Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/708B61DCF8F911EF8403CB90762E951A.roa
File: 708B61DCF8F911EF8403CB90762E951A.roa (raw, json)
Hash identifier: cyQbSF8T3BC/iZ7HCjim3OGwzW4x/v/Ntb+ev9gnnZA=
Subject key identifier: E7:73:CF:47:ED:F8:CE:CE:09:A4:E6:F4:16:51:09:24:09:53:6B:78
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 01431A
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/708B61DCF8F911EF8403CB90762E951A.roa
Signing time: Tue 04 Mar 2025 13:06:09 +0000
ROA not before: Tue 04 Mar 2025 13:06:05 +0000
ROA not after: Mon 07 Apr 2025 13:06:05 +0000
asID: 6079
IP address blocks: 156.237.16.0/20 maxlen: 24
156.237.32.0/19 maxlen: 24
156.237.96.0/21 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 82714 (0x1431a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Mar 4 13:06:05 2025 GMT
Not After : Apr 7 13:06:05 2025 GMT
Subject: CN=67c6fac1-311f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:85:ee:61:7f:15:d9:e6:52:85:7e:4f:cd:57:
f3:1e:86:bc:d3:04:7e:be:3f:8b:0d:ae:b6:aa:79:
f8:6f:4f:ef:e4:9d:39:8e:18:d4:09:82:c1:ee:07:
79:ab:b8:9e:a2:c9:4a:46:00:57:20:44:a5:26:c5:
a6:16:38:3a:61:a7:ab:de:80:4c:d6:de:29:7d:d5:
17:ad:c4:0c:51:ce:96:f2:d1:d8:f0:9e:70:48:31:
2e:1a:08:6c:b9:ca:4c:64:6f:c4:d1:8c:5f:2f:b7:
91:1b:35:88:43:ab:0c:62:f5:12:40:75:73:cf:5b:
2f:ff:e0:2b:4b:eb:a6:98:40:9e:93:ff:7b:6a:da:
4b:37:26:a7:ea:b1:a1:65:cf:94:73:7c:2d:74:a5:
ec:df:13:bd:ab:07:2d:db:16:a6:27:17:42:d6:69:
ca:cc:ce:3b:33:1e:90:28:12:34:bd:5a:49:f9:4a:
af:4a:22:ab:af:3d:d1:31:c8:4d:49:02:9c:35:9b:
64:49:c7:44:a5:a0:ce:2d:6e:15:e5:c4:86:d7:3f:
7a:b0:7a:18:ea:98:7c:d8:ee:1f:c3:01:e4:ee:49:
f1:36:c1:89:a3:96:6b:45:b9:d5:26:81:f3:81:89:
64:32:ca:28:60:e3:91:25:a5:1f:6a:bd:98:d0:6c:
21:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:73:CF:47:ED:F8:CE:CE:09:A4:E6:F4:16:51:09:24:09:53:6B:78
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/708B61DCF8F911EF8403CB90762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.237.16.0-156.237.63.255
156.237.96.0/21
Signature Algorithm: sha256WithRSAEncryption
3a:fb:8e:a6:ed:af:d8:91:f9:22:a8:ba:e8:44:db:65:f3:8f:
0a:1b:9e:ea:51:3a:5e:58:20:c6:a9:81:26:85:64:36:2b:30:
d2:6f:da:46:22:4f:a3:0d:34:66:ad:be:c5:bd:6a:e2:8a:26:
bf:8f:02:16:81:b4:fe:0a:96:3a:d1:34:39:61:9e:a5:a2:51:
a9:ce:25:ba:28:36:eb:8b:08:a3:f4:90:3f:a1:39:b3:0c:60:
c8:f6:65:a5:a9:f7:2a:60:3b:9f:ab:7c:b6:48:f5:76:6d:89:
76:74:fb:2c:51:8f:b2:73:7d:82:aa:5a:66:48:22:a9:ed:1d:
06:22:de:73:08:99:04:50:95:27:66:22:5d:5f:eb:df:c0:19:
73:8a:9f:5f:95:c8:a3:ad:fd:38:93:9b:4b:54:80:9a:0f:2d:
15:8d:f4:44:da:3f:e0:f0:e3:a8:a0:21:ff:54:1a:02:91:69:
6e:a5:bd:e5:3b:fd:00:07:53:1e:45:dd:46:92:06:d4:8c:de:
9a:50:2a:c1:91:b0:b4:cc:b7:5c:67:ce:96:cd:99:eb:54:a2:
57:23:83:a1:03:ca:80:98:e3:32:c4:08:9d:79:14:9f:14:32:
9e:d1:bd:bf:40:da:49:07:65:cd:c3:57:00:be:42:a5:75:4e:
c4:36:24:6c
-----BEGIN CERTIFICATE-----
MIIFjzCCBHegAwIBAgIDAUMaMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMzA0MTMwNjA1WhcNMjUwNDA3MTMwNjA1WjAYMRYw
FAYDVQQDEw02N2M2ZmFjMS0zMTFmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA2IXuYX8V2eZShX5PzVfzHoa80wR+vj+LDa62qnn4b0/v5J05jhjUCYLB
7gd5q7ieoslKRgBXIESlJsWmFjg6Yaer3oBM1t4pfdUXrcQMUc6W8tHY8J5wSDEu
GghsucpMZG/E0YxfL7eRGzWIQ6sMYvUSQHVzz1sv/+ArS+ummECek/97atpLNyan
6rGhZc+Uc3wtdKXs3xO9qwct2xamJxdC1mnKzM47Mx6QKBI0vVpJ+UqvSiKrrz3R
MchNSQKcNZtkScdEpaDOLW4V5cSG1z96sHoY6ph82O4fwwHk7knxNsGJo5ZrRbnV
JoHzgYlkMsooYOORJaUfar2Y0GwhsQIDAQABo4ICsDCCAqwwHQYDVR0OBBYEFOdz
z0ft+M7OCaTm9BZRCSQJU2t4MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC83MDhCNjFEQ0Y4RjkxMUVGODQwM0NCOTA3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBASc7RADBAac7QADBAOc7WAw
DQYJKoZIhvcNAQELBQADggEBADr7jqbtr9iR+SKouuhE22XzjwobnupROl5YIMap
gSaFZDYrMNJv2kYiT6MNNGatvsW9auKKJr+PAhaBtP4KljrRNDlhnqWiUanOJboo
NuuLCKP0kD+hObMMYMj2ZaWp9ypgO5+rfLZI9XZtiXZ0+yxRj7JzfYKqWmZIIqnt
HQYi3nMImQRQlSdmIl1f69/AGXOKn1+VyKOt/TiTm0tUgJoPLRWN9ETaP+Dw46ig
If9UGgKRaW6lveU7/QAHUx5F3UaSBtSM3ppQKsGRsLTMt1xnzpbNmetUolcjg6ED
yoCY4zLECJ15FJ8UMp7Rvb9A2kkHZc3DVwC+QqV1TsQ2JGw=
-----END CERTIFICATE-----
Generated at Fri Apr 11 09:21:12 2025 by rpki-client