Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/AEC4A65A3A0011F0A6CC5D82DAE4EC9C.roa
File: AEC4A65A3A0011F0A6CC5D82DAE4EC9C.roa (raw, json)
Hash identifier: K9zfmiNiV0chbdpRizZmPthmsrpno2kNWfOpzK39XLw=
Subject key identifier: 63:A7:DB:59:3B:F8:64:48:FD:37:81:52:1B:39:BA:6D:78:63:60:D1
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 015786
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/AEC4A65A3A0011F0A6CC5D82DAE4EC9C.roa
Signing time: Mon 26 May 2025 07:11:46 +0000
ROA not before: Mon 26 May 2025 07:11:41 +0000
ROA not after: Tue 03 Jun 2025 07:11:41 +0000
asID: 138415
IP address blocks: 156.224.90.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 87942 (0x15786)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: May 26 07:11:41 2025 GMT
Not After : Jun 3 07:11:41 2025 GMT
Subject: CN=68341432-4b40
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:c1:24:10:6e:d6:96:3b:7f:3d:3e:63:55:7f:
71:04:a0:29:33:cc:8e:2e:3d:19:be:c9:30:db:cc:
21:5f:e7:bc:54:b7:50:d4:d2:8f:10:7c:3e:5c:27:
95:6d:df:23:b1:ce:de:a9:5d:6b:fd:e3:5e:c1:b0:
d5:1b:c4:9d:df:15:16:12:ec:ef:a5:d5:e4:24:82:
a8:79:21:79:e4:c2:ac:8f:a9:a8:55:b6:83:1a:8c:
1b:29:d2:56:7b:e0:66:03:1e:78:c7:66:10:53:36:
79:d0:be:82:5d:ed:d0:cf:d8:7c:75:d6:3c:4f:cb:
00:63:bb:e0:b0:6a:d6:9c:c4:5f:04:8f:af:46:3b:
aa:e9:b2:8e:6f:e5:5b:3f:9f:b8:d7:3d:c9:04:d3:
f5:51:4c:d2:c5:a8:c3:af:71:e8:fa:3c:25:c7:32:
13:b3:fc:e2:b2:e9:07:eb:f6:60:8f:6d:a9:13:97:
08:1a:6f:93:32:f6:49:67:26:e7:1a:46:2c:16:4d:
59:6e:e3:eb:84:e3:fe:4e:cc:4e:9e:2b:98:04:4c:
95:1a:5f:3a:03:69:e6:35:59:64:60:8d:40:1a:e6:
60:7e:45:d2:6b:7d:9a:fb:18:4b:de:b8:c0:86:72:
ff:08:6d:09:6f:6e:40:c2:d8:f9:71:34:a7:23:3c:
69:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:A7:DB:59:3B:F8:64:48:FD:37:81:52:1B:39:BA:6D:78:63:60:D1
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/AEC4A65A3A0011F0A6CC5D82DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.224.90.0/24
Signature Algorithm: sha256WithRSAEncryption
30:4e:c7:b0:b2:41:01:3d:98:78:c9:d1:ed:26:d5:8c:46:15:
86:95:c1:d3:09:e5:91:3b:bd:8e:46:25:e1:41:44:19:4e:22:
24:bc:4c:c5:6d:53:95:dd:33:11:33:c1:c7:4a:ae:38:89:39:
44:3d:8c:27:de:11:43:b1:1f:ed:c1:69:33:cc:69:dc:33:7b:
52:29:95:37:5e:97:0e:e5:e7:2e:50:5b:58:c7:ee:ab:8d:9a:
a7:38:f1:58:13:c9:32:88:19:f4:e2:26:17:78:6f:53:fe:da:
3c:c7:0d:93:83:fd:82:b7:b2:32:73:18:51:5a:9e:09:3c:e9:
9e:81:46:3c:90:4f:d2:38:8b:10:d0:a8:31:3d:f3:64:b5:77:
f7:b4:ab:ae:36:c3:ed:1f:75:ed:84:e1:63:cf:b3:d0:09:b0:
fa:94:fd:54:c6:a8:96:44:9d:2f:c4:5e:3e:2f:db:7c:93:35:
c9:68:66:d1:4f:37:c9:8a:ab:f5:2c:b5:81:91:3d:07:4e:7b:
8e:f9:6f:ef:c8:4a:ad:95:c0:65:11:08:cb:b7:85:54:8b:c7:
c0:b3:10:8f:f1:63:02:87:bc:21:d0:c9:49:62:97:be:ac:27:
60:12:dc:3e:44:9e:51:f1:30:2a:fe:14:3c:cb:26:b4:64:76:
31:85:27:4c
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAVeGMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNTI2MDcxMTQxWhcNMjUwNjAzMDcxMTQxWjAYMRYw
FAYDVQQDEw02ODM0MTQzMi00YjQwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA4MEkEG7Wljt/PT5jVX9xBKApM8yOLj0Zvskw28whX+e8VLdQ1NKPEHw+
XCeVbd8jsc7eqV1r/eNewbDVG8Sd3xUWEuzvpdXkJIKoeSF55MKsj6moVbaDGowb
KdJWe+BmAx54x2YQUzZ50L6CXe3Qz9h8ddY8T8sAY7vgsGrWnMRfBI+vRjuq6bKO
b+VbP5+41z3JBNP1UUzSxajDr3Ho+jwlxzITs/zisukH6/Zgj22pE5cIGm+TMvZJ
ZybnGkYsFk1ZbuPrhOP+TsxOniuYBEyVGl86A2nmNVlkYI1AGuZgfkXSa32a+xhL
3rjAhnL/CG0Jb25Awtj5cTSnIzxpuwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFGOn
21k7+GRI/TeBUhs5um14Y2DRMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9BRUM0QTY1QTNBMDAxMUYwQTZDQzVEODJEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOBaMA0GCSqGSIb3DQEBCwUA
A4IBAQAwTsewskEBPZh4ydHtJtWMRhWGlcHTCeWRO72ORiXhQUQZTiIkvEzFbVOV
3TMRM8HHSq44iTlEPYwn3hFDsR/twWkzzGncM3tSKZU3XpcO5ecuUFtYx+6rjZqn
OPFYE8kyiBn04iYXeG9T/to8xw2Tg/2Ct7IycxhRWp4JPOmegUY8kE/SOIsQ0Kgx
PfNktXf3tKuuNsPtH3XthOFjz7PQCbD6lP1UxqiWRJ0vxF4+L9t8kzXJaGbRTzfJ
iqv1LLWBkT0HTnuO+W/vyEqtlcBlEQjLt4VUi8fAsxCP8WMCh7wh0MlJYpe+rCdg
Etw+RJ5R8TAq/hQ8yya0ZHYxhSdM
-----END CERTIFICATE-----
Generated at Thu Jun 5 02:07:47 2025 by rpki-client