Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/8FD9A34AF8C311EFBB2D0AA9762E951A.roa
File: 8FD9A34AF8C311EFBB2D0AA9762E951A.roa (raw, json)
Hash identifier: Nno436hzMJE+F02CU9Io4fhkqZBctRznWASqiKlbgxs=
Subject key identifier: 11:2C:9E:56:86:AE:D9:85:71:D6:11:02:90:0E:E1:B0:A9:8F:C7:4E
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 01429D
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/8FD9A34AF8C311EFBB2D0AA9762E951A.roa
Signing time: Tue 04 Mar 2025 06:40:29 +0000
ROA not before: Tue 04 Mar 2025 06:40:25 +0000
ROA not after: Fri 04 Apr 2025 06:40:25 +0000
asID: 200373
IP address blocks: 156.228.176.0/24 maxlen: 24
156.228.184.0/24 maxlen: 24
156.228.185.0/24 maxlen: 24
156.228.189.0/24 maxlen: 24
156.253.164.0/24 maxlen: 24
156.253.165.0/24 maxlen: 24
156.253.166.0/24 maxlen: 24
156.253.167.0/24 maxlen: 24
156.253.168.0/24 maxlen: 24
156.253.169.0/24 maxlen: 24
156.253.170.0/24 maxlen: 24
156.253.171.0/24 maxlen: 24
156.253.172.0/24 maxlen: 24
156.253.173.0/24 maxlen: 24
156.253.174.0/24 maxlen: 24
156.253.175.0/24 maxlen: 24
156.253.176.0/24 maxlen: 24
156.253.177.0/24 maxlen: 24
156.253.178.0/24 maxlen: 24
156.253.179.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 82589 (0x1429d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Mar 4 06:40:25 2025 GMT
Not After : Apr 4 06:40:25 2025 GMT
Subject: CN=67c6a05d-640a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:ea:dc:3a:4a:2a:78:36:1a:e8:c1:b2:86:1b:
0c:e7:fb:f9:59:a3:8c:6a:0d:41:83:dc:80:f6:f1:
25:27:1d:50:6f:73:a0:a0:b1:db:27:87:c0:0a:66:
5e:82:f1:54:ae:de:1f:af:01:57:bb:e1:c6:ce:c7:
23:15:d4:88:04:18:71:c8:67:20:17:c8:2c:5f:ce:
ad:5a:09:87:3c:9e:98:e9:ef:d4:be:fa:f4:bc:b4:
64:c8:ba:41:ed:46:73:21:ce:d2:36:82:f3:05:13:
ec:17:8c:45:ce:34:1b:3c:1a:8e:8e:d7:df:77:ec:
84:5d:62:4b:5d:36:94:fc:0b:59:d9:9c:6e:40:e1:
6b:68:40:3a:6a:98:76:35:04:23:2a:47:07:cc:13:
fe:ec:86:ee:06:39:83:43:ca:dc:8d:89:4b:f7:19:
24:f7:79:79:ba:de:6c:54:86:21:71:0b:e2:41:71:
85:b5:b0:45:49:27:41:fd:d7:27:05:34:e8:9d:06:
4d:3d:17:5d:3a:f8:95:fa:34:8a:b7:7e:49:b1:9e:
9f:78:b2:c5:65:cd:4d:06:14:79:ae:36:9a:12:b4:
4a:eb:3e:4d:7d:ca:71:df:a5:fd:46:4b:cb:e9:0f:
42:ef:eb:0f:9a:94:38:88:ea:29:b3:65:15:3b:c9:
bb:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:2C:9E:56:86:AE:D9:85:71:D6:11:02:90:0E:E1:B0:A9:8F:C7:4E
