Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/F8975A72071311F0AC3B1A7A762E951A.roa
File: F8975A72071311F0AC3B1A7A762E951A.roa (raw, json)
Hash identifier: U65EH1tqs8kclAZnuZhxX/haV6ZeLP4ZolOvTVXVv50=
Subject key identifier: 45:55:6C:8D:B4:F0:7C:43:E3:00:9C:A3:E8:22:B8:13:02:60:19:C5
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 014795
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/F8975A72071311F0AC3B1A7A762E951A.roa
Signing time: Sat 22 Mar 2025 11:51:20 +0000
ROA not before: Sat 22 Mar 2025 11:51:17 +0000
ROA not after: Tue 01 Apr 2025 11:51:17 +0000
asID: 398704
IP address blocks: 156.245.244.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 83861 (0x14795)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Mar 22 11:51:17 2025 GMT
Not After : Apr 1 11:51:17 2025 GMT
Subject: CN=67dea438-108b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:48:ab:39:b6:0e:be:ce:a4:a2:61:5b:a1:bb:
74:d5:21:6f:19:69:44:cd:84:aa:14:d6:45:45:cd:
1c:41:95:8d:a0:a4:e7:12:d4:fa:83:34:6e:28:b4:
a9:16:2f:6e:3b:77:43:e7:77:46:34:c0:f1:f0:d2:
71:bb:94:f2:b4:fc:94:85:84:2c:a0:eb:0e:3b:d9:
a3:15:bd:36:8a:e9:7e:b5:fd:e6:a1:f3:06:a2:3e:
51:c6:92:90:3f:cd:01:98:ec:33:8d:ff:4b:b1:60:
44:31:42:ce:b0:44:c9:2d:d0:ef:e6:8a:87:30:c0:
50:df:fe:76:00:8c:22:47:51:93:41:b6:39:f9:bc:
ac:f3:35:c5:71:02:1a:d1:31:96:f7:d6:7e:7a:c5:
b7:9e:23:e9:39:c6:68:26:e9:3a:85:f6:1d:5d:54:
15:35:35:f1:c2:e9:0c:fc:3b:3c:0f:ea:76:1a:dc:
6d:af:5c:80:92:fa:80:53:ff:98:39:50:4d:14:47:
e7:10:0c:93:97:0f:5e:bd:d8:77:da:fe:e0:fd:6f:
b4:a0:ee:a3:23:0a:13:6f:11:0a:af:bb:f6:7d:b7:
be:a2:54:f2:fd:a4:99:c0:cb:1c:d9:1f:ac:c2:c6:
d2:59:ca:8b:5a:05:a8:6f:5d:df:b9:e8:13:2d:b9:
9c:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:55:6C:8D:B4:F0:7C:43:E3:00:9C:A3:E8:22:B8:13:02:60:19:C5
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/F8975A72071311F0AC3B1A7A762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.245.244.0/22
Signature Algorithm: sha256WithRSAEncryption
6a:59:56:60:68:b5:da:a1:70:5b:8e:78:f8:7e:57:3c:6d:8e:
b9:86:dc:f7:e4:bc:d0:3f:0c:b2:c2:f4:21:eb:d8:94:24:df:
ff:63:1f:20:f8:50:64:df:95:a6:b3:50:a1:0a:3c:61:70:12:
4a:5c:d9:fe:02:b3:2b:89:67:a2:bb:a7:64:08:fc:89:50:42:
55:4e:cc:30:fa:81:39:92:4a:94:6c:23:99:34:67:34:93:a4:
fb:fb:91:45:f4:6f:ff:44:e7:9b:ee:09:f7:c2:b7:f9:8b:92:
91:59:02:10:f9:d1:be:54:c5:81:72:b9:65:96:2f:04:d2:b0:
44:c3:35:36:d3:3f:6d:88:ca:72:88:ac:70:fa:cf:83:5e:f7:
50:aa:e2:98:ae:41:4b:f7:49:8a:72:71:f2:a3:e2:2b:4b:06:
8d:fa:85:1d:1c:0f:1f:85:d4:23:0f:76:30:c9:91:fe:d4:9e:
71:24:e1:36:a3:a0:b6:94:07:f4:ba:60:42:3c:f7:a3:fa:1b:
7e:aa:4e:a0:f7:18:fd:ca:e8:f9:35:b5:d3:4b:f8:b0:15:1e:
0a:05:a7:ba:f4:72:6c:02:6c:57:86:5a:9e:71:a7:8b:e7:3a:
04:e0:21:76:53:f0:1a:df:e3:89:d2:5d:0b:e5:69:e9:1d:d4:
12:17:62:c2
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAUeVMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMzIyMTE1MTE3WhcNMjUwNDAxMTE1MTE3WjAYMRYw
FAYDVQQDEw02N2RlYTQzOC0xMDhiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA6kirObYOvs6komFbobt01SFvGWlEzYSqFNZFRc0cQZWNoKTnEtT6gzRu
KLSpFi9uO3dD53dGNMDx8NJxu5TytPyUhYQsoOsOO9mjFb02iul+tf3mofMGoj5R
xpKQP80BmOwzjf9LsWBEMULOsETJLdDv5oqHMMBQ3/52AIwiR1GTQbY5+bys8zXF
cQIa0TGW99Z+esW3niPpOcZoJuk6hfYdXVQVNTXxwukM/Ds8D+p2Gtxtr1yAkvqA
U/+YOVBNFEfnEAyTlw9evdh32v7g/W+0oO6jIwoTbxEKr7v2fbe+olTy/aSZwMsc
2R+swsbSWcqLWgWob13fuegTLbmcOQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFEVV
bI208HxD4wCco+giuBMCYBnFMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9GODk3NUE3MjA3MTMxMUYwQUMzQjFBN0E3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCnPX0MA0GCSqGSIb3DQEBCwUA
A4IBAQBqWVZgaLXaoXBbjnj4flc8bY65htz35LzQPwyywvQh69iUJN//Yx8g+FBk
35Wms1ChCjxhcBJKXNn+ArMriWeiu6dkCPyJUEJVTsww+oE5kkqUbCOZNGc0k6T7
+5FF9G//ROeb7gn3wrf5i5KRWQIQ+dG+VMWBcrllli8E0rBEwzU20z9tiMpyiKxw
+s+DXvdQquKYrkFL90mKcnHyo+IrSwaN+oUdHA8fhdQjD3YwyZH+1J5xJOE2o6C2
lAf0umBCPPej+ht+qk6g9xj9yuj5NbXTS/iwFR4KBae69HJsAmxXhlqecaeL5zoE
4CF2U/Aa3+OJ0l0L5WnpHdQSF2LC
-----END CERTIFICATE-----
Generated at Sun Apr 6 09:13:38 2025 by rpki-client