Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/AA882ADA3AD211F0AF6E93D4DAE4EC9C.roa
File: AA882ADA3AD211F0AF6E93D4DAE4EC9C.roa (raw, json)
Hash identifier: VNw/dQbIZo3rsC8T0cUuwacz7iOHXZINvBlg6qu45Js=
Subject key identifier: 5E:FF:9A:2C:8B:DF:C7:CB:45:31:36:2F:EE:00:05:A3:6E:34:0B:66
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 0157AF
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/AA882ADA3AD211F0AF6E93D4DAE4EC9C.roa
Signing time: Tue 27 May 2025 08:14:53 +0000
ROA not before: Tue 27 May 2025 08:14:48 +0000
ROA not after: Mon 02 Jun 2025 08:14:48 +0000
asID: 139923
IP address blocks: 156.235.96.0/21 maxlen: 24
156.235.104.0/21 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 87983 (0x157af)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: May 27 08:14:48 2025 GMT
Not After : Jun 2 08:14:48 2025 GMT
Subject: CN=6835747d-ebb5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:e8:d2:ea:41:27:8a:4c:11:10:a6:ac:3c:25:
8c:6a:a8:11:bc:22:ba:c5:72:39:8c:bf:85:0e:7f:
7e:ae:69:58:94:d4:5c:a5:71:96:83:39:9c:6e:88:
bc:7c:85:c1:b8:4b:12:db:0c:2a:2f:47:8b:a2:51:
a0:f7:2e:4b:db:71:2b:e7:cf:0c:f4:9f:a7:67:66:
b6:3b:82:95:9d:b6:04:47:66:24:34:0e:e2:fe:f5:
22:65:c8:ee:ed:9d:da:9d:24:17:0c:a0:69:42:01:
7e:07:06:6b:98:c0:52:17:da:77:d5:1d:03:68:75:
b5:f6:11:63:70:a6:57:1c:c7:1e:1d:3b:25:9c:04:
b1:9b:71:53:ac:f9:8a:33:06:6e:1f:8a:1d:4e:f9:
f1:b4:5c:38:01:35:d2:d5:42:89:a5:dd:10:7a:34:
09:65:05:ae:58:58:a2:89:af:e9:e7:b9:d8:24:66:
3d:1e:2a:ac:9a:4f:ee:4a:f9:aa:c1:f7:ae:17:d8:
a0:58:3e:22:d1:c8:10:6d:20:b0:47:1f:5f:11:be:
f6:bf:aa:87:2d:2b:75:b0:3e:01:9a:8a:93:3c:4b:
19:4b:65:02:44:55:d0:19:53:42:b5:c1:5a:06:94:
85:29:96:c4:b2:eb:de:b0:a7:db:7d:9a:dc:c0:f5:
e9:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:FF:9A:2C:8B:DF:C7:CB:45:31:36:2F:EE:00:05:A3:6E:34:0B:66
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/AA882ADA3AD211F0AF6E93D4DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.235.96.0/20
Signature Algorithm: sha256WithRSAEncryption
53:69:eb:81:4e:af:4a:81:1f:7e:59:8b:bf:88:9b:23:f9:f9:
0b:df:3f:eb:55:a9:8b:6a:59:82:d3:e0:c7:84:ab:31:95:4a:
ed:54:99:c5:86:46:0e:16:46:df:01:5b:73:c2:97:e9:01:01:
4f:70:26:07:f2:35:80:15:8c:09:e3:66:62:af:a0:e3:03:fd:
95:e4:ff:a6:df:64:d5:fd:1c:40:e5:0c:ab:f1:c2:cd:7d:1f:
31:20:c7:50:56:29:70:21:d4:86:74:8e:29:4a:cc:7d:42:7e:
20:41:ad:46:3a:7a:88:66:db:41:a5:29:19:8f:a9:90:3f:c9:
1f:ee:df:41:52:3e:8f:2d:58:25:66:11:79:5e:b1:df:41:5f:
dd:b6:18:0b:0a:fa:7a:cd:f9:5b:1d:44:d8:5a:19:d9:ce:e6:
59:1b:16:ea:9a:6e:a3:f0:6f:6e:14:40:30:a2:5c:29:89:20:
46:01:4b:4a:49:9b:a2:ba:9a:a0:9a:c0:c1:3c:e3:ed:bd:f1:
19:91:eb:59:c7:30:9f:14:e4:03:9d:c6:32:1a:12:10:f9:81:
5a:b4:60:18:81:c3:3c:ff:14:42:6c:98:9c:e2:50:fc:09:fa:
c7:ed:cc:88:e5:ca:ca:6c:40:43:c0:8e:19:a0:4e:d6:a4:99:
e0:01:a5:1a
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAVevMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNTI3MDgxNDQ4WhcNMjUwNjAyMDgxNDQ4WjAYMRYw
FAYDVQQDEw02ODM1NzQ3ZC1lYmI1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAlOjS6kEnikwREKasPCWMaqgRvCK6xXI5jL+FDn9+rmlYlNRcpXGWgzmc
boi8fIXBuEsS2wwqL0eLolGg9y5L23Er588M9J+nZ2a2O4KVnbYER2YkNA7i/vUi
Zcju7Z3anSQXDKBpQgF+BwZrmMBSF9p31R0DaHW19hFjcKZXHMceHTslnASxm3FT
rPmKMwZuH4odTvnxtFw4ATXS1UKJpd0QejQJZQWuWFiiia/p57nYJGY9Hiqsmk/u
SvmqwfeuF9igWD4i0cgQbSCwRx9fEb72v6qHLSt1sD4BmoqTPEsZS2UCRFXQGVNC
tcFaBpSFKZbEsuvesKfbfZrcwPXpCwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFF7/
miyL38fLRTE2L+4ABaNuNAtmMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9BQTg4MkFEQTNBRDIxMUYwQUY2RTkzRDREQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEnOtgMA0GCSqGSIb3DQEBCwUA
A4IBAQBTaeuBTq9KgR9+WYu/iJsj+fkL3z/rVamLalmC0+DHhKsxlUrtVJnFhkYO
FkbfAVtzwpfpAQFPcCYH8jWAFYwJ42Zir6DjA/2V5P+m32TV/RxA5Qyr8cLNfR8x
IMdQVilwIdSGdI4pSsx9Qn4gQa1GOnqIZttBpSkZj6mQP8kf7t9BUj6PLVglZhF5
XrHfQV/dthgLCvp6zflbHUTYWhnZzuZZGxbqmm6j8G9uFEAwolwpiSBGAUtKSZui
upqgmsDBPOPtvfEZketZxzCfFOQDncYyGhIQ+YFatGAYgcM8/xRCbJic4lD8CfrH
7cyI5crKbEBDwI4ZoE7WpJngAaUa
-----END CERTIFICATE-----
Generated at Tue Jun 3 08:22:06 2025 by rpki-client