Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/65A8C3A8F91011EDACF5B5814AD9E6FC.roa
File: 65A8C3A8F91011EDACF5B5814AD9E6FC.roa (raw, json)
Hash identifier: wdIPI2uYWWqTmFL0PRtviMfZgNPlstOHSfWj6QAFSJM=
Subject key identifier: C3:92:4A:BB:9D:29:02:79:AF:7B:AF:E5:60:37:CA:1B:5E:8A:FA:14
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 2678
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/65A8C3A8F91011EDACF5B5814AD9E6FC.roa
Signing time: Tue 23 May 2023 02:20:34 +0000
ROA not before: Tue 23 May 2023 02:20:30 +0000
ROA not after: Wed 10 Jan 2024 02:20:30 +0000
asID: 64267
IP address blocks: 156.248.64.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 9848 (0x2678)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: May 23 02:20:30 2023 GMT
Not After : Jan 10 02:20:30 2024 GMT
Subject: CN=646c22f2-5a21
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:28:96:87:8d:fa:a6:48:47:88:78:52:a0:ae:
28:0b:67:09:a6:4d:88:f6:18:32:c7:1b:0b:53:65:
dc:27:e4:31:c0:d8:2b:5a:16:73:af:8b:e8:c1:99:
c8:12:89:b0:f0:5d:0c:81:0a:9e:e7:43:2d:5d:4e:
7f:03:04:b3:17:a4:0b:81:68:86:37:44:7f:dc:65:
fa:60:a2:70:7c:85:6f:ca:c3:7e:3d:28:42:6b:a8:
b9:d8:84:48:a2:c8:53:62:89:42:89:9c:2c:84:d3:
ba:e6:83:b8:7f:37:45:72:05:51:5d:8f:30:11:24:
e8:dd:06:b0:63:26:a1:d4:4f:04:75:59:be:ea:b2:
eb:79:a6:28:5f:de:eb:46:53:b0:ad:3e:87:f0:b2:
82:f1:d3:de:fe:de:19:a7:c9:14:da:fe:0a:7f:0f:
0d:bf:fa:40:0c:26:80:59:02:7a:a2:23:15:5a:35:
2b:d0:fd:4a:1c:d2:99:85:a4:a7:c1:68:78:19:f2:
9d:ed:f8:b1:48:1b:3d:3e:04:85:a4:c4:b4:69:e1:
ec:42:71:8c:3b:9f:0e:47:0f:01:b0:ed:dd:42:02:
e7:d2:8b:87:ac:4e:50:6a:46:4f:31:aa:a5:b3:d1:
2b:e3:1d:8e:56:cf:4d:30:3d:5f:53:6c:5f:4c:28:
74:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:92:4A:BB:9D:29:02:79:AF:7B:AF:E5:60:37:CA:1B:5E:8A:FA:14
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/65A8C3A8F91011EDACF5B5814AD9E6FC.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.248.64.0/24
Signature Algorithm: sha256WithRSAEncryption
65:1b:f1:93:ec:7f:bc:59:1c:29:ea:40:d4:6e:df:67:73:67:
a4:b4:ff:2e:4b:83:a1:78:34:ee:6d:ce:1f:42:a9:fc:49:ad:
b6:b8:fd:20:64:13:21:14:18:d4:f7:a8:b6:43:25:9f:c1:ea:
e3:0b:06:21:4d:47:5a:3d:2c:dd:0f:eb:b2:ba:05:af:6c:43:
38:9a:dc:6e:4b:05:37:0c:2a:ee:b4:3f:ba:a2:96:c0:5b:dd:
be:d4:e8:b4:fd:09:3f:f2:ab:85:a3:77:a8:0a:8d:27:83:53:
dc:7e:e9:2a:f1:a6:3f:e3:8d:70:45:ae:d6:9d:f7:49:22:47:
