Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/CD849AF43A4911EE8D6FE5144AD9E6FC.roa
File: CD849AF43A4911EE8D6FE5144AD9E6FC.roa (raw, json)
Hash identifier: n2TtZuBO+fX1vFh8b6/yPnzVmjkA1H7dEzldNX5vims=
Subject key identifier: 4F:A3:F9:51:51:F1:20:1F:B5:E4:73:C9:71:30:80:26:91:F5:70:20
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 3536
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/CD849AF43A4911EE8D6FE5144AD9E6FC.roa
Signing time: Mon 14 Aug 2023 02:25:15 +0000
ROA not before: Mon 14 Aug 2023 02:25:12 +0000
ROA not after: Sat 13 Jan 2024 02:25:12 +0000
asID: 139057
IP address blocks: 156.251.67.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13622 (0x3536)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Aug 14 02:25:12 2023 GMT
Not After : Jan 13 02:25:12 2024 GMT
Subject: CN=64d9908b-b0cc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:ce:fb:d5:c6:6f:91:e7:54:b9:8f:7a:e5:0c:
22:57:90:d4:c7:cf:25:99:e5:31:3e:e7:f6:d5:35:
81:b0:a8:14:30:36:0f:fd:ba:2a:cc:59:9f:30:00:
f2:7e:d8:d4:b9:e6:9d:94:f2:4b:6b:48:27:fa:4a:
1d:3b:cd:8c:0c:7a:61:69:f7:6a:a4:f5:a6:44:1c:
18:7c:7e:16:32:dd:08:f9:85:24:0d:e5:34:87:59:
93:b2:a4:f1:de:10:55:be:ce:13:6e:0b:33:f9:fb:
07:a2:e5:51:2e:3f:13:67:b0:05:1f:f6:49:ac:4a:
7f:8d:41:aa:f3:e0:80:cd:cd:3f:fb:e7:75:2c:f6:
e5:64:c2:be:73:71:9e:0d:63:23:3b:f5:6a:a7:2e:
af:cb:b8:6e:1f:05:d6:a5:7d:06:97:bc:8c:34:d6:
5d:31:a0:7b:02:48:d8:fe:48:33:81:60:a1:7d:89:
02:d4:7b:cb:2d:86:df:af:ca:7a:89:ca:cd:a5:d2:
b2:99:0a:8a:4c:88:59:27:e7:92:e0:2f:4d:2e:84:
6f:2f:9f:a4:6a:94:dd:2a:23:da:71:c7:cf:af:ed:
74:d3:55:bb:92:8d:ea:a8:ab:b9:e4:1f:3b:c3:ce:
d2:e4:35:68:72:04:a0:07:57:31:66:d1:6c:5f:90:
02:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:A3:F9:51:51:F1:20:1F:B5:E4:73:C9:71:30:80:26:91:F5:70:20
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/CD849AF43A4911EE8D6FE5144AD9E6FC.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.251.67.0/24
Signature Algorithm: sha256WithRSAEncryption
00:09:48:82:57:6a:b3:6e:18:66:e2:3b:88:72:d9:15:54:4a:
54:cd:fd:13:8f:b4:4e:e4:19:d2:64:ee:00:2b:4f:f2:4d:da:
3f:5e:1a:dd:2c:0c:e6:6e:ee:77:c2:af:7f:53:9d:44:29:4e:
1a:76:1f:a2:88:ab:06:b3:89:cb:62:bd:c6:4b:d1:b5:f1:42:
23:f1:7e:4b:b6:64:c0:12:ab:54:25:00:0e:c6:ff:7d:5b:70:
cb:e2:b0:1b:98:96:42:2d:d2:34:ba:42:75:92:79:e7:7d:7a:
aa:ad:72:9d:c5:79:a2:23:9f:88:56:c7:4a:bd:85:97:eb:4e:
