Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/F79B4E10F2CF11EFA67A016E762E951A.roa
File: F79B4E10F2CF11EFA67A016E762E951A.roa (raw, json)
Hash identifier: ETxDaO+D4Sr8VNlXEnnDB2MGf4glgetGhRSbWjwJ7Jw=
Subject key identifier: AA:97:DE:84:D1:2D:55:0B:F3:D8:39:1A:3B:60:53:88:3E:8E:AB:1D
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 012C9D
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/F79B4E10F2CF11EFA67A016E762E951A.roa
Signing time: Mon 24 Feb 2025 16:54:10 +0000
ROA not before: Mon 24 Feb 2025 16:54:06 +0000
ROA not after: Fri 04 Apr 2025 16:54:06 +0000
asID: 21859
IP address blocks: 156.225.8.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 76957 (0x12c9d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Feb 24 16:54:06 2025 GMT
Not After : Apr 4 16:54:06 2025 GMT
Subject: CN=67bca432-d110
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f8:c4:25:36:0d:9c:1c:82:47:02:83:e6:16:2a:
d4:a6:e2:e8:e9:65:b4:a2:21:b7:8e:72:03:bd:74:
05:77:5a:db:58:2a:83:5a:0c:f2:f1:b9:86:b3:09:
08:f4:7a:7c:c4:11:c8:6c:5e:87:6a:03:d7:63:30:
a9:5d:2c:4f:dc:cc:fe:c6:42:18:ef:1e:d5:d0:9c:
fb:72:f3:43:1a:b0:33:48:7a:43:4e:21:a0:11:95:
a6:c7:db:b3:c0:86:08:c3:7d:1b:f1:97:d1:64:f1:
e9:a5:2b:fa:84:cb:55:c6:ea:5d:90:1a:8e:d0:ef:
20:4f:d7:a5:4c:c0:57:6f:7a:ae:d5:81:bc:c9:a4:
90:7e:48:11:32:10:bd:df:04:87:83:d7:3a:3b:10:
c1:87:78:72:56:de:6d:01:d6:21:35:74:23:6c:5e:
2f:70:93:20:8c:61:26:87:f6:0a:89:5c:10:55:4f:
04:a0:26:53:c4:6b:3e:7b:7b:b9:a5:b4:13:4b:47:
06:e2:2a:ef:fe:60:fe:6d:0b:f6:c4:4b:ba:c7:be:
b7:9f:28:ef:a2:b4:30:3a:fe:22:1e:e9:2d:91:10:
dd:07:da:60:1a:40:54:22:2d:34:1e:8a:6e:69:e9:
12:eb:b7:2c:c4:1e:bd:66:3b:00:26:0f:c8:6e:96:
e4:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:97:DE:84:D1:2D:55:0B:F3:D8:39:1A:3B:60:53:88:3E:8E:AB:1D
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/F79B4E10F2CF11EFA67A016E762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.225.8.0/24
Signature Algorithm: sha256WithRSAEncryption
0d:03:bc:1e:56:87:63:ee:30:54:24:d1:58:fb:c3:f8:92:ec:
54:54:96:47:57:70:0a:05:65:fe:4e:61:85:b8:9a:62:19:93:
99:14:5c:c0:f5:dd:f4:cc:b8:f5:30:3e:25:83:dc:f6:b2:b0:
68:fa:71:ea:31:3e:6d:87:b2:9b:64:32:98:d0:fa:65:b0:8b:
54:75:bf:78:7a:99:0a:5b:3a:3d:ee:e4:e7:2a:38:5c:45:5e:
90:c2:bf:95:e0:18:f9:2c:ba:c5:4f:39:c1:41:51:63:31:11:
c6:59:7a:f3:cc:c3:75:71:cb:f0:1b:3f:13:32:a6:57:b2:14:
44:df:14:33:3d:35:a2:89:65:5d:42:34:85:fd:86:06:7b:d6:
6a:8f:a7:99:91:a3:dc:a3:74:f8:4e:9e:d4:03:28:b0:39:dc:
69:78:cf:4a:5c:c2:ba:ca:c1:ee:85:f1:60:8f:29:c4:51:b6:
74:a7:41:c8:8b:99:54:97:1c:5d:a7:2c:c4:fa:ed:45:cc:ce:
9e:ed:1f:1e:5f:0e:66:86:1e:0e:d3:a2:69:fe:c0:8d:e6:08:
0b:15:0f:7e:db:01:08:90:97:f3:0a:1b:84:01:1c:56:45:68:
8c:3a:be:8e:25:1b:fa:4b:1e:27:bf:ac:c3:cd:94:5b:f2:71:
9a:c0:15:ff
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDASydMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMjI0MTY1NDA2WhcNMjUwNDA0MTY1NDA2WjAYMRYw
FAYDVQQDEw02N2JjYTQzMi1kMTEwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA+MQlNg2cHIJHAoPmFirUpuLo6WW0oiG3jnIDvXQFd1rbWCqDWgzy8bmG
swkI9Hp8xBHIbF6HagPXYzCpXSxP3Mz+xkIY7x7V0Jz7cvNDGrAzSHpDTiGgEZWm
x9uzwIYIw30b8ZfRZPHppSv6hMtVxupdkBqO0O8gT9elTMBXb3qu1YG8yaSQfkgR
MhC93wSHg9c6OxDBh3hyVt5tAdYhNXQjbF4vcJMgjGEmh/YKiVwQVU8EoCZTxGs+
e3u5pbQTS0cG4irv/mD+bQv2xEu6x763nyjvorQwOv4iHuktkRDdB9pgGkBUIi00
HopuaekS67csxB69ZjsAJg/IbpbkzQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFKqX
3oTRLVUL89g5GjtgU4g+jqsdMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9GNzlCNEUxMEYyQ0YxMUVGQTY3QTAxNkU3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOEIMA0GCSqGSIb3DQEBCwUA
A4IBAQANA7weVodj7jBUJNFY+8P4kuxUVJZHV3AKBWX+TmGFuJpiGZOZFFzA9d30
zLj1MD4lg9z2srBo+nHqMT5th7KbZDKY0PplsItUdb94epkKWzo97uTnKjhcRV6Q
wr+V4Bj5LLrFTznBQVFjMRHGWXrzzMN1ccvwGz8TMqZXshRE3xQzPTWiiWVdQjSF
/YYGe9Zqj6eZkaPco3T4Tp7UAyiwOdxpeM9KXMK6ysHuhfFgjynEUbZ0p0HIi5lU
lxxdpyzE+u1FzM6e7R8eXw5mhh4O06Jp/sCN5ggLFQ9+2wEIkJfzChuEARxWRWiM
Or6OJRv6Sx4nv6zDzZRb8nGawBX/
-----END CERTIFICATE-----
Generated at Sat Apr 5 09:25:09 2025 by rpki-client