Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/9CF97954F17211EFBD213682762E951A.roa
File: 9CF97954F17211EFBD213682762E951A.roa (raw, json)
Hash identifier: ZHlg4hFXmcN2QhJEdviYfkuQYEQWTbVCB8bkQMCRjVA=
Subject key identifier: B8:18:43:2A:53:79:9C:D3:A0:AB:34:78:0B:F2:42:72:C2:3A:8E:BB
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 0129CA
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/9CF97954F17211EFBD213682762E951A.roa
Signing time: Sat 22 Feb 2025 23:13:23 +0000
ROA not before: Sat 22 Feb 2025 23:13:20 +0000
ROA not after: Fri 04 Apr 2025 23:13:20 +0000
asID: 21859
IP address blocks: 156.225.10.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 76234 (0x129ca)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Feb 22 23:13:20 2025 GMT
Not After : Apr 4 23:13:20 2025 GMT
Subject: CN=67ba5a13-edec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:73:c0:f8:8d:12:f9:8d:58:13:68:48:46:ff:
dd:54:1d:99:b8:5d:42:6e:cf:37:b6:19:31:72:5f:
df:8e:67:ab:17:67:40:d6:35:d5:29:29:42:03:de:
92:ec:97:e2:59:07:80:60:29:2d:ac:04:5a:b5:6d:
6f:c6:7e:6c:c7:48:20:1b:e4:2f:dc:69:0a:cb:37:
36:a9:49:0a:74:7f:cc:d1:5a:20:17:be:1c:2f:8d:
34:2f:a5:cf:93:a3:6a:65:c1:6a:4c:a0:8c:69:8d:
11:9e:df:5e:00:26:81:ed:e5:e1:4b:4b:ac:bc:f3:
f1:2d:9b:c0:e5:64:01:19:12:27:46:d1:a9:81:6f:
31:9c:83:f1:fd:c0:e0:17:35:99:43:47:c6:88:f4:
62:e6:e0:ff:08:d0:2b:3c:4e:29:fa:27:55:37:fd:
44:54:00:ea:ed:ea:09:05:73:13:be:94:be:b6:0b:
6a:de:9f:a7:0a:86:5e:4a:05:f7:5e:25:f2:f2:b2:
12:9d:4a:2e:5d:db:39:e7:53:42:78:5b:60:4f:2d:
61:56:3f:41:37:a9:3a:d6:d6:a1:ed:d1:6d:55:83:
f7:b1:a9:12:93:a2:f5:dd:0c:bb:48:b4:c1:f1:d7:
03:54:de:81:c5:25:08:3a:7e:0c:a5:08:a7:d3:1b:
26:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:18:43:2A:53:79:9C:D3:A0:AB:34:78:0B:F2:42:72:C2:3A:8E:BB
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/9CF97954F17211EFBD213682762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.225.10.0/24
Signature Algorithm: sha256WithRSAEncryption
02:80:79:1a:a4:35:12:2a:f1:e7:f0:21:ed:bc:a4:ce:ea:c7:
1a:41:dc:64:64:ba:b2:51:6c:86:4b:d7:5a:0f:c8:b0:8d:e2:
f4:c7:e8:27:dc:3e:f8:5b:cd:55:72:48:89:c2:7c:86:17:9e:
4a:15:dd:1e:c7:e3:5d:f5:ff:cc:d0:7d:76:22:54:9f:d6:a0:
a4:e4:89:c1:a3:39:2b:16:ea:37:1d:d2:a7:1c:43:1c:4d:1d:
16:d1:bd:9b:43:62:78:f2:a1:d3:8f:91:03:dc:f6:71:65:25:
af:92:75:77:54:5c:18:c2:7c:92:07:68:87:69:d6:ea:c4:43:
46:ac:1d:58:d8:84:da:c8:36:d0:83:4b:e4:98:29:be:45:af:
07:ce:6c:16:b1:f0:82:63:2a:f3:21:c3:37:77:42:86:37:f2:
4f:51:7f:26:51:d2:a3:4b:de:6c:fb:02:67:9d:a5:15:6e:f2:
31:e7:06:c5:db:eb:f0:0d:42:3b:24:b2:21:46:80:2b:fd:51:
95:37:0e:f3:48:8c:10:bc:89:6e:fc:ec:f5:6f:17:86:0c:64:
c0:05:b7:b7:fe:6a:4f:4f:06:e8:f3:24:a2:3a:ac:0e:97:1d:
ee:1e:0c:37:ee:8c:63:f7:c1:b3:81:69:37:da:f9:28:cd:f2:
d9:68:73:24
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDASnKMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMjIyMjMxMzIwWhcNMjUwNDA0MjMxMzIwWjAYMRYw
FAYDVQQDEw02N2JhNWExMy1lZGVjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEApHPA+I0S+Y1YE2hIRv/dVB2ZuF1Cbs83thkxcl/fjmerF2dA1jXVKSlC
A96S7JfiWQeAYCktrARatW1vxn5sx0ggG+Qv3GkKyzc2qUkKdH/M0VogF74cL400
L6XPk6NqZcFqTKCMaY0Rnt9eACaB7eXhS0usvPPxLZvA5WQBGRInRtGpgW8xnIPx
/cDgFzWZQ0fGiPRi5uD/CNArPE4p+idVN/1EVADq7eoJBXMTvpS+tgtq3p+nCoZe
SgX3XiXy8rISnUouXds551NCeFtgTy1hVj9BN6k61tah7dFtVYP3sakSk6L13Qy7
SLTB8dcDVN6BxSUIOn4MpQin0xsmBwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFLgY
QypTeZzToKs0eAvyQnLCOo67MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC85Q0Y5Nzk1NEYxNzIxMUVGQkQyMTM2ODI3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOEKMA0GCSqGSIb3DQEBCwUA
A4IBAQACgHkapDUSKvHn8CHtvKTO6scaQdxkZLqyUWyGS9daD8iwjeL0x+gn3D74
W81VckiJwnyGF55KFd0ex+Nd9f/M0H12IlSf1qCk5InBozkrFuo3HdKnHEMcTR0W
0b2bQ2J48qHTj5ED3PZxZSWvknV3VFwYwnySB2iHadbqxENGrB1Y2ITayDbQg0vk
mCm+Ra8HzmwWsfCCYyrzIcM3d0KGN/JPUX8mUdKjS95s+wJnnaUVbvIx5wbF2+vw
DUI7JLIhRoAr/VGVNw7zSIwQvIlu/Oz1bxeGDGTABbe3/mpPTwbo8ySiOqwOlx3u
Hgw37oxj98GzgWk32vkozfLZaHMk
-----END CERTIFICATE-----
Generated at Sat Apr 5 09:18:49 2025 by rpki-client