:64:32:3d:1e:e9:
b1:43:cf:13:66:4e:be:70:cb:8e:60:26:39:8b:90:5c:47:ea:
f0:48:cc:6c:10:1f:82:66:b2:7d:5e:d6:ea:22:3e:92:bf:61:
87:c6:b0:f0:e5:38:6d:77:dd:d7:5b:1e:6b:e2:77:1a:c5:e6:
c4:3d:79:1e:bc:1d:a2:e2:15:d2:b4:36:6c:be:7e:a4:98:95:
ba:db:32:38:55:9b:db:75:11:89:07:96:3c:a9:eb:c9:2c:f9:
ed:be:71:41:74:0e:67:e2:71:27:f5:75:7e:3c:e1:5d:5d:9f:
eb:6c:c7:59
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAVe6MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNTI3MDg0ODI4WhcNMjUwNjAyMDg0ODI4WjAYMRYw
FAYDVQQDEw02ODM1N2M2MC1lYWZjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAz5Lu0wArs3sQfBDdToiUJF3p3+bHL0WS1bCWtNPXrROaUILhk9iDhxGS
oLUXlIOMrYx2Rr4lnv7qzxCzvK87BNpjiAxJi6dt9V3IvaNU6dkfQ7Na9nrxKSTa
gz9bb+q9RLqREGQ+V/qdV3kTUaQJoIyyHXXIj+nKLXzHViCsvXJtFlx5JYZyF8Jc
009vxnNkx2N4NdCHZg1GMeOdZxzrA2l6Ek8TZ6IsulmD5IzPoMHplRcYWMJAGqlq
wZm8kpOPII3TJi1sIt8l1S2nv86lvIrHBz2RKfaLMBTrSAg0J4hsGpo1ARHpDl0w
R5K1nhcb5vNMbOSX8siAqSZrR23+owIDAQABo4ICojCCAp4wHQYDVR0OBBYEFCg8
ijhEC7W6913NBnOb61AgfsJcMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC81RTJFREQ4QzNBRDcxMUYwQTA3MzcyRjFEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEnOtgMA0GCSqGSIb3DQEBCwUA
A4IBAQCol1DqGsEq7H/4ySRBWm6VVzrXtE7cDVT7JADcz+0xyOGxIhSBNYwvbdmP
PRafAJNTr9IurnGRtHNYrnXc8xH/GhjpKRsHSutNoQ+zDwsos9U9GcFyPuwcf6gu
lZZ9KWYpI5zGZ182MsbNHNIcEFBg1r178oNNnaVNm/RfIBkb0GQ00xvT3d5w0Fi/
ZDI9HumxQ88TZk6+cMuOYCY5i5BcR+rwSMxsEB+CZrJ9XtbqIj6Sv2GHxrDw5Tht
d93XWx5r4ncaxebEPXkevB2i4hXStDZsvn6kmJW62zI4VZvbdRGJB5Y8qevJLPnt
vnFBdA5n4nEn9XV+POFdXZ/rbMdZ
-----END CERTIFICATE-----
Generated at Tue Jun 3 08:25:29 2025 by rpki-client