Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/608A759C901E11EEB5299158D25BE465.roa
File: 608A759C901E11EEB5299158D25BE465.roa (raw, json)
Hash identifier: ZjhoL5H6xm2TvXU4pq8n2DyJi0hWs3j1zIVYXMoD/H8=
Subject key identifier: 35:4A:36:B2:EA:3D:99:6C:A1:6C:16:84:06:17:5D:11:91:7E:D3:B8
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 4C85
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/608A759C901E11EEB5299158D25BE465.roa
Signing time: Fri 01 Dec 2023 07:51:04 +0000
ROA not before: Fri 01 Dec 2023 07:51:01 +0000
ROA not after: Sun 31 Dec 2023 07:51:01 +0000
asID: 147176
IP address blocks: 156.225.129.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 19589 (0x4c85)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Dec 1 07:51:01 2023 GMT
Not After : Dec 31 07:51:01 2023 GMT
Subject: CN=65699068-3696
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:1d:42:d4:28:6c:42:87:25:2a:1f:d8:79:aa:
a7:9b:18:7b:13:0f:f6:6f:23:95:24:31:3d:93:1c:
8e:d3:f0:36:4e:58:74:44:ff:77:96:7d:33:d3:59:
b8:fb:fc:0d:43:dc:7c:1c:b8:3d:23:a2:ef:96:db:
56:c7:b5:bf:e8:e9:3b:c4:6d:e7:f5:7e:9c:28:bc:
2a:8f:d4:ff:e7:94:39:80:b1:66:b5:4e:fc:04:ad:
09:48:91:87:f4:47:c3:8c:e6:50:a6:45:d0:40:4a:
cd:9d:8b:14:00:d5:b3:bd:03:f0:43:be:6d:aa:82:
b6:11:49:ac:25:b0:94:2e:87:5c:38:ee:56:1f:ab:
ae:af:8f:a3:b0:a9:e6:d9:54:69:c4:b0:c3:fb:d6:
c8:75:a5:93:70:e0:36:e8:51:7c:d2:a9:ac:22:b8:
07:f7:30:a3:aa:62:5a:68:d1:af:d4:d3:ce:54:c2:
c6:45:ba:9b:53:21:69:f1:73:54:77:2c:a7:e9:5c:
ad:cc:19:0f:72:f5:12:af:be:ed:37:bc:71:24:4a:
5f:ba:40:00:26:bb:4d:fd:ee:cb:0f:3e:12:3d:26:
3c:f7:21:f2:b0:cd:0a:77:70:2b:31:55:42:8d:02:
f2:3a:8b:bf:28:81:44:97:df:6c:6f:50:55:28:54:
a4:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:4A:36:B2:EA:3D:99:6C:A1:6C:16:84:06:17:5D:11:91:7E:D3:B8
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/608A759C901E11EEB5299158D25BE465.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.225.129.0/24
Signature Algorithm: sha256WithRSAEncryption
2c:8d:30:81:ee:20:1f:83:ed:c0:29:8c:05:56:6b:93:53:e0:
eb:be:f7:2d:cc:a2:79:a6:80:9b:06:8b:ce:06:9b:93:6b:33:
07:60:a5:7c:6b:17:9b:de:83:19:c6:61:a2:52:04:27:1c:8d:
a5:47:d1:7f:01:41:9f:43:eb:4e:42:ba:93:06:6a:cf:c3:28:
85:c7:b4:94:ff:75:3f:ad:23:d0:44:ec:73:cf:7a:6a:fa:19:
5d:09:e2:3a:5e:16:b8:18:4d:54:3e:79:d4:56:e7:af:21:4d:
b2:9b:7e:f6:48:80:34:29:15:df:d0:d9:b0:ad:d8:6e:7e:cc:
