Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/227435AC469A11F0A74CC4E9DAE4EC9C.roa
File: 227435AC469A11F0A74CC4E9DAE4EC9C.roa (raw, json)
Hash identifier: HBkXDEDSA0TX9Sc4fLC9RCIQkTTqoU/Qe4ezCXAcUgQ=
Subject key identifier: 7A:32:EA:72:C1:CD:0B:01:C7:3C:56:A4:2F:A6:2E:78:B2:11:52:EB
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 015B2D
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/227435AC469A11F0A74CC4E9DAE4EC9C.roa
Signing time: Wed 11 Jun 2025 08:00:27 +0000
ROA not before: Wed 11 Jun 2025 08:00:22 +0000
ROA not after: Mon 16 Jun 2025 08:00:22 +0000
asID: 134365
IP address blocks: 156.224.18.0/23 maxlen: 24
156.224.28.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 88877 (0x15b2d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Jun 11 08:00:22 2025 GMT
Not After : Jun 16 08:00:22 2025 GMT
Subject: CN=6849379b-dcee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:ee:60:8c:79:ac:e2:ff:59:64:01:e3:27:8d:
2a:6a:70:13:1e:d9:ee:df:02:1e:e9:89:45:4b:c7:
5a:56:80:61:46:88:24:5a:14:d7:99:ff:a0:26:e3:
83:b0:96:e5:66:41:da:78:b3:b6:7a:a4:f7:02:2e:
2b:d6:26:3a:02:d3:39:1d:0c:5e:df:38:ff:11:9a:
d2:a6:0b:93:e0:68:6e:87:34:4b:1b:d1:74:95:0b:
c5:38:79:14:55:1f:b4:9c:ff:9c:8d:14:d0:34:17:
26:85:17:d8:27:ab:3d:f9:80:30:f2:43:6e:63:f7:
1b:79:01:39:b2:a5:a7:a4:05:db:63:a0:68:2e:09:
5f:5c:ea:16:d2:78:92:fe:16:df:9f:38:e2:6f:c7:
ad:2a:94:7c:77:e7:20:be:49:a9:97:97:e7:dc:55:
f2:46:77:10:13:3c:73:48:a2:19:db:e0:29:d5:48:
7e:ab:10:a9:5f:f1:98:9e:2c:c4:ae:d8:82:31:e7:
cc:97:e9:b4:34:eb:ee:24:33:e2:74:00:f6:bd:61:
8b:b5:75:06:d0:eb:ac:09:b2:ba:17:d7:37:e6:9b:
ca:11:cc:83:8a:bc:30:1e:72:86:9a:dc:45:3d:93:
14:e4:ca:1a:82:b8:a3:20:91:10:ca:5f:08:08:95:
0e:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:32:EA:72:C1:CD:0B:01:C7:3C:56:A4:2F:A6:2E:78:B2:11:52:EB
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/227435AC469A11F0A74CC4E9DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.224.18.0/23
156.224.28.0/23
Signature Algorithm: sha256WithRSAEncryption
96:6c:67:10:3e:44:95:97:41:ab:32:36:51:f9:32:e2:ad:00:
12:4c:e2:8c:73:67:02:c6:38:dc:37:b2:a1:5b:f0:12:ec:b2:
b0:99:8b:0e:b4:ad:f9:e1:15:d6:39:05:df:19:67:0a:40:e7:
e3:a1:76:b8:a2:61:a4:73:2f:4a:89:b0:8f:9c:2a:68:a7:a7:
c4:b7:e0:3b:5c:70:ac:05:c4:26:dd:a8:c0:b5:4b:63:56:13:
4e:4a:4e:91:74:92:9f:b3:af:3d:fb:fd:c6:2d:2d:36:3b:5b:
b6:f3:4a:ad:7c:33:8e:1a:a1:45:38:4d:cd:36:95:ac:c2:c3:
ce:94:b5:e0:9b:10:20:2c:a2:9c:ec:99:cd:79:cb:64:39:b3:
e4:8f:7a:a9:1c:e0:99:29:fc:fe:88:af:23:e6:ca:31:17:2b:
ef:f4:ee:e7:80:e3:73:f9:e0:50:39:6c:4c:62:43:19:a9:8b:
59:54:74:cc:aa:39:8e:06:78:36:51:3f:68:77:4b:13:f5:dd:
93:29:f3:40:05:d6:7a:02:61:84:3f:e0:c7:ed:b2:19:75:1b:
22:4c:f8:ae:75:c3:88:e2:3d:ff:c7:36:48:da:7b:d0:e6:ae:
a0:0b:1f:01:e8:ac:5f:0c:8f:b6:ec:50:85:c2:25:66:41:18:
46:a3:f8:fa
-----BEGIN CERTIFICATE-----
MIIFhzCCBG+gAwIBAgIDAVstMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNjExMDgwMDIyWhcNMjUwNjE2MDgwMDIyWjAYMRYw
FAYDVQQDEw02ODQ5Mzc5Yi1kY2VlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAvu5gjHms4v9ZZAHjJ40qanATHtnu3wIe6YlFS8daVoBhRogkWhTXmf+g
JuODsJblZkHaeLO2eqT3Ai4r1iY6AtM5HQxe3zj/EZrSpguT4GhuhzRLG9F0lQvF
OHkUVR+0nP+cjRTQNBcmhRfYJ6s9+YAw8kNuY/cbeQE5sqWnpAXbY6BoLglfXOoW
0niS/hbfnzjib8etKpR8d+cgvkmpl5fn3FXyRncQEzxzSKIZ2+Ap1Uh+qxCpX/GY
nizErtiCMefMl+m0NOvuJDPidAD2vWGLtXUG0OusCbK6F9c35pvKEcyDirwwHnKG
mtxFPZMU5MoagrijIJEQyl8ICJUOZQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFHoy
6nLBzQsBxzxWpC+mLniyEVLrMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8yMjc0MzVBQzQ2OUExMUYwQTc0Q0M0RTlEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBnOASAwQBnOAcMA0GCSqGSIb3
DQEBCwUAA4IBAQCWbGcQPkSVl0GrMjZR+TLirQASTOKMc2cCxjjcN7KhW/AS7LKw
mYsOtK354RXWOQXfGWcKQOfjoXa4omGkcy9KibCPnCpop6fEt+A7XHCsBcQm3ajA
tUtjVhNOSk6RdJKfs689+/3GLS02O1u280qtfDOOGqFFOE3NNpWswsPOlLXgmxAg
LKKc7JnNectkObPkj3qpHOCZKfz+iK8j5soxFyvv9O7ngONz+eBQOWxMYkMZqYtZ
VHTMqjmOBng2UT9od0sT9d2TKfNABdZ6AmGEP+DH7bIZdRsiTPiudcOI4j3/xzZI
2nvQ5q6gCx8B6KxfDI+27FCFwiVmQRhGo/j6
-----END CERTIFICATE-----
Generated at Wed Jun 18 02:54:34 2025 by rpki-client