Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/67DC312E02F911F0A84E2295762E951A.roa
File: 67DC312E02F911F0A84E2295762E951A.roa (raw, json)
Hash identifier: cp3cSECtCqnf/snudHFrnofVKDACNRcS6Z7WFyFWSLA=
Subject key identifier: F0:7D:BA:89:E2:88:B9:25:F5:A9:B5:62:39:B7:41:86:4E:19:FF:3F
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 014670
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/67DC312E02F911F0A84E2295762E951A.roa
Signing time: Mon 17 Mar 2025 06:31:06 +0000
ROA not before: Mon 17 Mar 2025 06:31:01 +0000
ROA not after: Wed 02 Apr 2025 06:31:01 +0000
asID: 39600
IP address blocks: 156.237.106.0/24 maxlen: 24
156.237.107.0/24 maxlen: 24
156.237.112.0/24 maxlen: 24
156.237.113.0/24 maxlen: 24
156.237.114.0/24 maxlen: 24
156.237.115.0/24 maxlen: 24
156.237.116.0/24 maxlen: 24
156.237.118.0/24 maxlen: 24
156.237.119.0/24 maxlen: 24
156.237.125.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 83568 (0x14670)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Mar 17 06:31:01 2025 GMT
Not After : Apr 2 06:31:01 2025 GMT
Subject: CN=67d7c1aa-1ea9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:9d:69:93:e7:3a:41:01:35:71:56:24:04:19:
b4:08:87:67:44:65:68:19:d4:6e:01:81:56:ad:42:
14:34:b6:82:0a:14:58:9b:0a:af:49:c9:98:b4:8f:
80:d3:2b:e2:48:5f:fd:7f:9b:40:55:96:1a:2a:7f:
01:0d:2c:3f:1a:70:87:31:ab:be:b9:4a:1b:0b:55:
fe:b1:c2:e4:23:23:14:35:c6:3c:40:64:dc:07:66:
24:ca:23:1f:c6:1b:99:12:3b:ca:f2:3c:89:40:b8:
56:1e:25:f1:66:65:14:5c:34:a7:fd:75:6c:92:9d:
5c:a5:49:a9:0a:a1:6f:b7:4f:25:64:69:1c:38:8b:
e0:24:79:de:1e:24:c7:d5:77:e9:c1:1d:9b:28:1f:
56:7e:fa:5d:56:d7:48:45:7a:57:eb:6d:de:c6:16:
02:de:82:e8:76:3a:81:b4:87:10:30:21:21:88:92:
8e:2a:5b:3b:39:a0:d6:ef:fc:d2:ae:59:56:00:70:
a5:9f:d1:68:51:df:9c:79:bd:1c:3e:f6:fc:1b:36:
d5:1e:b8:7c:05:41:3d:4b:bd:6a:62:3b:b0:a3:70:
f3:b7:54:96:e8:30:05:f0:d9:33:39:bd:34:14:61:
88:1e:0c:d8:a1:56:3c:1a:32:8d:dd:4b:b3:ea:45:
21:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:7D:BA:89:E2:88:B9:25:F5:A9:B5:62:39:B7:41:86:4E:19:FF:3F
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/67DC312E02F911F0A84E2295762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.237.106.0/23
156.237.112.0-156.237.116.255
156.237.118.0/23
156.237.125.0/24
Signature Algorithm: sha256WithRSAEncryption
10:93:ca:70:90:8d:6a:29:12:fb:e4:48:da:3e:d4:f5:a3:9b:
b8:eb:33:74:6f:74:03:96:b1:0d:31:65:5a:69:49:3a:d9:95:
f9:5c:a7:b1:a8:46:1c:d6:63:aa:e1:4a:1c:10:e8:0e:e0:d4:
4d:a6:02:6e:71:6f:10:1f:c7:8e:c5:1d:71:08:b8:dd:e7:5e:
93:e0:87:6f:cf:99:41:f6:f5:d2:df:8e:2a:2f:6a:5f:31:3e:
2f:25:50:9c:63:1f:81:71:ce:12:ba:31:0b:27:57:3e:bb:c1:
1d:3f:85:a8:d1:3f:d4:cf:b8:23:01:cf:a0:4a:d8:a2:46:88:
bb:23:1c:e0:fd:68:d8:b7:e6:05:e6:6e:f1:1d:8f:4e:d5:e7:
e2:81:e3:5c:f4:45:92:a2:8a:2d:43:5b:2f:70:f0:77:c8:47:
6a:e6:b3:96:f1:ab:12:d4:4e:ca:1d:5d:f6:8d:78:4d:96:ce:
c0:25:52:6f:a7:64:a0:24:cd:53:76:30:23:d3:12:ee:c0:71:
77:9b:87:40:26:d5:48:06:de:87:5a:06:b2:dd:f6:aa:3e:66:
96:b2:74:9f:7b:dd:45:db:7a:d7:99:40:30:c3:26:e8:31:2a:
55:f9:37:07:a4:b9:2e:d9:a1:1b:b0:fd:3f:86:c0:03:e6:eb:
85:a3:17:ee
-----BEGIN CERTIFICATE-----
MIIFmzCCBIOgAwIBAgIDAUZwMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMzE3MDYzMTAxWhcNMjUwNDAyMDYzMTAxWjAYMRYw
FAYDVQQDEw02N2Q3YzFhYS0xZWE5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEApp1pk+c6QQE1cVYkBBm0CIdnRGVoGdRuAYFWrUIUNLaCChRYmwqvScmY
tI+A0yviSF/9f5tAVZYaKn8BDSw/GnCHMau+uUobC1X+scLkIyMUNcY8QGTcB2Yk
yiMfxhuZEjvK8jyJQLhWHiXxZmUUXDSn/XVskp1cpUmpCqFvt08lZGkcOIvgJHne
HiTH1XfpwR2bKB9WfvpdVtdIRXpX623exhYC3oLodjqBtIcQMCEhiJKOKls7OaDW
7/zSrllWAHCln9FoUd+ceb0cPvb8GzbVHrh8BUE9S71qYjuwo3Dzt1SW6DAF8Nkz
Ob00FGGIHgzYoVY8GjKN3Uuz6kUhbQIDAQABo4ICvDCCArgwHQYDVR0OBBYEFPB9
uoniiLkl9am1Yjm3QYZOGf8/MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC82N0RDMzEyRTAyRjkxMUYwQTg0RTIyOTU3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQBnO1qMAwDBASc7XADBACc7XQD
BAGc7XYDBACc7X0wDQYJKoZIhvcNAQELBQADggEBABCTynCQjWopEvvkSNo+1PWj
m7jrM3RvdAOWsQ0xZVppSTrZlflcp7GoRhzWY6rhShwQ6A7g1E2mAm5xbxAfx47F
HXEIuN3nXpPgh2/PmUH29dLfjioval8xPi8lUJxjH4FxzhK6MQsnVz67wR0/hajR
P9TPuCMBz6BK2KJGiLsjHOD9aNi35gXmbvEdj07V5+KB41z0RZKiii1DWy9w8HfI
R2rms5bxqxLUTsodXfaNeE2WzsAlUm+nZKAkzVN2MCPTEu7AcXebh0Am1UgG3oda
BrLd9qo+ZpaydJ973UXbeteZQDDDJugxKlX5NwekuS7ZoRuw/T+GwAPm64WjF+4=
-----END CERTIFICATE-----
Generated at Sun Apr 6 18:05:07 2025 by rpki-client