Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/20B1C3842A3D11F0A3E7CA95DAE4EC9C.roa
File: 20B1C3842A3D11F0A3E7CA95DAE4EC9C.roa (raw, json)
Hash identifier: GLlmVC82tXSaqRYxkJbYGxHVWuNFjdLULT4CussJs/8=
Subject key identifier: 2F:3B:7C:2E:73:67:5C:DD:1E:CE:52:5D:7F:EE:EA:19:8E:C5:A5:AD
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 015233
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/20B1C3842A3D11F0A3E7CA95DAE4EC9C.roa
Signing time: Tue 06 May 2025 05:44:08 +0000
ROA not before: Tue 06 May 2025 05:44:04 +0000
ROA not after: Tue 13 May 2025 05:44:04 +0000
asID: 137263
IP address blocks: 156.250.2.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 86579 (0x15233)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: May 6 05:44:04 2025 GMT
Not After : May 13 05:44:04 2025 GMT
Subject: CN=6819a1a8-7378
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:b2:ca:bd:36:82:ef:c1:18:7f:73:36:0e:da:
6a:d5:66:2f:97:90:b0:32:02:5a:5c:3f:17:2b:66:
bb:f4:79:2a:b7:35:42:90:b8:89:0e:18:f4:b3:e4:
83:94:dc:fb:f3:40:5b:1e:9c:5c:56:8d:fb:9a:92:
93:7b:40:1c:35:d2:0c:2d:52:6c:26:69:e3:57:5b:
f6:a9:06:f0:83:99:97:ee:1d:49:85:ca:82:5c:f9:
6f:37:8b:cd:c9:c3:b4:5f:08:2a:53:2f:78:4e:41:
b2:c8:27:77:39:12:2f:00:09:98:f5:ca:29:27:83:
97:a5:45:1e:06:16:2e:95:22:39:91:36:ca:cc:43:
89:93:54:65:7e:af:f2:92:d3:04:f0:0a:46:00:21:
5d:c3:5a:ec:d7:a7:07:f0:95:64:f8:1a:1a:d7:f0:
d3:94:fb:a1:d4:e6:69:48:6f:b3:bd:8c:8d:91:ce:
56:d2:23:67:0d:aa:1f:93:5d:ca:e3:67:99:c1:e1:
67:d7:0f:20:88:67:e5:cb:1a:5c:72:5e:55:e2:c1:
b5:16:83:50:63:a3:54:15:c4:18:22:75:c4:e6:fa:
f8:37:58:75:bf:6e:1e:d0:72:b6:49:c5:f3:0e:36:
7d:f2:d7:cf:c4:75:89:ff:4e:56:9c:8c:79:65:60:
b5:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:3B:7C:2E:73:67:5C:DD:1E:CE:52:5D:7F:EE:EA:19:8E:C5:A5:AD
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/20B1C3842A3D11F0A3E7CA95DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.250.2.0/24
Signature Algorithm: sha256WithRSAEncryption
90:9d:67:c1:56:e9:bd:0b:90:61:bd:94:4f:61:c7:e2:81:f0:
b9:fb:1c:48:bf:99:7f:18:32:09:3e:a4:61:c0:7c:dd:55:9c:
54:68:61:d3:c3:7a:7c:77:78:51:63:d1:4a:e2:69:e4:73:b8:
e1:81:a2:1a:61:c9:51:c2:64:92:a6:0a:45:02:7f:cf:15:c5:
c8:b9:ba:26:27:00:4d:a0:9b:7e:67:62:9a:38:84:87:d2:74:
c7:a2:75:bd:6a:44:35:ad:18:74:a4:90:71:e5:80:7a:53:48:
df:2d:80:18:34:02:a1:92:87:7f:e0:16:fb:c6:2f:f2:b8:c3:
74:67:22:55:03:a5:0f:c5:36:02:7e:dc:21:95:0c:17:7a:a0:
a1:f7:ab:9e:9b:db:e9:c8:24:0a:f3:02:f3:62:cd:59:35:a8:
9e:a0:4e:82:79:d0:9c:0a:3e:3d:0f:92:78:fc:61:6f:0f:6c:
30:02:36:6b:3a:4a:c4:f0:74:bc:fb:a6:c6:0b:df:ad:af:d9:
32:a9:89:26:1c:5c:a6:97:43:98:b3:88:8f:62:38:4f:fe:8c:
89:36:9f:04:37:cb:58:65:f4:3f:ef:78:4a:15:f6:94:de:fd:
7e:af:fb:cb:b5:dc:ad:cf:3a:69:31:21:0e:4f:fc:c0:53:a0:
55:1e:d4:a7
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAVIzMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNTA2MDU0NDA0WhcNMjUwNTEzMDU0NDA0WjAYMRYw
FAYDVQQDEw02ODE5YTFhOC03Mzc4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAwrLKvTaC78EYf3M2Dtpq1WYvl5CwMgJaXD8XK2a79HkqtzVCkLiJDhj0
s+SDlNz780BbHpxcVo37mpKTe0AcNdIMLVJsJmnjV1v2qQbwg5mX7h1JhcqCXPlv
N4vNycO0XwgqUy94TkGyyCd3ORIvAAmY9copJ4OXpUUeBhYulSI5kTbKzEOJk1Rl
fq/yktME8ApGACFdw1rs16cH8JVk+Boa1/DTlPuh1OZpSG+zvYyNkc5W0iNnDaof
k13K42eZweFn1w8giGflyxpccl5V4sG1FoNQY6NUFcQYInXE5vr4N1h1v24e0HK2
ScXzDjZ98tfPxHWJ/05WnIx5ZWC1qQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFC87
fC5zZ1zdHs5SXX/u6hmOxaWtMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8yMEIxQzM4NDJBM0QxMUYwQTNFN0NBOTVEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPoCMA0GCSqGSIb3DQEBCwUA
A4IBAQCQnWfBVum9C5BhvZRPYcfigfC5+xxIv5l/GDIJPqRhwHzdVZxUaGHTw3p8
d3hRY9FK4mnkc7jhgaIaYclRwmSSpgpFAn/PFcXIubomJwBNoJt+Z2KaOISH0nTH
onW9akQ1rRh0pJBx5YB6U0jfLYAYNAKhkod/4Bb7xi/yuMN0ZyJVA6UPxTYCftwh
lQwXeqCh96uem9vpyCQK8wLzYs1ZNaieoE6CedCcCj49D5J4/GFvD2wwAjZrOkrE
8HS8+6bGC9+tr9kyqYkmHFyml0OYs4iPYjhP/oyJNp8EN8tYZfQ/73hKFfaU3v1+
r/vLtdytzzppMSEOT/zAU6BVHtSn
-----END CERTIFICATE-----
Generated at Wed May 14 14:45:05 2025 by rpki-client