Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/0E5BFB1A264F11F0931B3ECCDAE4EC9C.roa
File: 0E5BFB1A264F11F0931B3ECCDAE4EC9C.roa (raw, json)
Hash identifier: 4GkcJhusqc9Qv36RoV9qVqDHVOt/XY4STsh1k3aOoiM=
Subject key identifier: A0:15:8E:6C:36:64:75:CB:F5:53:56:B1:3E:14:D5:C0:40:97:DF:3F
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 01510A
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/0E5BFB1A264F11F0931B3ECCDAE4EC9C.roa
Signing time: Thu 01 May 2025 05:42:24 +0000
ROA not before: Thu 01 May 2025 05:42:19 +0000
ROA not after: Fri 09 May 2025 05:42:19 +0000
asID: 9009
IP address blocks: 156.225.76.0/24 maxlen: 24
156.225.77.0/24 maxlen: 24
156.225.78.0/24 maxlen: 24
156.225.79.0/24 maxlen: 24
156.246.32.0/24 maxlen: 24
156.246.33.0/24 maxlen: 24
156.246.37.0/24 maxlen: 24
156.246.40.0/24 maxlen: 24
156.246.56.0/24 maxlen: 24
156.246.63.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 86282 (0x1510a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: May 1 05:42:19 2025 GMT
Not After : May 9 05:42:19 2025 GMT
Subject: CN=681309c0-2f58
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:7a:98:e9:da:06:5f:dd:fd:65:32:b5:cd:af:
b4:2d:fd:c6:28:f1:46:74:bf:99:db:30:0b:a9:29:
db:52:c3:fc:95:83:01:84:26:21:dc:72:d6:9e:93:
25:d5:0d:ae:a6:04:5f:a8:75:81:97:8f:20:60:07:
45:21:fe:4b:57:c1:e0:75:96:28:38:75:dc:bf:37:
70:8b:e4:5d:18:d9:38:9c:ae:1d:5e:ad:2b:bb:57:
39:d3:df:21:6d:e4:ae:38:cc:5e:60:bd:18:52:0b:
23:8b:42:3e:83:53:98:fa:42:98:5f:f6:05:ed:b6:
e3:1d:13:d7:43:3d:81:e3:c9:84:6f:5e:67:76:d8:
41:7f:86:0e:02:da:56:c1:6b:21:fc:a6:14:77:d1:
ce:34:65:86:2b:ec:d5:ae:46:8b:cd:81:d6:cb:82:
53:40:22:ac:f6:0d:6c:0d:9a:1f:53:d6:c6:1a:29:
22:16:6c:cc:81:dc:0a:87:06:2c:fb:95:77:14:db:
8f:aa:e6:e2:b7:8b:db:e1:4e:2a:be:45:99:47:c8:
cd:92:34:a8:50:18:19:01:17:13:05:ed:cf:44:92:
ca:f8:ea:44:09:d3:6e:35:1a:3c:91:47:72:61:4f:
cd:06:ad:3b:2d:61:6c:e3:91:8b:a8:21:f3:03:58:
62:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:15:8E:6C:36:64:75:CB:F5:53:56:B1:3E:14:D5:C0:40:97:DF:3F
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/0E5BFB1A264F11F0931B3ECCDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.225.76.0/22
156.246.32.0/23
156.246.37.0/24
156.246.40.0/24
156.246.56.0/24
156.246.63.0/24
Signature Algorithm: sha256WithRSAEncryption
65:a5:e7:34:34:74:40:50:91:6b:b9:b8:0a:d6:a1:cc:4b:95:
ca:1b:ef:de:95:99:a0:77:cb:5f:45:43:80:19:0c:e0:50:26:
3d:57:8c:13:cf:1d:43:34:8e:00:09:38:5e:13:7e:ed:c6:9f:
c8:d2:87:7d:8a:db:78:21:cd:db:dd:83:10:96:18:1d:13:87:
2a:c9:61:93:04:a1:c0:11:2c:fe:71:e3:0a:b5:88:06:d4:a1:
a0:57:8d:d5:c0:ed:8f:07:79:d0:99:82:20:75:19:9e:39:e0:
f3:90:d3:cf:51:f1:ec:a0:95:41:90:af:25:8f:b3:bf:54:b0:
4a:49:9d:f5:91:ef:af:47:84:17:40:2a:c5:e0:18:3d:68:fd:
51:00:07:16:80:5b:fc:3e:5c:08:92:b7:ed:70:ac:84:bd:f4:
8f:21:85:a3:8b:10:59:15:6b:6d:68:48:d0:e3:a1:69:86:be:
4b:a5:f6:fc:d3:05:29:48:d8:c9:00:9a:b9:a9:17:4e:f0:4b:
53:5a:79:78:16:9a:ca:79:84:b8:bd:7d:d3:79:ee:7c:f6:a2:
e1:de:84:bf:69:cd:fe:f4:3b:a5:f7:27:96:26:cb:d3:d7:b5:
0f:a1:f5:fe:22:91:85:87:d8:12:2a:d5:25:10:ce:af:80:3a:
b8:b2:57:53
-----BEGIN CERTIFICATE-----
MIIFnzCCBIegAwIBAgIDAVEKMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNTAxMDU0MjE5WhcNMjUwNTA5MDU0MjE5WjAYMRYw
FAYDVQQDEw02ODEzMDljMC0yZjU4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAunqY6doGX939ZTK1za+0Lf3GKPFGdL+Z2zALqSnbUsP8lYMBhCYh3HLW
npMl1Q2upgRfqHWBl48gYAdFIf5LV8HgdZYoOHXcvzdwi+RdGNk4nK4dXq0ru1c5
098hbeSuOMxeYL0YUgsji0I+g1OY+kKYX/YF7bbjHRPXQz2B48mEb15ndthBf4YO
AtpWwWsh/KYUd9HONGWGK+zVrkaLzYHWy4JTQCKs9g1sDZofU9bGGikiFmzMgdwK
hwYs+5V3FNuPqubit4vb4U4qvkWZR8jNkjSoUBgZARcTBe3PRJLK+OpECdNuNRo8
kUdyYU/NBq07LWFs45GLqCHzA1hiBQIDAQABo4ICwDCCArwwHQYDVR0OBBYEFKAV
jmw2ZHXL9VNWsT4U1cBAl98/MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8wRTVCRkIxQTI2NEYxMUYwOTMxQjNFQ0NEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQCnOFMAwQBnPYgAwQAnPYlAwQA
nPYoAwQAnPY4AwQAnPY/MA0GCSqGSIb3DQEBCwUAA4IBAQBlpec0NHRAUJFrubgK
1qHMS5XKG+/elZmgd8tfRUOAGQzgUCY9V4wTzx1DNI4ACTheE37txp/I0od9itt4
Ic3b3YMQlhgdE4cqyWGTBKHAESz+ceMKtYgG1KGgV43VwO2PB3nQmYIgdRmeOeDz
kNPPUfHsoJVBkK8lj7O/VLBKSZ31ke+vR4QXQCrF4Bg9aP1RAAcWgFv8PlwIkrft
cKyEvfSPIYWjixBZFWttaEjQ46Fphr5Lpfb80wUpSNjJAJq5qRdO8EtTWnl4FprK
eYS4vX3Tee589qLh3oS/ac3+9Dul9yeWJsvT17UPofX+IpGFh9gSKtUlEM6vgDq4
sldT
-----END CERTIFICATE-----
Generated at Sun May 11 17:01:58 2025 by rpki-client