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/8FD9A34AF8C311EFBB2D0AA9762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.228.176.0/24
156.228.184.0/23
156.228.189.0/24
156.253.164.0-156.253.179.255
Signature Algorithm: sha256WithRSAEncryption
aa:ec:d0:35:16:36:13:d1:2c:77:53:5e:af:6d:3f:19:26:57:
ab:86:9c:e3:68:52:ac:fd:86:9f:c9:3d:95:b5:cf:36:b7:c5:
f8:6c:45:ca:79:37:15:0f:3d:2b:95:fb:c4:f7:0b:43:30:3f:
08:ba:71:1e:c9:64:f4:3f:11:45:05:86:4a:cc:26:e5:44:a2:
02:76:08:79:98:26:97:0d:c7:27:9b:e9:89:16:e0:0f:76:aa:
ef:c6:ce:cb:d6:29:20:54:7d:a9:a6:4e:46:81:a5:e3:46:9a:
fd:bf:33:59:a9:67:5c:f0:14:c4:9f:46:99:ef:75:67:49:ee:
f7:12:22:0f:07:09:f9:40:15:7a:dd:48:c1:91:c7:6a:18:ae:
42:22:94:05:f1:eb:ed:0a:5a:4d:b9:86:e9:42:9d:15:32:51:
ea:3e:20:a2:35:40:74:be:90:fc:e5:82:df:3f:52:7a:4a:e5:
d3:0f:51:a2:ba:17:ce:09:14:fd:5f:57:42:fb:bd:8c:19:89:
aa:0f:bb:a8:8b:50:69:1e:45:82:da:11:e6:c3:08:fd:c8:c7:
40:7f:b6:9a:bb:cf:5e:d4:66:d0:d5:0e:85:19:5b:97:d1:06:
27:7a:a4:c1:6e:52:b8:53:c9:10:e5:e3:8d:56:3e:75:1f:10:
84:d8:f8:8a
-----BEGIN CERTIFICATE-----
MIIFmzCCBIOgAwIBAgIDAUKdMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMzA0MDY0MDI1WhcNMjUwNDA0MDY0MDI1WjAYMRYw
FAYDVQQDEw02N2M2YTA1ZC02NDBhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAy+rcOkoqeDYa6MGyhhsM5/v5WaOMag1Bg9yA9vElJx1Qb3OgoLHbJ4fA
CmZegvFUrt4frwFXu+HGzscjFdSIBBhxyGcgF8gsX86tWgmHPJ6Y6e/Uvvr0vLRk
yLpB7UZzIc7SNoLzBRPsF4xFzjQbPBqOjtffd+yEXWJLXTaU/AtZ2ZxuQOFraEA6
aph2NQQjKkcHzBP+7IbuBjmDQ8rcjYlL9xkk93l5ut5sVIYhcQviQXGFtbBFSSdB
/dcnBTTonQZNPRddOviV+jSKt35JsZ6feLLFZc1NBhR5rjaaErRK6z5Nfcpx36X9
RkvL6Q9C7+sPmpQ4iOops2UVO8m7CwIDAQABo4ICvDCCArgwHQYDVR0OBBYEFBEs
nlaGrtmFcdYRApAO4bCpj8dOMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC84RkQ5QTM0QUY4QzMxMUVGQkIyRDBBQTk3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQAnOSwAwQBnOS4AwQAnOS9MAwD
BAKc/aQDBAKc/bAwDQYJKoZIhvcNAQELBQADggEBAKrs0DUWNhPRLHdTXq9tPxkm
V6uGnONoUqz9hp/JPZW1zza3xfhsRcp5NxUPPSuV+8T3C0MwPwi6cR7JZPQ/EUUF
hkrMJuVEogJ2CHmYJpcNxyeb6YkW4A92qu/GzsvWKSBUfammTkaBpeNGmv2/M1mp
Z1zwFMSfRpnvdWdJ7vcSIg8HCflAFXrdSMGRx2oYrkIilAXx6+0KWk25hulCnRUy
Ueo+IKI1QHS+kPzlgt8/UnpK5dMPUaK6F84JFP1fV0L7vYwZiaoPu6iLUGkeRYLa
EebDCP3Ix0B/tpq7z17UZtDVDoUZW5fRBid6pMFuUrhTyRDl441WPnUfEITY+Io=
-----END CERTIFICATE-----
Generated at Sat Apr 5 10:25:30 2025 by rpki-client