Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/1231CB56240211F0891144DCDAE4EC9C.roa
File: 1231CB56240211F0891144DCDAE4EC9C.roa (raw, json)
Hash identifier: mPzItfhOLYm9PcQR+pj1Uaaudg2TC2gI6YqYCJrdWWU=
Subject key identifier: 9B:32:4D:79:0C:8B:53:AD:96:9F:83:C8:EF:B6:A3:BB:7B:E1:0E:E3
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 014ED8
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/1231CB56240211F0891144DCDAE4EC9C.roa
Signing time: Mon 28 Apr 2025 07:26:17 +0000
ROA not before: Mon 28 Apr 2025 07:26:12 +0000
ROA not after: Wed 07 May 2025 07:26:12 +0000
asID: 23764
IP address blocks: 156.238.20.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 85720 (0x14ed8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Apr 28 07:26:12 2025 GMT
Not After : May 7 07:26:12 2025 GMT
Subject: CN=680f2d98-53cb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:c1:bc:f5:de:66:ca:82:ec:26:fc:d8:23:8b:
e6:c1:c9:04:62:b2:e5:78:e6:dd:6d:69:ff:28:5f:
b1:91:d2:64:03:91:9e:72:a3:e4:1d:d0:c1:0c:79:
e3:80:5b:e7:ed:fc:4e:09:57:0c:17:99:79:24:98:
b8:6b:01:d3:03:6a:15:e5:de:88:cb:1b:14:09:03:
52:f0:e5:69:5b:3a:21:aa:09:73:09:37:5c:41:73:
4e:c8:42:d4:85:d3:d6:7a:19:af:09:92:f0:26:fd:
6b:d9:5a:af:71:43:ad:19:d1:0e:6f:df:36:b0:9b:
ed:74:25:36:cb:8e:2a:d5:67:b8:fb:eb:bf:b8:1d:
07:8b:59:7e:06:2d:24:69:5c:39:19:25:8a:f4:ed:
90:3a:9b:15:f4:9c:d5:43:94:d2:df:1c:e1:47:43:
9a:39:79:1e:7b:2c:63:98:20:7b:b5:42:18:32:2f:
b0:83:38:e2:83:ff:7a:bb:7a:d1:09:7a:05:20:71:
29:dd:39:14:45:aa:39:e2:2c:f0:e8:a4:82:83:df:
80:6c:da:4a:8e:69:c6:7d:7d:ee:6e:76:70:8f:38:
58:bd:1f:1f:6d:47:71:3f:96:0d:8e:c5:f3:ad:b3:
9e:3e:a4:98:7b:15:20:85:e8:28:a1:b4:9b:b6:92:
ce:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:32:4D:79:0C:8B:53:AD:96:9F:83:C8:EF:B6:A3:BB:7B:E1:0E:E3
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/1231CB56240211F0891144DCDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.238.20.0/24
Signature Algorithm: sha256WithRSAEncryption
2b:13:7a:ac:41:7e:a9:d9:1f:4c:b4:ad:cb:05:50:1b:cf:02:
c5:b0:47:9a:3d:fb:80:19:e6:17:7c:0d:61:c3:6f:a9:08:53:
ec:08:92:6a:74:26:c9:ec:e6:ef:39:70:e3:4a:f9:8e:6a:d2:
f6:25:33:ec:58:89:1b:14:b7:3f:23:99:0f:b8:55:7c:11:c7:
be:ba:a6:b7:d2:3c:a8:6b:07:af:ca:86:4d:d3:eb:34:ff:d3:
ae:a4:37:99:4e:e8:6f:a5:2c:34:46:7b:2c:e3:eb:42:a0:8b:
3a:3d:91:55:a7:d6:27:15:b0:6a:99:a4:a6:bc:3a:38:06:c8:
a3:0c:2f:6a:cb:f9:3d:55:7f:87:3d:1b:25:63:1e:8d:91:ce:
03:1b:71:8d:03:71:b6:ca:64:3a:e5:1f:73:fc:2c:3f:cd:c3:
ca:8b:dc:a4:2b:ca:08:08:5d:90:32:78:f3:ab:26:51:fb:cb:
43:7c:4a:d3:d9:d7:e4:99:7d:ac:1d:40:52:06:50:d0:87:80:
e1:6e:8d:e8:49:49:a2:cc:95:2d:9d:5e:ae:41:8d:9d:0c:b9:
f6:93:f8:3c:7e:31:0f:25:00:f6:98:8e:53:a3:c5:cb:83:b8:
8d:c8:2f:84:f6:9f:1b:66:3b:07:46:19:7f:8a:a3:fd:81:93:
37:0b:f7:18
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAU7YMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNDI4MDcyNjEyWhcNMjUwNTA3MDcyNjEyWjAYMRYw
FAYDVQQDEw02ODBmMmQ5OC01M2NiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAvMG89d5myoLsJvzYI4vmwckEYrLleObdbWn/KF+xkdJkA5GecqPkHdDB
DHnjgFvn7fxOCVcMF5l5JJi4awHTA2oV5d6IyxsUCQNS8OVpWzohqglzCTdcQXNO
yELUhdPWehmvCZLwJv1r2VqvcUOtGdEOb982sJvtdCU2y44q1We4++u/uB0Hi1l+
Bi0kaVw5GSWK9O2QOpsV9JzVQ5TS3xzhR0OaOXkeeyxjmCB7tUIYMi+wgzjig/96
u3rRCXoFIHEp3TkURao54izw6KSCg9+AbNpKjmnGfX3ubnZwjzhYvR8fbUdxP5YN
jsXzrbOePqSYexUghegoobSbtpLOdwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFJsy
TXkMi1Otlp+DyO+2o7t74Q7jMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8xMjMxQ0I1NjI0MDIxMUYwODkxMTQ0RENEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnO4UMA0GCSqGSIb3DQEBCwUA
A4IBAQArE3qsQX6p2R9MtK3LBVAbzwLFsEeaPfuAGeYXfA1hw2+pCFPsCJJqdCbJ
7ObvOXDjSvmOatL2JTPsWIkbFLc/I5kPuFV8Ece+uqa30jyoawevyoZN0+s0/9Ou
pDeZTuhvpSw0Rnss4+tCoIs6PZFVp9YnFbBqmaSmvDo4BsijDC9qy/k9VX+HPRsl
Yx6Nkc4DG3GNA3G2ymQ65R9z/Cw/zcPKi9ykK8oICF2QMnjzqyZR+8tDfErT2dfk
mX2sHUBSBlDQh4Dhbo3oSUmizJUtnV6uQY2dDLn2k/g8fjEPJQD2mI5To8XLg7iN
yC+E9p8bZjsHRhl/iqP9gZM3C/cY
-----END CERTIFICATE-----
Generated at Sun May 11 07:58:28 2025 by rpki-client