Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/A7A2C7A2F2D011EFA73C9A72762E951A.roa
File: A7A2C7A2F2D011EFA73C9A72762E951A.roa (raw, json)
Hash identifier: ghwAJc7Kfsm5t2VnWWnhTaAYzNR2u9wG4DhIsUyO3qA=
Subject key identifier: 16:D9:C1:6B:2C:A4:8F:2A:D0:C6:C5:E6:99:64:E5:08:3C:A8:74:C2
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 012CA9
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/A7A2C7A2F2D011EFA73C9A72762E951A.roa
Signing time: Mon 24 Feb 2025 16:59:05 +0000
ROA not before: Mon 24 Feb 2025 16:59:01 +0000
ROA not after: Fri 04 Apr 2025 16:59:01 +0000
asID: 5068
IP address blocks: 156.225.8.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 76969 (0x12ca9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Feb 24 16:59:01 2025 GMT
Not After : Apr 4 16:59:01 2025 GMT
Subject: CN=67bca559-9060
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:01:22:3b:27:a6:64:c9:fe:4d:2e:79:9b:12:
f2:d9:d3:df:d7:f5:92:9c:05:da:af:6b:c0:a2:d5:
e8:fe:8e:a2:14:98:d9:09:50:4a:67:9b:a4:5b:0d:
32:13:0c:63:5a:9f:77:a4:a9:80:cb:a1:91:13:d5:
7c:9d:35:d0:98:6f:88:bc:dc:e7:2b:f1:b4:9e:c9:
87:7e:c7:b0:4c:33:01:5d:ed:51:5f:e5:bb:2c:1c:
f5:0a:f2:de:ed:b5:4d:73:3f:ca:76:a3:e9:2c:0e:
22:a2:f9:aa:62:88:12:d3:4a:cb:75:05:a0:54:4c:
80:c3:38:32:41:e9:d3:20:04:0b:d0:5c:51:06:49:
02:0c:d0:41:b0:68:8d:13:6b:ec:58:5e:e8:2d:9c:
a2:cd:ad:39:2b:64:da:74:4d:d4:2f:bb:f8:c2:c7:
6d:7f:0f:9a:a5:dd:20:b1:81:fd:37:26:2b:1f:48:
eb:7a:23:b4:72:64:47:85:11:1a:6a:c6:28:e0:d4:
40:fa:34:dd:da:14:51:ea:27:72:3d:6e:fc:d6:a1:
1e:dd:90:35:9d:49:07:e0:7f:d9:9b:e4:44:55:c1:
4d:33:40:24:a1:2c:b7:1f:f7:c1:3e:85:bc:37:ef:
d9:a0:55:c8:22:de:ef:e0:51:23:67:bb:69:ed:c3:
1e:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:D9:C1:6B:2C:A4:8F:2A:D0:C6:C5:E6:99:64:E5:08:3C:A8:74:C2
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/A7A2C7A2F2D011EFA73C9A72762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.225.8.0/22
Signature Algorithm: sha256WithRSAEncryption
65:5d:4b:48:30:69:62:b1:9a:75:d2:a5:f1:94:10:57:80:fb:
cf:c3:61:39:c1:d3:29:1e:cb:b5:55:f3:6a:43:82:bd:fb:75:
02:1d:9e:54:bb:63:a3:76:64:2c:92:b3:6e:e3:f5:71:71:56:
1b:4b:26:d2:7d:4f:3f:72:b3:35:92:20:b8:10:ce:4f:5d:c1:
57:2f:b0:ae:ee:f5:c3:ce:76:28:31:6a:9c:77:6a:f2:23:6a:
79:47:cc:4e:66:ad:73:ef:61:4f:5a:3f:16:99:4f:43:71:1a:
2b:08:cb:18:14:bd:2d:bb:36:35:3a:d7:dd:3c:b9:5d:51:b6:
64:8c:0a:36:15:10:74:4b:c9:fb:7a:a6:4e:95:e5:ab:44:68:
ce:5d:1d:14:67:9a:5f:45:e8:37:30:7b:d7:57:c8:c1:9e:06:
4d:34:90:15:e1:ab:51:e6:56:64:03:a1:b4:5c:ea:81:4a:2a:
8b:fa:e6:18:10:9c:ff:ba:50:31:9c:c0:a1:70:36:d2:89:da:
c1:ea:c3:43:35:c3:8e:6e:da:e2:cd:00:e3:f7:7e:8e:93:31:
a0:bb:ea:57:9f:c5:06:3b:ff:fb:26:56:e0:35:d4:18:d6:aa:
ca:6c:fa:8a:de:10:41:35:34:63:c5:82:1c:bf:0f:02:01:36:
74:05:a7:f6
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDASypMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMjI0MTY1OTAxWhcNMjUwNDA0MTY1OTAxWjAYMRYw
FAYDVQQDEw02N2JjYTU1OS05MDYwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA2QEiOyemZMn+TS55mxLy2dPf1/WSnAXar2vAotXo/o6iFJjZCVBKZ5uk
Ww0yEwxjWp93pKmAy6GRE9V8nTXQmG+IvNznK/G0nsmHfsewTDMBXe1RX+W7LBz1
CvLe7bVNcz/KdqPpLA4iovmqYogS00rLdQWgVEyAwzgyQenTIAQL0FxRBkkCDNBB
sGiNE2vsWF7oLZyiza05K2TadE3UL7v4wsdtfw+apd0gsYH9NyYrH0jreiO0cmRH
hREaasYo4NRA+jTd2hRR6idyPW781qEe3ZA1nUkH4H/Zm+REVcFNM0AkoSy3H/fB
PoW8N+/ZoFXIIt7v4FEjZ7tp7cMezwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFBbZ
wWsspI8q0MbF5plk5Qg8qHTCMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9BN0EyQzdBMkYyRDAxMUVGQTczQzlBNzI3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCnOEIMA0GCSqGSIb3DQEBCwUA
A4IBAQBlXUtIMGlisZp10qXxlBBXgPvPw2E5wdMpHsu1VfNqQ4K9+3UCHZ5Uu2Oj
dmQskrNu4/VxcVYbSybSfU8/crM1kiC4EM5PXcFXL7Cu7vXDznYoMWqcd2ryI2p5
R8xOZq1z72FPWj8WmU9DcRorCMsYFL0tuzY1OtfdPLldUbZkjAo2FRB0S8n7eqZO
leWrRGjOXR0UZ5pfReg3MHvXV8jBngZNNJAV4atR5lZkA6G0XOqBSiqL+uYYEJz/
ulAxnMChcDbSidrB6sNDNcOObtrizQDj936OkzGgu+pXn8UGO//7JlbgNdQY1qrK
bPqK3hBBNTRjxYIcvw8CATZ0Baf2
-----END CERTIFICATE-----
Generated at Sat Apr 5 09:06:30 2025 by rpki-client