Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/98ECBEF8F2CF11EFB920B76B762E951A.roa
File: 98ECBEF8F2CF11EFB920B76B762E951A.roa (raw, json)
Hash identifier: E8MR7Tbbc2NGLvGxdmY6aK6Fp7gSD4l63ZXc37iMoes=
Subject key identifier: CE:73:81:BA:82:A2:CF:52:29:93:79:54:98:D4:D3:A9:4C:C7:B4:1F
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 012C97
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/98ECBEF8F2CF11EFB920B76B762E951A.roa
Signing time: Mon 24 Feb 2025 16:51:31 +0000
ROA not before: Mon 24 Feb 2025 16:51:27 +0000
ROA not after: Fri 04 Apr 2025 16:51:27 +0000
asID: 21859
IP address blocks: 156.225.9.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 76951 (0x12c97)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Feb 24 16:51:27 2025 GMT
Not After : Apr 4 16:51:27 2025 GMT
Subject: CN=67bca393-f53d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:70:74:14:13:5e:ba:8c:b4:5f:79:8f:6b:b2:
f1:1b:8b:ee:4f:bd:cd:65:08:28:19:90:ce:08:be:
13:5b:7a:1b:3a:10:2e:a3:17:66:ab:74:17:34:45:
c3:2b:14:55:7c:fd:c7:aa:01:f0:7d:10:cf:3f:14:
a4:49:c0:e6:50:cd:d7:08:57:ca:b5:38:04:be:a5:
f0:2c:7a:74:e0:67:d0:09:6f:85:bb:98:d0:c2:e6:
85:b6:fe:2f:86:84:96:a5:63:89:28:ac:bf:67:4b:
54:1f:bd:6b:76:57:f3:65:cc:00:b1:fb:d5:e1:65:
70:12:ad:bc:3e:8b:63:02:86:fd:3e:d7:c0:7f:23:
57:6c:b8:89:7e:3e:db:62:eb:b5:77:e1:e3:c1:75:
da:b8:26:4c:dc:7b:73:58:1f:44:e6:19:57:b9:ea:
1a:a9:7a:89:56:97:4c:b1:4a:54:0c:a1:0e:72:af:
de:67:99:cf:7b:e8:d8:6b:8a:ff:41:62:0a:c7:f0:
ed:9d:07:bf:33:26:aa:70:d7:41:8e:2f:c2:d1:e4:
15:a8:ff:4e:9c:b2:4a:23:25:09:a4:52:d9:a1:02:
84:ce:8c:d8:48:10:f7:6a:27:61:a1:fb:75:34:c3:
ad:98:b1:ad:70:da:33:d3:6e:e8:bb:9a:7d:0e:ac:
e4:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:73:81:BA:82:A2:CF:52:29:93:79:54:98:D4:D3:A9:4C:C7:B4:1F
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/98ECBEF8F2CF11EFB920B76B762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.225.9.0/24
Signature Algorithm: sha256WithRSAEncryption
0c:45:d3:52:c9:b1:10:13:09:ba:d9:c0:cc:06:7c:b7:6b:18:
53:06:52:01:f8:b5:aa:37:1c:5d:32:24:55:4b:a5:ca:c1:25:
5d:7e:23:33:a6:75:8f:c1:ed:48:d6:9b:97:a6:7b:9d:9b:df:
1c:e5:e7:a0:0a:78:85:7f:4e:44:41:24:28:84:32:84:f3:09:
8b:5b:83:fa:65:fe:e0:d3:cf:02:16:3d:bf:cb:a0:3c:77:b0:
33:91:9d:20:01:55:ab:74:f8:b4:94:d7:c3:bf:bf:43:38:aa:
50:66:17:6a:09:a8:d3:43:73:5a:85:61:1f:43:a3:19:46:1d:
a9:60:2e:56:c9:1d:a5:86:d3:ae:11:b0:9b:97:d8:af:b5:7f:
83:39:27:bb:d8:22:9b:b9:00:36:43:6c:73:3e:86:5f:5d:e7:
56:e9:14:c4:b9:89:89:45:96:75:21:45:bb:50:4c:f8:35:42:
9f:9e:99:c4:91:87:29:b9:14:0f:3f:7a:2c:9f:e1:64:33:b6:
2a:cf:7c:85:36:da:5f:fd:a4:33:61:30:5d:fd:fd:3e:75:0a:
10:bd:aa:cf:7b:9c:ec:cc:ad:25:70:86:fd:69:ca:8e:96:9b:
db:35:3f:20:90:91:b0:8d:81:6d:60:f2:c9:76:5c:98:3e:7d:
4b:6c:8e:49
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDASyXMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMjI0MTY1MTI3WhcNMjUwNDA0MTY1MTI3WjAYMRYw
FAYDVQQDEw02N2JjYTM5My1mNTNkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAsXB0FBNeuoy0X3mPa7LxG4vuT73NZQgoGZDOCL4TW3obOhAuoxdmq3QX
NEXDKxRVfP3HqgHwfRDPPxSkScDmUM3XCFfKtTgEvqXwLHp04GfQCW+Fu5jQwuaF
tv4vhoSWpWOJKKy/Z0tUH71rdlfzZcwAsfvV4WVwEq28PotjAob9PtfAfyNXbLiJ
fj7bYuu1d+HjwXXauCZM3HtzWB9E5hlXueoaqXqJVpdMsUpUDKEOcq/eZ5nPe+jY
a4r/QWIKx/DtnQe/MyaqcNdBji/C0eQVqP9OnLJKIyUJpFLZoQKEzozYSBD3aidh
oft1NMOtmLGtcNoz027ou5p9Dqzk0QIDAQABo4ICojCCAp4wHQYDVR0OBBYEFM5z
gbqCos9SKZN5VJjU06lMx7QfMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC85OEVDQkVGOEYyQ0YxMUVGQjkyMEI3NkI3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOEJMA0GCSqGSIb3DQEBCwUA
A4IBAQAMRdNSybEQEwm62cDMBny3axhTBlIB+LWqNxxdMiRVS6XKwSVdfiMzpnWP
we1I1puXpnudm98c5eegCniFf05EQSQohDKE8wmLW4P6Zf7g088CFj2/y6A8d7Az
kZ0gAVWrdPi0lNfDv79DOKpQZhdqCajTQ3NahWEfQ6MZRh2pYC5WyR2lhtOuEbCb
l9ivtX+DOSe72CKbuQA2Q2xzPoZfXedW6RTEuYmJRZZ1IUW7UEz4NUKfnpnEkYcp
uRQPP3osn+FkM7Yqz3yFNtpf/aQzYTBd/f0+dQoQvarPe5zszK0lcIb9acqOlpvb
NT8gkJGwjYFtYPLJdlyYPn1LbI5J
-----END CERTIFICATE-----
Generated at Sat Apr 5 09:18:14 2025 by rpki-client