2d:48:8e:25:d5:0e:c3:11:a2:93:f4:04:a1:c6:84:b2:a9:e9:
32:4a:7d:0b:2e:ed:7a:65:9b:ad:10:90:90:0c:b0:9f:14:dc:
f7:31:d4:4b:ae:27:7b:8f:80:ee:3f:59:ed:c1:54:84:82:b9:
40:e5:5e:a8:87:6d:4b:31:f0:44:38:94:fd:81:f7:11:79:8d:
db:f2:e6:c6:07:82:01:75:d7:90:56:34:e9:7f:a0:61:f7:86:
e6:12:e7:08:c7:bb:0c:ab:cc:c2:3b:5c:18:8c:35:86:4b:e0:
4a:75:44:17:9e:ea:e6:09:27:7a:07:64:44:0d:0a:c8:65:2a:
2f:98:87:12
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICTIUwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
OEYyRDBBUjExMC8GA1UEBRMoNzk3RDg4RDgxM0UyMEZGRjk4MkNDNzQxOUU5NjlC
QUVBNkJGRDY5QjAeFw0yMzEyMDEwNzUxMDFaFw0yMzEyMzEwNzUxMDFaMBgxFjAU
BgNVBAMTDTY1Njk5MDY4LTM2OTYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDEHULUKGxChyUqH9h5qqebGHsTD/ZvI5UkMT2THI7T8DZOWHRE/3eWfTPT
Wbj7/A1D3HwcuD0jou+W21bHtb/o6TvEbef1fpwovCqP1P/nlDmAsWa1TvwErQlI
kYf0R8OM5lCmRdBASs2dixQA1bO9A/BDvm2qgrYRSawlsJQuh1w47lYfq66vj6Ow
qebZVGnEsMP71sh1pZNw4DboUXzSqawiuAf3MKOqYlpo0a/U085UwsZFuptTIWnx
c1R3LKfpXK3MGQ9y9RKvvu03vHEkSl+6QAAmu0397ssPPhI9Jjz3IfKwzQp3cCsx
VUKNAvI6i78ogUSX32xvUFUoVKSpAgMBAAGjggKiMIICnjAdBgNVHQ4EFgQUNUo2
suo9mWyhbBaEBhddEZF+07gwHwYDVR0jBBgwFoAUeX2I2BPiD/+YLMdBnpabrqa/
1pswDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjhGMkQwLzkyRjg2RTFDNkUwNTExRThBMUI1ODU0QkY4QUVBMjI4L2VYMkky
QlBpRF8tWUxNZEJucGFicnFhXzFwcy5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hcmlu
L2VYMkkyQlBpRF8tWUxNZEJucGFicnFhXzFwcy5jZXIwTwYDVR0gAQH/BEUwQzBB
BggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5pYy5u
ZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEFBQcw
C4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9y
ZXBvc2l0b3J5L0YzNjhGMkQwLzkyRjg2RTFDNkUwNTExRThBMUI1ODU0QkY4QUVB
MjI4LzYwOEE3NTlDOTAxRTExRUVCNTI5OTE1OEQyNUJFNDY1LnJvYTA1BggrBgEF
BQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54bWww
HwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACc4YEwDQYJKoZIhvcNAQELBQAD
ggEBACyNMIHuIB+D7cApjAVWa5NT4Ou+9y3MonmmgJsGi84Gm5NrMwdgpXxrF5ve
gxnGYaJSBCccjaVH0X8BQZ9D605CupMGas/DKIXHtJT/dT+tI9BE7HPPemr6GV0J
4jpeFrgYTVQ+edRW568hTbKbfvZIgDQpFd/Q2bCt2G5+zC1IjiXVDsMRopP0BKHG
hLKp6TJKfQsu7Xplm60QkJAMsJ8U3Pcx1EuuJ3uPgO4/We3BVISCuUDlXqiHbUsx
8EQ4lP2B9xF5jdvy5sYHggF115BWNOl/oGH3huYS5wjHuwyrzMI7XBiMNYZL4Ep1
RBee6uYJJ3oHZEQNCshlKi+YhxI=
-----END CERTIFICATE-----
Generated at Sun May 11 19:07:05 2025 by rpki-client