Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/4D412926477A11F0A006AD99DAE4EC9C.roa
File: 4D412926477A11F0A006AD99DAE4EC9C.roa (raw, json)
Hash identifier: mIXHrwgr9rSM3uXqjcwqFFPvrMuneec2xRSCD6AimuM=
Subject key identifier: F5:2B:42:C6:DF:3F:B6:61:7E:30:6C:71:35:0A:FD:5E:C8:3C:6B:3C
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 015B5F
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/4D412926477A11F0A006AD99DAE4EC9C.roa
Signing time: Thu 12 Jun 2025 10:45:06 +0000
ROA not before: Thu 12 Jun 2025 10:45:01 +0000
ROA not after: Mon 16 Jun 2025 10:45:01 +0000
asID: 137951
IP address blocks: 156.224.32.0/19 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 88927 (0x15b5f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Jun 12 10:45:01 2025 GMT
Not After : Jun 16 10:45:01 2025 GMT
Subject: CN=684aafb2-e1ac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:47:f8:b1:ad:02:35:7c:48:91:a2:c5:98:78:
65:4e:bf:8e:61:f4:75:f1:95:e9:89:2b:e1:7f:70:
de:fd:16:e4:e7:45:bd:58:d0:5a:07:bb:23:9c:f3:
d1:58:df:86:2c:7b:e8:7c:bb:dc:42:c8:15:52:a5:
12:c2:4b:0f:50:6c:be:cd:56:de:15:3d:47:40:6f:
66:ee:28:bb:c7:14:6a:8a:8f:7c:59:61:51:52:5b:
b4:e7:e6:f9:79:51:b7:dc:e6:0b:d9:d4:fd:c5:95:
50:de:dc:4d:0f:f9:42:20:6b:98:82:36:86:b8:a5:
ee:a0:1b:1f:d9:2e:30:ce:e2:f8:e0:53:a2:3b:64:
49:bc:cd:20:f8:d2:db:0d:de:15:b5:54:56:50:05:
2e:d0:61:d1:b3:fd:e0:3b:41:87:1c:85:36:8f:30:
9f:12:d4:c4:3a:e4:13:4c:dc:80:d0:81:98:b3:3c:
9b:be:eb:41:b3:83:c5:d9:9e:69:b9:ed:a4:b0:20:
e4:ef:b2:ba:79:ca:d5:d8:ad:9f:a1:b6:78:20:85:
19:f7:7a:42:fe:58:f8:6d:c9:c7:1c:36:31:2c:a5:
d2:52:d0:a8:cf:c1:f4:95:d5:bc:d7:68:ea:6b:b7:
e2:e8:1e:61:7b:a1:8a:a5:59:8f:eb:e6:95:92:b0:
49:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:2B:42:C6:DF:3F:B6:61:7E:30:6C:71:35:0A:FD:5E:C8:3C:6B:3C
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/4D412926477A11F0A006AD99DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.224.32.0/19
Signature Algorithm: sha256WithRSAEncryption
4a:07:88:c3:3e:54:95:b4:7b:4a:33:fc:58:73:03:f8:8d:54:
a0:df:85:22:b4:9c:26:b4:0d:10:2a:49:a2:69:f6:e7:45:50:
a7:a4:75:f2:be:a7:a1:56:23:aa:09:d8:3d:d3:1c:d4:bc:66:
b3:de:26:be:88:3e:64:fe:b3:22:36:2e:5b:56:3f:87:63:5d:
61:30:7c:70:43:cb:e5:e2:96:18:bb:99:1a:43:b8:f0:e9:2b:
30:0e:22:8a:72:76:02:62:6a:e0:99:64:58:af:fd:d9:9d:3b:
17:7d:cf:e6:44:e3:d2:9a:07:ab:9c:78:99:22:a8:34:5d:1d:
17:62:8f:07:2e:ab:bc:88:67:21:e2:e0:59:6b:a4:f5:c7:8f:
66:e4:73:e9:09:93:19:03:de:7b:af:25:56:b1:72:53:d1:c0:
e3:5f:79:1e:79:1b:c1:97:f8:3b:ab:e0:10:81:f8:c3:18:6d:
cc:82:ce:df:c1:c7:73:26:a2:03:3d:1d:62:3f:be:55:4c:01:
cb:46:d2:57:9d:b6:e4:58:6f:e0:17:aa:48:c3:6c:4f:5c:89:
4f:72:8b:e8:35:94:36:11:4a:6f:2e:25:30:b4:11:81:63:e6:
cf:b7:37:4e:98:9a:53:b1:7a:4c:55:23:8d:55:fe:4a:6b:dd:
59:c5:7c:59
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAVtfMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNjEyMTA0NTAxWhcNMjUwNjE2MTA0NTAxWjAYMRYw
FAYDVQQDEw02ODRhYWZiMi1lMWFjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEApUf4sa0CNXxIkaLFmHhlTr+OYfR18ZXpiSvhf3De/Rbk50W9WNBaB7sj
nPPRWN+GLHvofLvcQsgVUqUSwksPUGy+zVbeFT1HQG9m7ii7xxRqio98WWFRUlu0
5+b5eVG33OYL2dT9xZVQ3txND/lCIGuYgjaGuKXuoBsf2S4wzuL44FOiO2RJvM0g
+NLbDd4VtVRWUAUu0GHRs/3gO0GHHIU2jzCfEtTEOuQTTNyA0IGYszybvutBs4PF
2Z5pue2ksCDk77K6ecrV2K2fobZ4IIUZ93pC/lj4bcnHHDYxLKXSUtCoz8H0ldW8
12jqa7fi6B5he6GKpVmP6+aVkrBJowIDAQABo4ICojCCAp4wHQYDVR0OBBYEFPUr
QsbfP7ZhfjBscTUK/V7IPGs8MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC80RDQxMjkyNjQ3N0ExMUYwQTAwNkFEOTlEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQFnOAgMA0GCSqGSIb3DQEBCwUA
A4IBAQBKB4jDPlSVtHtKM/xYcwP4jVSg34UitJwmtA0QKkmiafbnRVCnpHXyvqeh
ViOqCdg90xzUvGaz3ia+iD5k/rMiNi5bVj+HY11hMHxwQ8vl4pYYu5kaQ7jw6Ssw
DiKKcnYCYmrgmWRYr/3ZnTsXfc/mROPSmgernHiZIqg0XR0XYo8HLqu8iGch4uBZ
a6T1x49m5HPpCZMZA957ryVWsXJT0cDjX3keeRvBl/g7q+AQgfjDGG3Mgs7fwcdz
JqIDPR1iP75VTAHLRtJXnbbkWG/gF6pIw2xPXIlPcovoNZQ2EUpvLiUwtBGBY+bP
tzdOmJpTsXpMVSONVf5Ka91ZxXxZ
-----END CERTIFICATE-----
Generated at Mon Jun 16 20:08:50 2025 by rpki-client