Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/61F0A402F5D911EFB3571350762E951A.roa
File: 61F0A402F5D911EFB3571350762E951A.roa (raw, json)
Hash identifier: ncR9fYk8iuorwIfhhl/1a2U5141PAabVD+q02xw7SOg=
Subject key identifier: 6B:23:C5:D1:A2:6E:0F:29:DC:4F:65:CA:88:BE:A5:FB:62:8B:AC:D7
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 013DF6
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/61F0A402F5D911EFB3571350762E951A.roa
Signing time: Fri 28 Feb 2025 13:39:07 +0000
ROA not before: Fri 28 Feb 2025 13:39:03 +0000
ROA not after: Sun 30 Mar 2025 13:39:03 +0000
asID: 203020
IP address blocks: 156.253.136.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 81398 (0x13df6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Feb 28 13:39:03 2025 GMT
Not After : Mar 30 13:39:03 2025 GMT
Subject: CN=67c1bc7b-4aa4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:3c:6a:6e:d6:cd:29:78:88:69:48:df:31:ca:
fb:c2:77:5e:cc:84:42:c5:0a:d3:13:76:7a:7e:2c:
2a:27:bb:8f:1b:bb:de:0c:4d:07:87:7e:43:1f:05:
0c:08:94:20:c6:14:5f:29:55:fa:c7:08:b1:fe:4e:
de:63:36:04:b5:17:53:b4:9f:10:76:a3:8c:a9:a3:
b8:b1:39:62:d6:1d:90:8c:97:6a:4e:ef:c5:79:3f:
26:c4:3d:30:17:31:bb:18:87:35:b1:8e:9b:6d:fe:
4d:04:02:36:85:20:ad:49:60:05:ae:6c:f9:ec:4b:
48:6c:d0:4b:63:59:35:b5:20:49:01:f8:24:41:ff:
bb:07:28:87:71:41:c0:48:6b:53:2e:6d:d0:2a:a7:
25:65:2d:b4:14:e6:ee:69:8d:f9:57:1a:61:0d:de:
92:1e:ba:41:85:1a:2f:3d:9c:39:bc:1c:ae:f5:de:
fb:39:31:c1:03:1e:7f:db:a4:92:4a:64:7e:6a:70:
03:04:6d:0b:25:04:72:49:f5:ab:cf:bf:92:23:67:
13:38:ff:d2:bf:92:71:dd:10:39:22:1c:29:9f:43:
5f:fe:30:69:4f:ec:4e:aa:70:ff:2c:c3:09:3e:c1:
b5:4b:b1:3c:06:bb:b3:5b:6f:c3:59:7a:69:72:59:
76:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:23:C5:D1:A2:6E:0F:29:DC:4F:65:CA:88:BE:A5:FB:62:8B:AC:D7
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/61F0A402F5D911EFB3571350762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.253.136.0/24
Signature Algorithm: sha256WithRSAEncryption
0c:93:d2:5b:8f:d0:3e:36:b7:a1:72:9d:29:cb:42:c6:b5:29:
27:98:49:dc:e6:dc:57:8d:2b:99:f0:70:8e:2d:12:d9:c9:4b:
63:2d:bd:4f:3e:b9:76:4a:ad:6a:1f:fc:0d:3a:d4:8b:cc:50:
04:f8:bf:d1:03:bb:93:62:dd:94:06:c5:45:df:85:7c:a7:08:
53:1b:78:0e:4a:93:2e:a5:13:b1:ce:56:32:9b:d6:ff:73:f6:
59:3a:7e:44:9e:74:34:4b:b6:81:31:e2:46:ad:84:78:88:73:
c4:c8:9a:85:18:50:0f:00:de:eb:35:b9:7b:4c:09:d3:06:0a:
da:fa:ed:72:10:b2:88:a0:9b:45:88:1c:3c:a6:d7:c6:43:09:
f8:f2:e6:11:2b:0a:c8:47:f4:9e:49:74:22:85:cf:62:19:24:
0b:68:ac:f1:12:65:ad:00:08:bc:7c:04:49:a4:81:eb:e2:e2:
5c:03:43:2e:bc:bc:ed:2f:70:87:62:d2:d8:c4:eb:cf:da:72:
71:99:01:bd:2a:14:c0:6d:f8:e8:41:b9:b7:45:a3:76:81:1c:
2e:55:58:c0:d9:6f:8b:18:e7:a5:49:de:0c:6a:75:8e:fe:f8:
95:77:6b:93:16:af:aa:0c:b0:33:86:ec:5d:60:a1:c2:3a:0d:
7e:b1:9f:bc
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAT32MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMjI4MTMzOTAzWhcNMjUwMzMwMTMzOTAzWjAYMRYw
FAYDVQQDEw02N2MxYmM3Yi00YWE0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAxDxqbtbNKXiIaUjfMcr7wndezIRCxQrTE3Z6fiwqJ7uPG7veDE0Hh35D
HwUMCJQgxhRfKVX6xwix/k7eYzYEtRdTtJ8QdqOMqaO4sTli1h2QjJdqTu/FeT8m
xD0wFzG7GIc1sY6bbf5NBAI2hSCtSWAFrmz57EtIbNBLY1k1tSBJAfgkQf+7ByiH
cUHASGtTLm3QKqclZS20FObuaY35VxphDd6SHrpBhRovPZw5vByu9d77OTHBAx5/
26SSSmR+anADBG0LJQRySfWrz7+SI2cTOP/Sv5Jx3RA5Ihwpn0Nf/jBpT+xOqnD/
LMMJPsG1S7E8BruzW2/DWXppcll2lQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFGsj
xdGibg8p3E9lyoi+pftii6zXMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC82MUYwQTQwMkY1RDkxMUVGQjM1NzEzNTA3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnP2IMA0GCSqGSIb3DQEBCwUA
A4IBAQAMk9Jbj9A+Nrehcp0py0LGtSknmEnc5txXjSuZ8HCOLRLZyUtjLb1PPrl2
Sq1qH/wNOtSLzFAE+L/RA7uTYt2UBsVF34V8pwhTG3gOSpMupROxzlYym9b/c/ZZ
On5EnnQ0S7aBMeJGrYR4iHPEyJqFGFAPAN7rNbl7TAnTBgra+u1yELKIoJtFiBw8
ptfGQwn48uYRKwrIR/SeSXQihc9iGSQLaKzxEmWtAAi8fARJpIHr4uJcA0MuvLzt
L3CHYtLYxOvP2nJxmQG9KhTAbfjoQbm3RaN2gRwuVVjA2W+LGOelSd4ManWO/viV
d2uTFq+qDLAzhuxdYKHCOg1+sZ+8
-----END CERTIFICATE-----
Generated at Sat Apr 12 05:10:14 2025 by rpki-client