Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/9BE192A8F2D611EFA752529B762E951A.roa
File: 9BE192A8F2D611EFA752529B762E951A.roa (raw, json)
Hash identifier: rr77YwDjl7ZFQSpaM/WLt/2lTr9dtQ9uEjAPTjkQrVI=
Subject key identifier: 21:BA:A1:7D:92:01:28:FA:17:19:F7:4E:C6:6F:74:E1:D8:3B:B8:30
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 012D05
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/9BE192A8F2D611EFA752529B762E951A.roa
Signing time: Mon 24 Feb 2025 17:41:42 +0000
ROA not before: Mon 24 Feb 2025 17:41:39 +0000
ROA not after: Sat 29 Mar 2025 17:41:39 +0000
asID: 203020
IP address blocks: 156.233.2.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 77061 (0x12d05)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Feb 24 17:41:39 2025 GMT
Not After : Mar 29 17:41:39 2025 GMT
Subject: CN=67bcaf56-c968
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:b0:ae:e1:2d:b7:04:83:68:7e:3d:b9:87:eb:
34:3d:6c:4b:6f:b5:7b:57:f4:bd:74:79:56:d4:94:
63:bb:92:77:ff:78:f3:ba:20:82:16:6b:b4:0e:6f:
43:c7:42:3b:65:5d:10:66:4e:b4:68:d0:e6:c9:b6:
d7:7b:b5:07:00:5b:96:10:69:b9:28:a0:85:65:cb:
5d:56:0e:66:68:b9:b4:d3:ae:f1:58:35:5c:ba:22:
e9:7d:e8:24:25:d2:4c:a2:87:ec:13:c7:bb:a5:17:
01:9f:a3:b4:75:29:3a:7a:18:54:c0:2b:95:13:94:
6e:0b:32:99:f6:34:ad:79:63:b9:06:62:89:55:e6:
ef:05:b9:b7:cf:26:9c:64:e6:83:e7:4e:01:01:e5:
be:89:2e:ec:3c:e9:14:4c:d3:f0:41:cb:be:b8:01:
da:2b:20:83:dd:1a:db:91:f0:af:e1:ff:bd:68:a5:
a8:d4:25:b8:44:54:48:be:b2:14:e8:27:3b:d3:1d:
d9:de:de:b3:ad:9d:eb:b7:af:99:19:de:3f:e1:24:
15:6f:80:34:b6:18:ae:97:6d:a5:cd:c0:e8:f1:f1:
f4:e3:5e:72:c5:8c:88:6d:bc:6b:30:4b:ed:e5:d4:
9a:7a:93:57:c4:99:85:90:89:cd:30:49:ee:49:e2:
c5:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:BA:A1:7D:92:01:28:FA:17:19:F7:4E:C6:6F:74:E1:D8:3B:B8:30
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/9BE192A8F2D611EFA752529B762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.233.2.0/23
Signature Algorithm: sha256WithRSAEncryption
68:d6:45:0b:55:41:bc:57:33:2d:1d:76:1e:f2:6e:66:91:68:
5b:c7:61:f5:67:05:bf:5f:2e:23:ee:c1:3c:50:33:50:a0:14:
4c:77:45:ba:6c:52:6d:c3:43:b4:0d:e2:e9:80:12:cd:f2:81:
ac:bf:7d:44:6e:75:b1:16:ab:3b:fb:7d:bd:ec:da:48:59:a0:
1a:aa:40:f9:65:a1:ab:50:4a:2e:e4:ff:45:9c:7e:80:1e:df:
18:0e:c8:11:3c:e3:3e:25:fc:58:d2:28:b1:6d:1c:5d:4c:3f:
4d:0d:b3:3e:c6:46:b6:17:99:70:4d:bb:12:1c:5b:0d:a6:a9:
3d:26:98:0a:77:28:72:62:04:d6:28:5b:bc:80:94:7d:af:b0:
60:9c:53:40:2b:4e:8d:ce:83:6a:99:0c:b8:ca:8d:68:7a:20:
43:4f:2b:44:55:23:e7:ac:9a:83:18:42:ea:93:8b:3e:85:b2:
8a:b2:ea:79:3f:d2:e5:21:17:02:dd:37:19:7a:ff:87:7a:04:
44:cb:8b:d9:d4:8a:f7:1a:10:8e:9a:12:d9:bc:6a:14:32:2b:
70:08:7d:04:99:48:b9:8f:28:65:77:97:35:8f:34:11:46:35:
8b:51:7e:d8:cf:e4:9d:ee:97:c0:72:8f:32:55:36:3f:4a:1f:
59:88:1b:6b
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAS0FMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMjI0MTc0MTM5WhcNMjUwMzI5MTc0MTM5WjAYMRYw
FAYDVQQDEw02N2JjYWY1Ni1jOTY4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAvbCu4S23BINofj25h+s0PWxLb7V7V/S9dHlW1JRju5J3/3jzuiCCFmu0
Dm9Dx0I7ZV0QZk60aNDmybbXe7UHAFuWEGm5KKCFZctdVg5maLm0067xWDVcuiLp
fegkJdJMoofsE8e7pRcBn6O0dSk6ehhUwCuVE5RuCzKZ9jSteWO5BmKJVebvBbm3
zyacZOaD504BAeW+iS7sPOkUTNPwQcu+uAHaKyCD3RrbkfCv4f+9aKWo1CW4RFRI
vrIU6Cc70x3Z3t6zrZ3rt6+ZGd4/4SQVb4A0thiul22lzcDo8fH0415yxYyIbbxr
MEvt5dSaepNXxJmFkInNMEnuSeLFuwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFCG6
oX2SASj6Fxn3TsZvdOHYO7gwMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC85QkUxOTJBOEYyRDYxMUVGQTc1MjUyOUI3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBnOkCMA0GCSqGSIb3DQEBCwUA
A4IBAQBo1kULVUG8VzMtHXYe8m5mkWhbx2H1ZwW/Xy4j7sE8UDNQoBRMd0W6bFJt
w0O0DeLpgBLN8oGsv31EbnWxFqs7+3297NpIWaAaqkD5ZaGrUEou5P9FnH6AHt8Y
DsgRPOM+JfxY0iixbRxdTD9NDbM+xka2F5lwTbsSHFsNpqk9JpgKdyhyYgTWKFu8
gJR9r7BgnFNAK06NzoNqmQy4yo1oeiBDTytEVSPnrJqDGELqk4s+hbKKsup5P9Ll
IRcC3TcZev+HegREy4vZ1Ir3GhCOmhLZvGoUMitwCH0EmUi5jyhld5c1jzQRRjWL
UX7Yz+Sd7pfAco8yVTY/Sh9ZiBtr
-----END CERTIFICATE-----
Generated at Sat Apr 12 05:04:47 2025 by rpki-client