dd:d8:72:80:68:2e:df:32:9b:c1:bf:de:27:75:a5:18:79:c7:
2e:43:77:10:9c:a3:2a:86:d9:02:06:d3:5b:48:7f:c9:f7:40:
a9:5c:21:4f:c2:a3:68:8c:72:4b:e2:0c:a3:6d:0c:cf:05:46:
49:57:9b:a5:b8:51:cb:1a:ab:7f:66:dd:9f:ff:27:51:84:cd:
e1:7c:b1:ad:4a:d8:11:76:09:3b:8f:92:67:86:e9:04:92:a5:
bc:ad:9c:65:16:ac:cc:59:97:83:13:10:49:58:54:bf:82:98:
8d:0d:98:c0:a4:9e:cf:aa:b1:30:25:cc:46:57:82:e9:35:3c:
82:41:bc:b3
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICJngwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
OEYyRDBBUjExMC8GA1UEBRMoNzk3RDg4RDgxM0UyMEZGRjk4MkNDNzQxOUU5NjlC
QUVBNkJGRDY5QjAeFw0yMzA1MjMwMjIwMzBaFw0yNDAxMTAwMjIwMzBaMBgxFjAU
BgNVBAMTDTY0NmMyMmYyLTVhMjEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDcKJaHjfqmSEeIeFKgrigLZwmmTYj2GDLHGwtTZdwn5DHA2CtaFnOvi+jB
mcgSibDwXQyBCp7nQy1dTn8DBLMXpAuBaIY3RH/cZfpgonB8hW/Kw349KEJrqLnY
hEiiyFNiiUKJnCyE07rmg7h/N0VyBVFdjzARJOjdBrBjJqHUTwR1Wb7qsut5pihf
3utGU7CtPofwsoLx097+3hmnyRTa/gp/Dw2/+kAMJoBZAnqiIxVaNSvQ/Uoc0pmF
pKfBaHgZ8p3t+LFIGz0+BIWkxLRp4exCcYw7nw5HDwGw7d1CAufSi4esTlBqRk8x
qqWz0SvjHY5Wz00wPV9TbF9MKHTvAgMBAAGjggKiMIICnjAdBgNVHQ4EFgQUw5JK
u50pAnmve6/lYDfKG16K+hQwHwYDVR0jBBgwFoAUeX2I2BPiD/+YLMdBnpabrqa/
1pswDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjhGMkQwLzkyRjg2RTFDNkUwNTExRThBMUI1ODU0QkY4QUVBMjI4L2VYMkky
QlBpRF8tWUxNZEJucGFicnFhXzFwcy5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hcmlu
L2VYMkkyQlBpRF8tWUxNZEJucGFicnFhXzFwcy5jZXIwTwYDVR0gAQH/BEUwQzBB
BggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5pYy5u
ZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEFBQcw
C4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9y
ZXBvc2l0b3J5L0YzNjhGMkQwLzkyRjg2RTFDNkUwNTExRThBMUI1ODU0QkY4QUVB
MjI4LzY1QThDM0E4RjkxMDExRURBQ0Y1QjU4MTRBRDlFNkZDLnJvYTA1BggrBgEF
BQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54bWww
HwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACc+EAwDQYJKoZIhvcNAQELBQAD
ggEBAGUb8ZPsf7xZHCnqQNRu32dzZ6S0/y5Lg6F4NO5tzh9CqfxJrba4/SBkEyEU
GNT3qLZDJZ/B6uMLBiFNR1o9LN0P67K6Ba9sQzia3G5LBTcMKu60P7qilsBb3b7U
6LT9CT/yq4Wjd6gKjSeDU9x+6Srxpj/jjXBFrtad90kiR93YcoBoLt8ym8G/3id1
pRh5xy5DdxCcoyqG2QIG01tIf8n3QKlcIU/Co2iMckviDKNtDM8FRklXm6W4Ucsa
q39m3Z//J1GEzeF8sa1K2BF2CTuPkmeG6QSSpbytnGUWrMxZl4MTEElYVL+CmI0N
mMCkns+qsTAlzEZXguk1PIJBvLM=
-----END CERTIFICATE-----
Generated at Sun May 11 14:07:54 2025 by rpki-client