Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/AEE286A6F2C111EFAE6D998D762E951A.roa
File: AEE286A6F2C111EFAE6D998D762E951A.roa (raw, json)
Hash identifier: +bCkWZxxRPiFlcXfAHphXAxlm/9pxnqMOaYe677C8qw=
Subject key identifier: E2:2E:E2:DF:E6:B1:D0:4A:3B:06:4A:96:D5:3A:C7:86:38:00:79:47
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 012BFF
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/AEE286A6F2C111EFAE6D998D762E951A.roa
Signing time: Mon 24 Feb 2025 15:11:55 +0000
ROA not before: Mon 24 Feb 2025 15:11:51 +0000
ROA not after: Sat 29 Mar 2025 15:11:51 +0000
asID: 203020
IP address blocks: 156.225.69.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 76799 (0x12bff)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Feb 24 15:11:51 2025 GMT
Not After : Mar 29 15:11:51 2025 GMT
Subject: CN=67bc8c3b-ee39
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:71:e9:eb:3c:7a:38:56:8e:fd:6a:eb:c5:65:
c2:cf:96:7d:0b:c1:72:bb:b6:af:22:b6:e8:a7:93:
28:9a:c8:25:dd:84:43:22:0e:e9:d1:1a:e7:e6:42:
5f:33:a1:12:ab:e7:df:16:d6:79:05:46:16:da:c3:
14:b9:2a:51:61:e2:7a:8a:1f:c5:3c:83:ce:ac:2f:
57:fa:d6:dc:5a:9a:3d:b6:5a:d0:cd:12:1d:b4:a8:
c1:c9:4f:43:05:8f:36:84:82:db:21:b4:8b:05:8b:
bd:ea:c2:fa:a8:4d:4b:65:5c:39:f8:18:e6:df:16:
76:8f:24:21:57:e9:d7:8c:53:76:84:f6:bc:f3:fa:
82:20:53:19:1f:a7:2f:06:90:70:35:1b:46:fc:5e:
74:ac:a5:a5:bd:1c:df:e8:ec:e8:6b:12:18:69:19:
af:8d:39:44:7c:c1:3e:32:e8:0a:3e:cf:ef:ae:9f:
bf:1c:44:aa:91:fb:5e:bd:b4:f9:c9:49:e2:96:c0:
7b:43:ec:59:d1:47:87:14:7b:03:88:6c:15:29:a7:
5e:67:09:e6:45:78:2d:e5:ce:9e:62:04:35:99:38:
d5:bc:2e:78:85:0b:35:69:2c:fe:99:87:fb:d8:60:
71:35:a5:01:65:a6:0b:11:64:7f:8b:8f:f1:ea:c9:
08:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:2E:E2:DF:E6:B1:D0:4A:3B:06:4A:96:D5:3A:C7:86:38:00:79:47
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/AEE286A6F2C111EFAE6D998D762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.225.69.0/24
Signature Algorithm: sha256WithRSAEncryption
9c:de:c1:4c:65:f1:82:21:28:0c:be:6c:ae:9b:82:75:62:e6:
d0:6a:18:b3:b5:0c:7f:2a:f9:f0:a3:b4:c8:d1:84:dc:53:49:
34:fd:fb:a5:91:dc:2a:04:db:fb:d9:2f:02:4c:8c:ce:df:bb:
14:2d:e4:ae:8f:a4:43:71:b5:b9:d1:f1:3b:d7:01:e4:60:ea:
cf:a0:23:4c:73:93:ab:36:4e:05:b6:2e:a5:4e:58:c0:ea:1e:
f5:39:21:4d:bd:f5:72:db:4a:d5:43:5d:1a:fa:fe:52:d2:71:
49:21:16:4d:6d:cb:08:3e:8e:dd:75:46:de:76:2b:04:d7:dc:
29:c1:b1:8f:8e:ba:2c:fd:cc:b8:47:35:f2:bd:81:24:7b:55:
9b:17:19:c2:0a:62:42:75:e2:dd:2b:dc:88:2f:42:33:0e:b0:
b0:c9:53:56:b5:5d:a3:31:52:5a:bd:6b:9b:d3:f8:f7:93:cf:
96:43:ba:27:92:4f:67:5a:ac:e8:12:7d:bc:6f:41:c7:e9:52:
e9:c9:d8:6e:9d:a8:16:2f:69:de:e6:41:d2:7c:c8:2c:ec:ce:
2b:4b:25:d8:68:60:3a:fc:db:ff:b1:ca:bc:57:bb:b8:94:c4:
38:7f:c8:38:f0:d2:ae:a5:d2:76:e3:d1:81:d5:75:9e:46:a3:
09:f9:2c:8f
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDASv/MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMjI0MTUxMTUxWhcNMjUwMzI5MTUxMTUxWjAYMRYw
FAYDVQQDEw02N2JjOGMzYi1lZTM5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAunHp6zx6OFaO/WrrxWXCz5Z9C8Fyu7avIrbop5Momsgl3YRDIg7p0Rrn
5kJfM6ESq+ffFtZ5BUYW2sMUuSpRYeJ6ih/FPIPOrC9X+tbcWpo9tlrQzRIdtKjB
yU9DBY82hILbIbSLBYu96sL6qE1LZVw5+Bjm3xZ2jyQhV+nXjFN2hPa88/qCIFMZ
H6cvBpBwNRtG/F50rKWlvRzf6OzoaxIYaRmvjTlEfME+MugKPs/vrp+/HESqkfte
vbT5yUnilsB7Q+xZ0UeHFHsDiGwVKadeZwnmRXgt5c6eYgQ1mTjVvC54hQs1aSz+
mYf72GBxNaUBZaYLEWR/i4/x6skISwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFOIu
4t/msdBKOwZKltU6x4Y4AHlHMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9BRUUyODZBNkYyQzExMUVGQUU2RDk5OEQ3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOFFMA0GCSqGSIb3DQEBCwUA
A4IBAQCc3sFMZfGCISgMvmyum4J1YubQahiztQx/Kvnwo7TI0YTcU0k0/fulkdwq
BNv72S8CTIzO37sULeSuj6RDcbW50fE71wHkYOrPoCNMc5OrNk4Fti6lTljA6h71
OSFNvfVy20rVQ10a+v5S0nFJIRZNbcsIPo7ddUbedisE19wpwbGPjros/cy4RzXy
vYEke1WbFxnCCmJCdeLdK9yIL0IzDrCwyVNWtV2jMVJavWub0/j3k8+WQ7onkk9n
WqzoEn28b0HH6VLpydhunagWL2ne5kHSfMgs7M4rSyXYaGA6/Nv/scq8V7u4lMQ4
f8g48NKupdJ249GB1XWeRqMJ+SyP
-----END CERTIFICATE-----
Generated at Sat Apr 12 05:09:21 2025 by rpki-client