Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/AAC88AB845F311F0B48541AADAE4EC9C.roa
File: AAC88AB845F311F0B48541AADAE4EC9C.roa (raw, json)
Hash identifier: vZv4Ahga9CdsGbTp5YpLC8Ojnev5yXxj4zk6qPpas0o=
Subject key identifier: A9:A5:1D:5A:9A:59:84:1A:F5:84:81:88:22:08:21:90:68:CF:01:D7
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 015AC9
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/AAC88AB845F311F0B48541AADAE4EC9C.roa
Signing time: Tue 10 Jun 2025 12:08:50 +0000
ROA not before: Tue 10 Jun 2025 12:08:44 +0000
ROA not after: Mon 16 Jun 2025 12:08:44 +0000
asID: 55020
IP address blocks: 156.224.16.0/23 maxlen: 24
156.224.18.0/23 maxlen: 24
156.224.20.0/22 maxlen: 24
156.224.24.0/22 maxlen: 24
156.224.28.0/23 maxlen: 24
156.224.30.0/23 maxlen: 24
156.224.63.0/24 maxlen: 24
156.235.96.0/21 maxlen: 24
156.235.104.0/21 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 88777 (0x15ac9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Jun 10 12:08:44 2025 GMT
Not After : Jun 16 12:08:44 2025 GMT
Subject: CN=68482052-fd3e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:70:ce:9a:29:21:b0:e2:74:e9:b8:4c:88:d4:
6c:92:54:b0:6c:fe:43:a3:77:45:8d:43:e8:5b:21:
cd:8a:29:73:d4:fd:53:cb:04:b0:90:fe:a0:e4:73:
8e:74:31:b9:c6:5b:d6:e3:5e:44:09:9b:0c:78:4c:
ba:e7:e7:6a:db:18:5a:18:68:af:cc:94:e1:85:18:
01:f4:f6:eb:91:57:e2:5a:d8:8b:09:b6:a9:53:d2:
19:94:81:3c:b2:a6:1a:2a:3c:e1:b4:17:8b:84:10:
9f:05:19:39:0b:7d:d1:17:65:23:cf:51:68:fb:82:
76:ce:dd:ca:71:a2:d0:6e:5f:df:29:74:82:f0:14:
45:e2:0c:76:39:b1:e7:80:87:3a:6c:89:a6:92:e6:
54:22:7c:aa:23:45:a3:f0:0e:e7:68:04:38:ff:e1:
73:bc:11:7d:b6:cb:8b:3b:3e:fd:19:fd:b8:68:67:
ba:c6:24:4f:2a:5c:b9:2a:ab:cb:61:da:d9:83:ae:
ae:38:23:c8:54:99:40:dc:2b:0a:80:f4:3b:61:0d:
3b:11:2f:82:d8:b8:7f:9f:34:8d:da:00:eb:92:2c:
06:1c:a6:0c:a0:3e:52:14:31:f6:70:19:4a:c1:09:
fe:ff:9c:00:cf:0f:24:e4:7c:98:fe:be:05:56:6e:
30:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:A5:1D:5A:9A:59:84:1A:F5:84:81:88:22:08:21:90:68:CF:01:D7
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/AAC88AB845F311F0B48541AADAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.224.16.0/20
156.224.63.0/24
156.235.96.0/20
Signature Algorithm: sha256WithRSAEncryption
68:ea:1f:4a:f0:c7:76:cb:66:3f:76:57:2b:3d:19:27:4c:5b:
f6:06:2c:05:ca:cc:72:d6:54:95:36:e6:70:43:74:98:74:57:
d5:cf:3c:8d:24:52:5a:1a:b9:45:0b:1c:2f:d9:b0:74:45:1b:
2c:78:38:a7:f8:36:d2:75:6e:41:70:b3:4c:ce:33:c8:83:33:
92:9f:4c:7b:7c:08:ea:b0:c4:21:20:d3:a4:d7:64:5d:a1:15:
b3:e7:fa:69:be:d9:12:4f:b4:29:f6:4a:5c:e7:c4:12:de:07:
14:8e:50:3c:50:36:91:94:5a:91:da:6f:62:57:a9:97:74:78:
71:89:bc:d6:25:9e:63:36:ab:34:9b:b1:60:1d:65:38:f2:4b:
22:09:6a:ac:c8:fd:a8:61:4e:a9:e6:89:94:d4:73:bd:b3:c1:
74:aa:af:eb:cc:20:e9:e6:e7:48:75:6d:50:b7:c9:51:f0:75:
2a:bb:a9:b5:39:94:e6:f0:82:05:79:d0:51:c9:5e:66:f9:3f:
bf:a3:bd:1c:c4:82:3c:04:f3:ad:d1:3e:34:60:b1:3f:06:70:
7e:3d:4f:81:8f:da:ee:9a:04:cf:53:2b:25:57:d8:5c:67:1c:
ad:fe:5d:63:45:b2:90:29:99:37:92:3c:79:d0:c6:2a:ff:ed:
7c:cd:c9:a2
-----BEGIN CERTIFICATE-----
MIIFjTCCBHWgAwIBAgIDAVrJMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNjEwMTIwODQ0WhcNMjUwNjE2MTIwODQ0WjAYMRYw
FAYDVQQDEw02ODQ4MjA1Mi1mZDNlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAtnDOmikhsOJ06bhMiNRsklSwbP5Do3dFjUPoWyHNiilz1P1TywSwkP6g
5HOOdDG5xlvW415ECZsMeEy65+dq2xhaGGivzJThhRgB9PbrkVfiWtiLCbapU9IZ
lIE8sqYaKjzhtBeLhBCfBRk5C33RF2Ujz1Fo+4J2zt3KcaLQbl/fKXSC8BRF4gx2
ObHngIc6bImmkuZUInyqI0Wj8A7naAQ4/+FzvBF9tsuLOz79Gf24aGe6xiRPKly5
KqvLYdrZg66uOCPIVJlA3CsKgPQ7YQ07ES+C2Lh/nzSN2gDrkiwGHKYMoD5SFDH2
cBlKwQn+/5wAzw8k5HyY/r4FVm4wUQIDAQABo4ICrjCCAqowHQYDVR0OBBYEFKml
HVqaWYQa9YSBiCIIIZBozwHXMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9BQUM4OEFCODQ1RjMxMUYwQjQ4NTQxQUFEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQEnOAQAwQAnOA/AwQEnOtgMA0G
CSqGSIb3DQEBCwUAA4IBAQBo6h9K8Md2y2Y/dlcrPRknTFv2BiwFysxy1lSVNuZw
Q3SYdFfVzzyNJFJaGrlFCxwv2bB0RRsseDin+DbSdW5BcLNMzjPIgzOSn0x7fAjq
sMQhINOk12RdoRWz5/ppvtkST7Qp9kpc58QS3gcUjlA8UDaRlFqR2m9iV6mXdHhx
ibzWJZ5jNqs0m7FgHWU48ksiCWqsyP2oYU6p5omU1HO9s8F0qq/rzCDp5udIdW1Q
t8lR8HUqu6m1OZTm8IIFedBRyV5m+T+/o70cxII8BPOt0T40YLE/BnB+PU+Bj9ru
mgTPUyslV9hcZxyt/l1jRbKQKZk3kjx50MYq/+18zcmi
-----END CERTIFICATE-----
Generated at Wed Jun 18 07:03:24 2025 by rpki-client