Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/82F790EA04AF11F0B122CC61762E951A.roa
File: 82F790EA04AF11F0B122CC61762E951A.roa (raw, json)
Hash identifier: QZ+MrtHMMBmBbQSHFI3Pzl4+TIPv1TsS5e/5mkPZgdQ=
Subject key identifier: C4:1A:C4:EF:E3:41:F3:7A:41:71:83:C4:32:61:83:6B:47:FA:EA:8F
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 0146CE
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/82F790EA04AF11F0B122CC61762E951A.roa
Signing time: Wed 19 Mar 2025 10:47:11 +0000
ROA not before: Wed 19 Mar 2025 10:47:07 +0000
ROA not after: Wed 02 Apr 2025 10:47:07 +0000
asID: 39600
IP address blocks: 156.237.106.0/24 maxlen: 24
156.237.107.0/24 maxlen: 24
156.237.112.0/24 maxlen: 24
156.237.113.0/24 maxlen: 24
156.237.114.0/24 maxlen: 24
156.237.115.0/24 maxlen: 24
156.237.116.0/24 maxlen: 24
156.237.117.0/24 maxlen: 24
156.237.118.0/24 maxlen: 24
156.237.119.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 83662 (0x146ce)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Mar 19 10:47:07 2025 GMT
Not After : Apr 2 10:47:07 2025 GMT
Subject: CN=67daa0af-5c36
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:43:68:45:ad:54:e9:fa:91:ef:db:8c:e9:58:
cb:0e:ff:83:70:ad:65:99:ce:65:e0:94:eb:39:de:
c7:f0:0e:d4:ad:89:1d:15:97:4b:c1:42:44:47:76:
41:e2:aa:fc:1e:fc:49:7e:fe:f1:04:a6:00:99:ef:
10:13:38:29:6f:30:8f:cd:bf:95:d0:6e:b0:f5:a8:
0f:2f:89:ff:91:fa:f8:41:cd:5e:12:06:b3:e9:49:
2a:cc:d6:b1:d1:f9:3b:a7:62:22:bd:c6:b9:a6:eb:
f1:88:79:13:dd:6c:a5:70:b8:54:e7:e4:0f:eb:cf:
dd:43:61:87:bd:5a:28:65:98:66:ba:c1:54:e0:88:
d6:0d:4c:e4:fb:90:09:f5:14:47:fb:0d:74:62:4b:
9a:33:7c:57:e3:4f:9b:3a:d9:c0:9e:ce:ce:3f:9c:
3b:d3:9b:42:b9:51:8d:2e:6b:19:83:e6:d6:bc:71:
9c:9f:4a:c0:3c:01:5a:3f:22:d1:e6:cd:df:d4:7b:
5a:51:e2:1b:24:c8:d4:f2:63:08:79:5a:f4:d6:c0:
4b:3c:a8:9d:67:cc:59:15:0a:0f:c2:fd:7a:14:1e:
d5:4f:49:4a:8b:d2:db:a9:e2:9c:37:60:ea:a9:30:
cc:3a:a7:5f:29:64:21:fc:5c:f3:f9:f9:3a:30:91:
d6:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:1A:C4:EF:E3:41:F3:7A:41:71:83:C4:32:61:83:6B:47:FA:EA:8F
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/82F790EA04AF11F0B122CC61762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.237.106.0/23
156.237.112.0/21
Signature Algorithm: sha256WithRSAEncryption
99:6c:7d:6b:a0:19:b8:86:10:03:46:86:a4:f5:81:1c:c4:f4:
08:a0:f7:42:c6:b1:2b:2c:f0:3a:58:b1:9b:64:50:0f:83:50:
08:83:6a:8f:a4:01:78:b1:1b:ac:b2:ac:ce:00:7c:28:7b:0a:
b7:6f:0d:34:e4:86:5a:7d:24:5b:24:55:20:ac:73:4d:c8:6f:
d2:76:65:1f:e7:e8:c7:62:d4:9e:6a:08:27:8f:28:87:99:3c:
fa:db:b1:36:56:e6:3f:33:f7:87:f7:c6:45:8d:7b:8d:42:4c:
91:d2:84:44:2f:69:3f:1f:0c:dd:b7:88:90:77:31:90:e3:2f:
f2:51:d3:ca:e5:59:df:0a:fe:5f:cc:c3:9d:74:74:c1:17:c0:
a7:31:29:81:53:d8:0c:3c:0e:5e:75:48:53:97:fc:9f:d1:9a:
15:5f:b8:d3:53:ae:a5:7b:67:c5:6f:1d:d4:28:9c:e5:41:41:
6d:8c:05:8a:f8:62:59:16:a9:24:6c:de:db:02:47:ce:01:9b:
3d:77:48:cd:71:40:f0:d8:d1:e2:61:39:85:c2:25:dc:0d:14:
08:ca:8b:df:bf:82:0b:be:0e:74:bc:9c:f9:59:04:09:99:d6:
a1:66:24:e0:92:78:57:f1:9e:bd:a4:c1:bf:25:b0:23:ef:04:
a1:de:37:5f
-----BEGIN CERTIFICATE-----
MIIFhzCCBG+gAwIBAgIDAUbOMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMzE5MTA0NzA3WhcNMjUwNDAyMTA0NzA3WjAYMRYw
FAYDVQQDEw02N2RhYTBhZi01YzM2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA60NoRa1U6fqR79uM6VjLDv+DcK1lmc5l4JTrOd7H8A7UrYkdFZdLwUJE
R3ZB4qr8HvxJfv7xBKYAme8QEzgpbzCPzb+V0G6w9agPL4n/kfr4Qc1eEgaz6Ukq
zNax0fk7p2Iivca5puvxiHkT3WylcLhU5+QP68/dQ2GHvVooZZhmusFU4IjWDUzk
+5AJ9RRH+w10YkuaM3xX40+bOtnAns7OP5w705tCuVGNLmsZg+bWvHGcn0rAPAFa
PyLR5s3f1HtaUeIbJMjU8mMIeVr01sBLPKidZ8xZFQoPwv16FB7VT0lKi9LbqeKc
N2DqqTDMOqdfKWQh/Fzz+fk6MJHW6QIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFMQa
xO/jQfN6QXGDxDJhg2tH+uqPMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC84MkY3OTBFQTA0QUYxMUYwQjEyMkNDNjE3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBnO1qAwQDnO1wMA0GCSqGSIb3
DQEBCwUAA4IBAQCZbH1roBm4hhADRoak9YEcxPQIoPdCxrErLPA6WLGbZFAPg1AI
g2qPpAF4sRussqzOAHwoewq3bw005IZafSRbJFUgrHNNyG/SdmUf5+jHYtSeaggn
jyiHmTz627E2VuY/M/eH98ZFjXuNQkyR0oREL2k/Hwzdt4iQdzGQ4y/yUdPK5Vnf
Cv5fzMOddHTBF8CnMSmBU9gMPA5edUhTl/yf0ZoVX7jTU66le2fFbx3UKJzlQUFt
jAWK+GJZFqkkbN7bAkfOAZs9d0jNcUDw2NHiYTmFwiXcDRQIyovfv4ILvg50vJz5
WQQJmdahZiTgknhX8Z69pMG/JbAj7wSh3jdf
-----END CERTIFICATE-----
Generated at Sun Apr 6 18:04:38 2025 by rpki-client