Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/A7CD2464393B11F0B453657CDAE4EC9C.roa
File: A7CD2464393B11F0B453657CDAE4EC9C.roa (raw, json)
Hash identifier: QvDgSXv2KU6+r5D4qGl2UtVN2QNUyOrZPAVyK/7CMcM=
Subject key identifier: A2:30:1C:8E:89:B0:9C:5D:98:4F:8F:54:E2:15:23:50:FA:54:88:4F
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 015775
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/A7CD2464393B11F0B453657CDAE4EC9C.roa
Signing time: Sun 25 May 2025 07:41:23 +0000
ROA not before: Sun 25 May 2025 07:41:18 +0000
ROA not after: Mon 02 Jun 2025 07:41:18 +0000
asID: 400619
IP address blocks: 156.224.16.0/23 maxlen: 24
156.224.18.0/23 maxlen: 24
156.224.20.0/22 maxlen: 24
156.224.24.0/22 maxlen: 24
156.224.28.0/23 maxlen: 24
156.224.30.0/23 maxlen: 24
156.224.63.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 87925 (0x15775)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: May 25 07:41:18 2025 GMT
Not After : Jun 2 07:41:18 2025 GMT
Subject: CN=6832c9a3-b25b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:0f:76:61:10:09:2a:2d:69:7b:35:dd:4b:f2:
81:55:d6:67:18:5e:1f:ae:7c:99:1a:7a:39:cc:b3:
90:69:27:25:e2:6d:2a:47:ac:c6:91:66:55:c5:74:
5e:d0:9a:07:d4:69:8c:72:83:dd:4d:5d:7f:7c:05:
6b:85:9e:cb:e9:10:b0:89:9f:49:49:d7:64:0c:30:
06:ae:e5:31:9c:b5:95:4e:77:78:05:7c:f9:06:cf:
21:5c:fd:6e:52:d6:87:08:c4:fd:e6:29:ee:ae:d7:
84:8a:5c:c7:06:b2:a3:c5:e8:39:a6:54:0b:72:0a:
7d:4f:cb:f9:bf:82:4c:db:b4:ce:09:55:de:65:15:
d5:ac:ac:20:82:5e:43:ac:40:9b:bf:47:89:58:23:
2f:e0:fb:a4:da:42:fc:e5:f6:c7:c2:24:f8:a6:e2:
d1:ad:96:2a:5a:bd:71:46:fe:1f:f0:fe:4f:3c:c5:
40:f3:50:c0:6c:79:93:2e:cb:7d:b4:ba:b2:48:a1:
d1:84:66:f9:4c:bf:ba:be:b8:a7:9b:8f:e8:66:5b:
36:a8:7a:68:86:f1:55:b4:d5:dd:d8:d2:27:f1:75:
66:38:66:76:c4:9a:62:d5:51:aa:50:f1:c1:1f:fe:
23:fe:44:b1:87:19:5d:a6:14:94:95:5f:fc:5a:ff:
d3:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:30:1C:8E:89:B0:9C:5D:98:4F:8F:54:E2:15:23:50:FA:54:88:4F
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/A7CD2464393B11F0B453657CDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.224.16.0/20
156.224.63.0/24
Signature Algorithm: sha256WithRSAEncryption
66:03:2b:2f:75:f5:da:d6:3e:04:7a:52:18:a2:be:99:f8:3c:
47:a3:92:4a:af:60:0f:09:76:7c:06:81:d1:f1:3a:3a:b2:3b:
0b:83:09:1e:11:b4:bf:03:b5:9d:dc:f6:a2:a9:7f:83:79:1f:
e5:e5:ef:0d:f7:fc:c1:96:d6:d1:2c:87:48:2a:ea:74:3b:18:
81:35:1f:66:96:e5:5b:77:53:8f:0e:28:1e:44:6e:b0:3b:28:
e9:21:94:47:66:2d:da:6b:40:99:dc:f3:62:6d:63:ce:74:b3:
0c:90:e3:6b:70:c1:18:b8:8e:c7:98:ef:bf:58:0d:2b:de:2d:
7e:90:89:f0:f8:14:6d:2a:0c:a6:d1:76:ba:41:53:f4:48:03:
2d:51:46:b0:b4:ba:5a:bd:46:7b:5d:90:23:42:0d:2a:83:9a:
20:ad:e1:66:6f:a7:5e:b0:ab:d5:03:63:57:6b:b7:5f:67:6b:
40:9f:e9:67:08:01:7b:47:36:97:18:b6:85:c7:4e:b8:19:d2:
1a:76:09:5b:5b:d9:bf:a3:59:7e:2f:fb:c0:05:c0:ff:2d:ec:
cc:fd:80:ee:a9:7c:1f:1c:d8:a3:50:ea:e8:3d:0e:88:e2:a3:
ba:ee:4f:b4:1d:fc:46:d1:6d:d5:61:e1:65:67:79:cb:01:a6:
20:16:3d:91
-----BEGIN CERTIFICATE-----
MIIFhzCCBG+gAwIBAgIDAVd1MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNTI1MDc0MTE4WhcNMjUwNjAyMDc0MTE4WjAYMRYw
FAYDVQQDEw02ODMyYzlhMy1iMjViMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAmA92YRAJKi1pezXdS/KBVdZnGF4frnyZGno5zLOQaScl4m0qR6zGkWZV
xXRe0JoH1GmMcoPdTV1/fAVrhZ7L6RCwiZ9JSddkDDAGruUxnLWVTnd4BXz5Bs8h
XP1uUtaHCMT95inurteEilzHBrKjxeg5plQLcgp9T8v5v4JM27TOCVXeZRXVrKwg
gl5DrECbv0eJWCMv4Puk2kL85fbHwiT4puLRrZYqWr1xRv4f8P5PPMVA81DAbHmT
Lst9tLqySKHRhGb5TL+6vrinm4/oZls2qHpohvFVtNXd2NIn8XVmOGZ2xJpi1VGq
UPHBH/4j/kSxhxldphSUlV/8Wv/T5QIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFKIw
HI6JsJxdmE+PVOIVI1D6VIhPMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9BN0NEMjQ2NDM5M0IxMUYwQjQ1MzY1N0NEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQEnOAQAwQAnOA/MA0GCSqGSIb3
DQEBCwUAA4IBAQBmAysvdfXa1j4EelIYor6Z+DxHo5JKr2APCXZ8BoHR8To6sjsL
gwkeEbS/A7Wd3PaiqX+DeR/l5e8N9/zBltbRLIdIKup0OxiBNR9mluVbd1OPDige
RG6wOyjpIZRHZi3aa0CZ3PNibWPOdLMMkONrcMEYuI7HmO+/WA0r3i1+kInw+BRt
Kgym0Xa6QVP0SAMtUUawtLpavUZ7XZAjQg0qg5ogreFmb6desKvVA2NXa7dfZ2tA
n+lnCAF7RzaXGLaFx064GdIadglbW9m/o1l+L/vABcD/LezM/YDuqXwfHNijUOro
PQ6I4qO67k+0HfxG0W3VYeFlZ3nLAaYgFj2R
-----END CERTIFICATE-----
Generated at Tue Jun 3 08:45:58 2025 by rpki-client