Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/6FAF34DA370D11F093D779C4DAE4EC9C.roa
File: 6FAF34DA370D11F093D779C4DAE4EC9C.roa (raw, json)
Hash identifier: 9tpIgXoGhSQmiQ5VOpvk6COCh2tiQzYEAOiJGPCJoFw=
Subject key identifier: 7E:34:CC:60:CD:47:09:B2:B0:01:FB:DC:40:1C:E8:4C:AC:48:DC:86
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 0156AF
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/6FAF34DA370D11F093D779C4DAE4EC9C.roa
Signing time: Thu 22 May 2025 13:05:30 +0000
ROA not before: Thu 22 May 2025 13:05:25 +0000
ROA not after: Sun 01 Jun 2025 13:05:25 +0000
asID: 399077
IP address blocks: 156.240.225.0/24 maxlen: 24
156.240.226.0/24 maxlen: 24
156.240.227.0/24 maxlen: 24
156.240.228.0/24 maxlen: 24
156.240.229.0/24 maxlen: 24
156.240.230.0/24 maxlen: 24
156.240.231.0/24 maxlen: 24
156.240.232.0/24 maxlen: 24
156.240.233.0/24 maxlen: 24
156.240.234.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 87727 (0x156af)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: May 22 13:05:25 2025 GMT
Not After : Jun 1 13:05:25 2025 GMT
Subject: CN=682f211a-771b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:87:3b:e6:7c:b6:cf:73:17:72:f4:eb:11:60:
ee:69:80:b9:6c:af:de:77:db:8c:73:34:20:43:36:
00:58:75:ee:a1:0c:e0:15:aa:67:f7:1d:15:d5:27:
50:23:fa:d4:de:41:c8:62:b6:f8:be:5b:6e:1c:0e:
32:26:6f:dc:a2:e7:f6:49:98:2a:2d:1d:ea:0b:fa:
5f:f1:0f:6c:9b:c1:57:fd:3b:c3:9b:96:eb:fe:4a:
01:8e:70:38:68:85:84:e6:60:c4:09:bc:a8:29:5a:
9b:a7:14:57:2f:79:6e:b9:3f:46:98:33:c0:f2:6e:
c6:d0:7c:25:4e:e2:23:65:0c:64:a5:dd:36:cb:05:
6b:30:19:2c:4f:26:55:ab:7b:70:11:3b:d4:b3:9b:
a7:71:ec:d1:b9:36:9c:bc:19:1e:89:d7:69:75:99:
60:27:cd:32:f4:11:02:ab:e0:d4:7d:99:a1:e9:ec:
95:d5:a2:8c:e6:b7:9a:0e:11:dd:45:27:bc:37:a6:
ed:bf:d0:14:26:1d:a2:de:b5:a5:26:d3:9e:99:1d:
ab:35:34:93:0d:49:1e:20:7f:92:b6:e1:91:c6:02:
2e:43:35:45:a9:80:f0:65:c4:58:3d:be:81:83:a2:
7e:d7:12:e8:eb:f3:f9:71:6e:7b:1b:ee:70:dc:ba:
63:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:34:CC:60:CD:47:09:B2:B0:01:FB:DC:40:1C:E8:4C:AC:48:DC:86
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/6FAF34DA370D11F093D779C4DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.240.225.0-156.240.234.255
Signature Algorithm: sha256WithRSAEncryption
57:1e:f0:8c:36:72:31:d1:10:5a:87:69:56:cf:ee:82:9e:fa:
5a:4b:5e:bd:1f:04:de:5b:65:9c:53:da:ec:49:d6:fe:13:4c:
0c:48:ba:f9:fd:ee:99:65:01:f0:da:cf:52:12:a9:22:31:5a:
dd:37:cf:0a:24:f4:54:22:9c:43:2d:fb:55:b0:12:d7:cb:bc:
39:5d:8b:38:c1:4f:30:89:b7:82:3f:53:f9:61:47:d1:3a:09:
8f:03:38:49:58:76:d5:70:f4:2c:5b:cb:c3:40:87:57:ac:21:
de:12:a6:4c:08:8f:2e:16:61:02:6b:af:75:3e:f9:90:22:20:
aa:2b:7a:bc:8c:a4:86:d7:fa:58:f0:2c:f1:a5:d6:45:a7:23:
17:23:8f:c7:d5:74:d2:09:35:6a:0b:98:84:17:f7:66:8c:b2:
b9:e5:33:cb:f4:e9:b6:67:50:26:b3:5a:94:4f:b5:bb:35:37:
e8:05:c0:49:ed:27:41:62:ef:40:df:4b:6d:ce:06:bc:c7:7d:
10:23:70:34:76:9f:a6:81:3d:66:31:e1:ad:8a:69:7b:45:c2:
0f:79:4d:ce:74:af:81:3d:87:82:75:46:7f:4e:a7:33:51:d7:
c2:c9:de:56:84:d1:8f:a2:7f:e2:a0:cf:40:2c:fa:16:71:65:
38:9b:e1:04
-----BEGIN CERTIFICATE-----
MIIFiTCCBHGgAwIBAgIDAVavMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNTIyMTMwNTI1WhcNMjUwNjAxMTMwNTI1WjAYMRYw
FAYDVQQDEw02ODJmMjExYS03NzFiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAnoc75ny2z3MXcvTrEWDuaYC5bK/ed9uMczQgQzYAWHXuoQzgFapn9x0V
1SdQI/rU3kHIYrb4vltuHA4yJm/couf2SZgqLR3qC/pf8Q9sm8FX/TvDm5br/koB
jnA4aIWE5mDECbyoKVqbpxRXL3luuT9GmDPA8m7G0HwlTuIjZQxkpd02ywVrMBks
TyZVq3twETvUs5uncezRuTacvBkeiddpdZlgJ80y9BECq+DUfZmh6eyV1aKM5rea
DhHdRSe8N6btv9AUJh2i3rWlJtOemR2rNTSTDUkeIH+StuGRxgIuQzVFqYDwZcRY
Pb6Bg6J+1xLo6/P5cW57G+5w3Lpj+wIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFH40
zGDNRwmysAH73EAc6EysSNyGMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC82RkFGMzREQTM3MEQxMUYwOTNENzc5QzREQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBACc8OEDBACc8OowDQYJKoZI
hvcNAQELBQADggEBAFce8Iw2cjHREFqHaVbP7oKe+lpLXr0fBN5bZZxT2uxJ1v4T
TAxIuvn97pllAfDaz1ISqSIxWt03zwok9FQinEMt+1WwEtfLvDldizjBTzCJt4I/
U/lhR9E6CY8DOElYdtVw9Cxby8NAh1esId4SpkwIjy4WYQJrr3U++ZAiIKoreryM
pIbX+ljwLPGl1kWnIxcjj8fVdNIJNWoLmIQX92aMsrnlM8v06bZnUCazWpRPtbs1
N+gFwEntJ0Fi70DfS23OBrzHfRAjcDR2n6aBPWYx4a2KaXtFwg95Tc50r4E9h4J1
Rn9OpzNR18LJ3laE0Y+if+Kgz0As+hZxZTib4QQ=
-----END CERTIFICATE-----
Generated at Tue Jun 3 08:46:23 2025 by rpki-client