e6:9c:8f:f9:d2:cb:f9:02:81:35:4c:94:fa:30:31:f6:b3:a5:
21:0f:43:b2:52:76:53:06:5e:e2:54:d5:0d:7d:4d:8c:52:c9:
cc:df:0a:1e:60:28:f2:8c:47:db:fe:86:d2:9a:d9:72:29:42:
65:74:ba:e9:c2:37:f3:d7:5e:63:2c:fe:d5:b8:27:c7:98:4e:
84:93:91:af:95:ba:83:ba:a1:47:2d:97:74:04:db:1e:16:42:
bb:11:51:b1:fb:df:67:f1:a1:7f:79:e4:5c:5b:71:d8:e5:f2:
6c:47:d9:8b:97:4e:5b:09:66:a6:81:0f:aa:c8:86:e9:fc:5e:
e5:39:6e:eb
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICNTYwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
OEYyRDBBUjExMC8GA1UEBRMoNzk3RDg4RDgxM0UyMEZGRjk4MkNDNzQxOUU5NjlC
QUVBNkJGRDY5QjAeFw0yMzA4MTQwMjI1MTJaFw0yNDAxMTMwMjI1MTJaMBgxFjAU
BgNVBAMTDTY0ZDk5MDhiLWIwY2MwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDGzvvVxm+R51S5j3rlDCJXkNTHzyWZ5TE+5/bVNYGwqBQwNg/9uirMWZ8w
APJ+2NS55p2U8ktrSCf6Sh07zYwMemFp92qk9aZEHBh8fhYy3Qj5hSQN5TSHWZOy
pPHeEFW+zhNuCzP5+wei5VEuPxNnsAUf9kmsSn+NQarz4IDNzT/753Us9uVkwr5z
cZ4NYyM79WqnLq/LuG4fBdalfQaXvIw01l0xoHsCSNj+SDOBYKF9iQLUe8stht+v
ynqJys2l0rKZCopMiFkn55LgL00uhG8vn6RqlN0qI9pxx8+v7XTTVbuSjeqoq7nk
HzvDztLkNWhyBKAHVzFm0WxfkAJBAgMBAAGjggKiMIICnjAdBgNVHQ4EFgQUT6P5
UVHxIB+15HPJcTCAJpH1cCAwHwYDVR0jBBgwFoAUeX2I2BPiD/+YLMdBnpabrqa/
1pswDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjhGMkQwLzkyRjg2RTFDNkUwNTExRThBMUI1ODU0QkY4QUVBMjI4L2VYMkky
QlBpRF8tWUxNZEJucGFicnFhXzFwcy5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hcmlu
L2VYMkkyQlBpRF8tWUxNZEJucGFicnFhXzFwcy5jZXIwTwYDVR0gAQH/BEUwQzBB
BggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5pYy5u
ZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEFBQcw
C4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9y
ZXBvc2l0b3J5L0YzNjhGMkQwLzkyRjg2RTFDNkUwNTExRThBMUI1ODU0QkY4QUVB
MjI4L0NEODQ5QUY0M0E0OTExRUU4RDZGRTUxNDRBRDlFNkZDLnJvYTA1BggrBgEF
BQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54bWww
HwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACc+0MwDQYJKoZIhvcNAQELBQAD
ggEBAAAJSIJXarNuGGbiO4hy2RVUSlTN/ROPtE7kGdJk7gArT/JN2j9eGt0sDOZu
7nfCr39TnUQpThp2H6KIqwazictivcZL0bXxQiPxfku2ZMASq1QlAA7G/31bcMvi
sBuYlkIt0jS6QnWSeed9eqqtcp3FeaIjn4hWx0q9hZfrTuacj/nSy/kCgTVMlPow
MfazpSEPQ7JSdlMGXuJU1Q19TYxSyczfCh5gKPKMR9v+htKa2XIpQmV0uunCN/PX
XmMs/tW4J8eYToSTka+VuoO6oUctl3QE2x4WQrsRUbH732fxoX955Fxbcdjl8mxH
2YuXTlsJZqaBD6rIhun8XuU5bus=
-----END CERTIFICATE-----
Generated at Sun May 11 14:42:08 2025 by rpki-client