Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/F58756B8F17211EFAB0FAE82762E951A.roa
File: F58756B8F17211EFAB0FAE82762E951A.roa (raw, json)
Hash identifier: xcv9jgig5mKS/gwtrD7zICNjErgh8NpSZS3zsZWqtnU=
Subject key identifier: 18:D4:7A:08:7A:84:F8:31:C9:E5:A2:EA:5D:7C:76:C0:7E:90:56:EF
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 0129CC
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/F58756B8F17211EFAB0FAE82762E951A.roa
Signing time: Sat 22 Feb 2025 23:15:52 +0000
ROA not before: Sat 22 Feb 2025 23:15:48 +0000
ROA not after: Fri 04 Apr 2025 23:15:48 +0000
asID: 21859
IP address blocks: 156.225.9.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 76236 (0x129cc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Feb 22 23:15:48 2025 GMT
Not After : Apr 4 23:15:48 2025 GMT
Subject: CN=67ba5aa8-e6b8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:51:ca:87:72:ec:0b:b1:4d:04:a2:20:aa:3c:
87:c0:db:a5:bf:af:e5:bc:65:4b:5e:ff:bb:dd:a5:
81:ee:af:81:4e:1a:c6:92:76:e7:74:c6:0f:2d:97:
43:5b:27:6f:84:a3:e1:3a:06:f2:a8:62:29:13:cf:
90:19:d5:66:b3:70:12:35:91:df:91:26:65:de:04:
39:fa:50:5e:98:d6:18:ff:0a:55:3c:0a:e8:f1:aa:
41:cc:4f:c1:71:d3:ec:ee:66:c8:f2:0a:ca:5e:db:
99:99:f5:fd:7b:11:82:cf:4f:6d:11:d4:d3:3b:74:
c7:64:6b:a7:4a:c4:42:f7:79:a1:64:01:3a:5c:8b:
61:7d:53:49:0b:2f:fd:4d:e3:13:43:42:5b:11:82:
04:2e:a8:c8:dd:01:ab:24:61:4a:a0:f1:1b:b9:96:
9a:af:12:ea:be:65:64:4e:5a:2a:8d:fc:08:f4:fc:
22:a8:c4:c3:0e:37:f3:ca:5a:77:1f:91:c0:86:53:
f3:d6:b4:28:2a:e2:fa:2d:36:d1:1e:61:fc:c7:31:
43:47:50:b1:31:4d:11:f0:ec:00:ae:c5:35:80:5d:
20:21:db:b8:5e:8a:19:28:dc:4c:0d:ab:bd:3f:4d:
0f:d5:a9:23:a2:d2:f5:7f:df:19:00:73:a6:fd:b8:
2d:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:D4:7A:08:7A:84:F8:31:C9:E5:A2:EA:5D:7C:76:C0:7E:90:56:EF
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/F58756B8F17211EFAB0FAE82762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.225.9.0/24
Signature Algorithm: sha256WithRSAEncryption
81:d6:33:02:9a:2a:d2:e7:24:e8:48:89:90:f0:a0:06:24:77:
00:2f:61:29:d2:2f:43:fe:8c:bc:30:1b:c3:68:40:e1:ee:6a:
95:1f:24:ff:ae:ab:69:fc:2f:89:fc:97:c8:71:5d:9c:50:c6:
48:8b:3e:1f:49:13:1c:88:26:28:11:56:07:c5:52:bb:ea:de:
7d:00:52:fe:8e:70:8b:95:cf:b7:3c:c4:11:67:c1:5e:1d:2f:
91:9e:e0:f6:ad:64:0f:30:63:82:70:9e:35:50:c0:0b:89:9d:
b9:97:3e:ea:f8:b1:3e:3d:26:3c:6b:61:55:09:15:7a:ee:f7:
09:74:be:d2:a4:4e:2a:07:2f:f8:a4:65:47:d3:e5:69:14:ea:
5f:ba:64:2c:a3:30:4d:42:c0:1b:0a:4a:bd:13:25:6e:e5:65:
b9:2d:db:d4:27:33:ee:4b:f8:79:cc:95:34:c0:18:77:9c:c1:
85:38:b7:15:64:e3:f2:03:30:aa:3a:1d:a9:bf:24:bc:d1:ba:
57:d0:58:6e:df:27:21:51:87:ef:64:c1:38:a4:93:17:fa:7c:
b2:a5:ac:4c:af:58:bb:89:da:d9:2a:fe:2b:37:82:29:be:ba:
8a:c2:25:dc:cd:0e:e0:5e:be:f6:e0:1c:65:ae:10:3f:76:ed:
6a:56:db:95
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDASnMMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMjIyMjMxNTQ4WhcNMjUwNDA0MjMxNTQ4WjAYMRYw
FAYDVQQDEw02N2JhNWFhOC1lNmI4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAvlHKh3LsC7FNBKIgqjyHwNulv6/lvGVLXv+73aWB7q+BThrGknbndMYP
LZdDWydvhKPhOgbyqGIpE8+QGdVms3ASNZHfkSZl3gQ5+lBemNYY/wpVPAro8apB
zE/BcdPs7mbI8grKXtuZmfX9exGCz09tEdTTO3THZGunSsRC93mhZAE6XIthfVNJ
Cy/9TeMTQ0JbEYIELqjI3QGrJGFKoPEbuZaarxLqvmVkTloqjfwI9PwiqMTDDjfz
ylp3H5HAhlPz1rQoKuL6LTbRHmH8xzFDR1CxMU0R8OwArsU1gF0gIdu4XooZKNxM
Dau9P00P1akjotL1f98ZAHOm/bgtMwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFBjU
egh6hPgxyeWi6l18dsB+kFbvMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9GNTg3NTZCOEYxNzIxMUVGQUIwRkFFODI3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOEJMA0GCSqGSIb3DQEBCwUA
A4IBAQCB1jMCmirS5yToSImQ8KAGJHcAL2Ep0i9D/oy8MBvDaEDh7mqVHyT/rqtp
/C+J/JfIcV2cUMZIiz4fSRMciCYoEVYHxVK76t59AFL+jnCLlc+3PMQRZ8FeHS+R
nuD2rWQPMGOCcJ41UMALiZ25lz7q+LE+PSY8a2FVCRV67vcJdL7SpE4qBy/4pGVH
0+VpFOpfumQsozBNQsAbCkq9EyVu5WW5LdvUJzPuS/h5zJU0wBh3nMGFOLcVZOPy
AzCqOh2pvyS80bpX0Fhu3ychUYfvZME4pJMX+nyypaxMr1i7idrZKv4rN4IpvrqK
wiXczQ7gXr724BxlrhA/du1qVtuV
-----END CERTIFICATE-----
Generated at Sat Apr 5 09:17:04 2025 by rpki-client