Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/4223F324477B11F08729BCA0DAE4EC9C.roa
File: 4223F324477B11F08729BCA0DAE4EC9C.roa (raw, json)
Hash identifier: LBgMK9oaxGJFXo1372eMKeVEja+bRApc0GawGjXU5Jg=
Subject key identifier: A0:1A:52:35:1B:EC:45:53:AA:4B:B2:75:7E:0F:93:3D:A1:B9:E4:14
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 015B63
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/4223F324477B11F08729BCA0DAE4EC9C.roa
Signing time: Thu 12 Jun 2025 10:51:57 +0000
ROA not before: Thu 12 Jun 2025 10:51:52 +0000
ROA not after: Mon 16 Jun 2025 10:51:52 +0000
asID: 400619
IP address blocks: 156.224.16.0/23 maxlen: 24
156.224.18.0/23 maxlen: 24
156.224.20.0/22 maxlen: 24
156.224.24.0/22 maxlen: 24
156.224.28.0/23 maxlen: 24
156.224.30.0/23 maxlen: 24
156.224.63.0/24 maxlen: 24
156.235.96.0/21 maxlen: 24
156.235.104.0/21 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 88931 (0x15b63)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Jun 12 10:51:52 2025 GMT
Not After : Jun 16 10:51:52 2025 GMT
Subject: CN=684ab14d-e530
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:42:73:ce:b8:4c:bf:28:37:03:00:31:5c:38:
46:fc:6c:0f:b4:20:44:50:79:4a:bf:5c:a0:e5:41:
db:59:b1:d8:df:56:c3:ba:a6:20:cd:1b:1c:d6:2e:
40:9e:e0:2d:8d:72:b1:bb:80:85:f1:73:a2:cb:f5:
c4:5a:41:ff:a8:f9:44:b1:d7:c7:8d:a8:36:98:f4:
06:00:c9:92:91:da:4c:fe:3a:cf:74:40:92:d7:4b:
7b:2a:f7:64:e8:d9:59:91:22:7f:c5:92:38:a0:07:
b7:86:8b:e2:11:99:d3:9e:44:5f:d6:c6:0b:71:96:
23:fc:ef:46:b4:9e:74:19:71:13:b4:ec:2a:62:fe:
c3:31:10:a5:9a:eb:e9:0d:0e:e7:21:b5:ad:83:f8:
a5:9f:4e:16:41:6e:d9:a3:93:94:41:66:62:e0:86:
9c:f3:a4:d2:e8:3b:87:08:8a:54:23:86:7f:0c:9e:
31:f7:f2:d6:12:2c:44:a2:36:f1:81:c1:f3:0f:83:
98:98:71:45:57:69:75:d6:01:d2:25:9f:40:ee:a6:
b8:07:a4:f9:18:2c:0e:0c:c9:a3:f2:a1:28:ad:da:
5c:fe:0f:27:42:8d:f7:53:db:ac:c7:22:b3:1b:69:
d9:59:35:8b:61:95:a5:09:29:37:d2:a4:ba:ca:bc:
f8:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:1A:52:35:1B:EC:45:53:AA:4B:B2:75:7E:0F:93:3D:A1:B9:E4:14
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/4223F324477B11F08729BCA0DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.224.16.0/20
156.224.63.0/24
156.235.96.0/20
Signature Algorithm: sha256WithRSAEncryption
3a:12:f6:a9:4f:2a:e1:21:66:06:01:4c:65:b3:02:1e:a7:45:
c9:df:d9:2f:9b:5b:79:46:e9:da:55:17:66:93:28:14:bd:ed:
6e:df:3d:f7:d8:18:00:bf:e0:7a:f4:05:2b:11:d9:59:d4:0e:
f5:ae:fb:3a:77:83:26:3f:29:40:63:8c:a1:5c:e7:6a:93:17:
72:0c:1b:73:9e:e0:98:50:65:e4:f1:46:60:17:bc:6a:ee:ee:
8c:db:f6:91:84:3e:73:cb:b1:b2:a7:f4:38:c5:a4:e2:d2:56:
2e:46:bb:68:15:66:84:0e:9a:8e:1e:9f:8e:c7:d5:1c:b4:8f:
23:71:80:ef:95:44:46:1a:61:04:ba:b8:07:d9:b2:bc:fd:6c:
19:ea:58:fb:f9:c0:69:06:51:31:69:a6:c6:c8:70:21:0f:69:
ac:12:5d:a3:37:45:66:91:66:ee:6e:8b:df:70:96:47:eb:cd:
e7:77:1e:b2:a2:c8:2c:a8:ee:11:42:de:03:01:a1:75:e2:b7:
8a:df:d2:e3:bd:0d:33:73:84:35:29:79:97:d9:94:df:a6:be:
30:d3:6a:24:43:3c:b8:61:5f:bb:4c:2c:66:36:6e:b0:9f:67:
fb:9b:eb:85:5c:91:33:c7:07:69:19:ff:25:bd:c1:d0:73:e3:
7d:10:29:77
-----BEGIN CERTIFICATE-----
MIIFjTCCBHWgAwIBAgIDAVtjMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNjEyMTA1MTUyWhcNMjUwNjE2MTA1MTUyWjAYMRYw
FAYDVQQDEw02ODRhYjE0ZC1lNTMwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA10JzzrhMvyg3AwAxXDhG/GwPtCBEUHlKv1yg5UHbWbHY31bDuqYgzRsc
1i5AnuAtjXKxu4CF8XOiy/XEWkH/qPlEsdfHjag2mPQGAMmSkdpM/jrPdECS10t7
Kvdk6NlZkSJ/xZI4oAe3hoviEZnTnkRf1sYLcZYj/O9GtJ50GXETtOwqYv7DMRCl
muvpDQ7nIbWtg/iln04WQW7Zo5OUQWZi4Iac86TS6DuHCIpUI4Z/DJ4x9/LWEixE
ojbxgcHzD4OYmHFFV2l11gHSJZ9A7qa4B6T5GCwODMmj8qEordpc/g8nQo33U9us
xyKzG2nZWTWLYZWlCSk30qS6yrz45wIDAQABo4ICrjCCAqowHQYDVR0OBBYEFKAa
UjUb7EVTqkuydX4Pkz2hueQUMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC80MjIzRjMyNDQ3N0IxMUYwODcyOUJDQTBEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQEnOAQAwQAnOA/AwQEnOtgMA0G
CSqGSIb3DQEBCwUAA4IBAQA6EvapTyrhIWYGAUxlswIep0XJ39kvm1t5RunaVRdm
kygUve1u3z332BgAv+B69AUrEdlZ1A71rvs6d4MmPylAY4yhXOdqkxdyDBtznuCY
UGXk8UZgF7xq7u6M2/aRhD5zy7Gyp/Q4xaTi0lYuRrtoFWaEDpqOHp+Ox9UctI8j
cYDvlURGGmEEurgH2bK8/WwZ6lj7+cBpBlExaabGyHAhD2msEl2jN0VmkWbubovf
cJZH683ndx6yosgsqO4RQt4DAaF14reK39LjvQ0zc4Q1KXmX2ZTfpr4w02okQzy4
YV+7TCxmNm6wn2f7m+uFXJEzxwdpGf8lvcHQc+N9ECl3
-----END CERTIFICATE-----
Generated at Mon Jun 16 22:00:12 2025 by rpki-client