Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/7374D4B8370C11F08CBCABBDDAE4EC9C.roa
File: 7374D4B8370C11F08CBCABBDDAE4EC9C.roa (raw, json)
Hash identifier: BnwMArJH9F9MhhMR20QU0OQJu27kkPMOLM5wMLcBBLw=
Subject key identifier: 37:CD:05:9A:09:F8:50:50:1F:73:DC:75:7F:E9:2E:13:9A:45:7E:26
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 0156AD
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/7374D4B8370C11F08CBCABBDDAE4EC9C.roa
Signing time: Thu 22 May 2025 12:58:27 +0000
ROA not before: Thu 22 May 2025 12:58:22 +0000
ROA not after: Sun 01 Jun 2025 12:58:22 +0000
asID: 399077
IP address blocks: 156.240.235.0/24 maxlen: 24
156.240.236.0/24 maxlen: 24
156.240.237.0/24 maxlen: 24
156.240.238.0/24 maxlen: 24
156.240.239.0/24 maxlen: 24
156.240.240.0/24 maxlen: 24
156.240.241.0/24 maxlen: 24
156.240.242.0/24 maxlen: 24
156.240.243.0/24 maxlen: 24
156.240.245.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 87725 (0x156ad)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: May 22 12:58:22 2025 GMT
Not After : Jun 1 12:58:22 2025 GMT
Subject: CN=682f1f73-680b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:41:a4:d9:9d:da:63:c9:6c:d1:f7:25:11:61:
50:44:d9:8b:52:ab:26:66:16:71:db:45:1e:34:43:
ca:26:8c:82:a1:1e:4b:3b:d2:ad:0d:44:3c:17:1c:
89:42:53:14:13:ce:2f:62:80:e6:eb:da:50:6a:8b:
16:79:ad:cd:d0:70:85:d0:a0:60:7d:78:f1:a3:64:
7d:08:b5:dc:2b:d6:11:19:18:56:41:f6:a8:a2:fc:
0b:3a:41:01:8a:ee:9b:1a:28:1e:ad:35:0b:8b:cc:
e2:8d:88:e7:c4:c7:42:3c:0a:6c:d9:5a:1d:46:b0:
48:b8:cb:69:99:9c:a9:e1:3a:e4:07:e1:9f:df:bb:
ae:3c:c1:32:e9:99:f1:03:ae:6f:06:b2:a9:1d:1e:
ad:06:73:5b:05:ec:72:ed:ec:3f:75:36:dd:77:e2:
f1:83:e3:ed:1b:32:03:0a:be:f1:84:2b:21:8b:6a:
4f:2b:55:ce:44:95:c2:24:06:3f:1f:87:9a:16:1e:
25:bf:b5:88:11:54:05:9b:e0:bf:b1:35:ac:f7:09:
07:12:18:96:af:45:0d:3a:69:70:20:54:c3:49:6c:
32:8e:48:fc:c0:04:fb:ce:6b:70:56:89:27:9c:a5:
d4:0c:7b:d9:c0:1d:a0:b9:ba:a3:e1:04:d4:da:e5:
4a:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:CD:05:9A:09:F8:50:50:1F:73:DC:75:7F:E9:2E:13:9A:45:7E:26
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/7374D4B8370C11F08CBCABBDDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.240.235.0-156.240.243.255
156.240.245.0/24
Signature Algorithm: sha256WithRSAEncryption
2c:b2:06:3d:ef:bd:40:6a:9d:37:e5:02:95:f8:0a:69:f4:5f:
8b:85:ea:81:86:73:d6:61:e2:60:17:da:7a:47:fd:2e:5b:48:
22:6e:18:12:b0:bd:70:07:32:cc:57:7e:14:15:aa:48:24:9e:
85:5d:23:26:58:e8:0f:fc:9b:24:50:3f:1b:21:ea:0b:96:ab:
73:71:c4:bb:4d:2f:35:75:18:f8:47:4f:d1:51:d3:ac:63:e0:
ee:e5:ae:71:dd:6b:00:68:87:8c:10:21:a3:6c:fa:07:18:27:
40:eb:ed:a8:97:41:25:8a:08:9b:f3:ab:86:0a:84:23:49:1c:
4b:39:e1:12:b8:02:19:67:fc:ce:dd:0b:9e:e1:93:c5:5b:12:
00:df:fe:b0:68:1d:58:e1:c6:30:36:1d:d4:ce:df:56:7a:91:
a4:f9:71:99:30:a3:19:5c:b0:6e:c4:dd:42:c5:fb:e8:95:91:
7b:14:0c:56:a7:ef:98:82:2e:fa:8a:a5:66:a6:ac:6e:8c:9e:
33:00:90:39:e2:3c:95:bd:cd:11:b0:6e:2d:a3:ac:36:93:b7:
12:07:05:aa:05:28:37:7c:fd:d6:43:bf:69:a5:db:fa:58:a8:
e9:2e:60:09:a1:07:c0:31:86:ee:fd:6b:58:52:de:a8:ec:2d:
ae:8d:ce:24
-----BEGIN CERTIFICATE-----
MIIFjzCCBHegAwIBAgIDAVatMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNTIyMTI1ODIyWhcNMjUwNjAxMTI1ODIyWjAYMRYw
FAYDVQQDEw02ODJmMWY3My02ODBiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAuEGk2Z3aY8ls0fclEWFQRNmLUqsmZhZx20UeNEPKJoyCoR5LO9KtDUQ8
FxyJQlMUE84vYoDm69pQaosWea3N0HCF0KBgfXjxo2R9CLXcK9YRGRhWQfaoovwL
OkEBiu6bGigerTULi8zijYjnxMdCPAps2VodRrBIuMtpmZyp4TrkB+Gf37uuPMEy
6ZnxA65vBrKpHR6tBnNbBexy7ew/dTbdd+Lxg+PtGzIDCr7xhCshi2pPK1XORJXC
JAY/H4eaFh4lv7WIEVQFm+C/sTWs9wkHEhiWr0UNOmlwIFTDSWwyjkj8wAT7zmtw
VoknnKXUDHvZwB2gubqj4QTU2uVK3QIDAQABo4ICsDCCAqwwHQYDVR0OBBYEFDfN
BZoJ+FBQH3PcdX/pLhOaRX4mMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC83Mzc0RDRCODM3MEMxMUYwOENCQ0FCQkREQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBACc8OsDBAKc8PADBACc8PUw
DQYJKoZIhvcNAQELBQADggEBACyyBj3vvUBqnTflApX4Cmn0X4uF6oGGc9Zh4mAX
2npH/S5bSCJuGBKwvXAHMsxXfhQVqkgknoVdIyZY6A/8myRQPxsh6guWq3NxxLtN
LzV1GPhHT9FR06xj4O7lrnHdawBoh4wQIaNs+gcYJ0Dr7aiXQSWKCJvzq4YKhCNJ
HEs54RK4Ahln/M7dC57hk8VbEgDf/rBoHVjhxjA2HdTO31Z6kaT5cZkwoxlcsG7E
3ULF++iVkXsUDFan75iCLvqKpWamrG6MnjMAkDniPJW9zRGwbi2jrDaTtxIHBaoF
KDd8/dZDv2ml2/pYqOkuYAmhB8Axhu79a1hS3qjsLa6NziQ=
-----END CERTIFICATE-----
Generated at Tue Jun 3 08:30:34 2025 by rpki-client