Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/37DEB8EE273D11F098D17881DAE4EC9C.roa
File: 37DEB8EE273D11F098D17881DAE4EC9C.roa (raw, json)
Hash identifier: azNWM3JUzJk5aBzlJaIMRvX4wIvdfy8uH/fHLbwahdM=
Subject key identifier: EA:41:E1:B7:36:D6:04:97:CA:0D:35:02:45:A4:8B:17:6A:8E:02:0C
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 01517B
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/37DEB8EE273D11F098D17881DAE4EC9C.roa
Signing time: Fri 02 May 2025 10:07:14 +0000
ROA not before: Fri 02 May 2025 10:07:08 +0000
ROA not after: Fri 09 May 2025 10:07:08 +0000
asID: 200373
IP address blocks: 156.228.0.0/24 maxlen: 24
156.228.76.0/22 maxlen: 24
156.228.80.0/20 maxlen: 24
156.228.96.0/20 maxlen: 24
156.228.112.0/21 maxlen: 24
156.228.124.0/23 maxlen: 24
156.228.171.0/24 maxlen: 24
156.228.174.0/23 maxlen: 24
156.228.176.0/21 maxlen: 24
156.228.184.0/23 maxlen: 24
156.228.189.0/24 maxlen: 24
156.228.190.0/24 maxlen: 24
156.233.72.0/22 maxlen: 24
156.233.84.0/22 maxlen: 24
156.233.88.0/21 maxlen: 24
156.240.99.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 86395 (0x1517b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: May 2 10:07:08 2025 GMT
Not After : May 9 10:07:08 2025 GMT
Subject: CN=68149951-162c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:39:7d:29:9f:97:4a:41:fa:60:a2:f1:70:c9:
bd:0c:3c:7a:a0:6d:f7:ef:ac:a4:48:d2:59:70:14:
bb:cf:22:b8:37:71:6a:3d:27:b5:f8:51:33:e2:a7:
b2:99:9c:66:bc:c9:88:55:90:0c:7e:16:33:ea:ba:
70:36:bb:0a:05:df:aa:44:b2:a1:f3:aa:0f:36:2e:
23:58:ce:a5:8b:86:27:72:ae:dc:de:04:53:da:e3:
0d:74:e5:e5:2b:2e:a9:57:38:65:c7:28:4b:be:9d:
1b:23:60:e5:66:20:c8:49:87:86:15:c8:5d:ea:e8:
cc:c7:e3:5c:52:db:18:d3:be:0d:0c:4f:c2:0b:dd:
ca:a9:9a:da:40:68:1e:bf:6e:ca:a8:ee:98:84:3b:
8e:87:f5:fd:27:df:f6:41:d3:89:ce:0d:a0:f3:09:
f3:55:8e:19:40:7f:73:c3:44:c6:75:5d:23:33:6e:
c6:0d:04:ef:cc:05:81:35:a4:9b:48:0d:c0:a2:24:
24:be:c7:4a:0d:bc:6e:b5:f0:54:69:db:6f:c7:6c:
0c:93:54:5d:66:42:39:c3:54:89:3b:73:85:bd:53:
7a:a7:1b:66:cc:81:01:c5:79:49:ba:eb:fb:9a:21:
52:91:f1:ac:2d:41:2c:f1:68:8e:71:6b:9b:7a:a5:
43:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EA:41:E1:B7:36:D6:04:97:CA:0D:35:02:45:A4:8B:17:6A:8E:02:0C
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/37DEB8EE273D11F098D17881DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.228.0.0/24
156.228.76.0-156.228.119.255
156.228.124.0/23
156.228.171.0/24
156.228.174.0-156.228.185.255
156.228.189.0-156.228.190.255
156.233.72.0/22
156.233.84.0-156.233.95.255
156.240.99.0/24
Signature Algorithm: sha256WithRSAEncryption
77:b5:fb:fd:63:9b:90:b0:9b:f0:44:e5:d7:68:ec:2c:30:ff:
de:b1:d9:e7:bd:1b:e2:02:40:a0:b1:41:88:48:a8:19:f2:64:
7d:e2:e8:92:8f:2f:b3:da:a1:eb:3f:4c:39:e3:23:eb:58:ba:
06:34:f5:6c:d8:dd:62:24:3a:f5:50:14:6d:2d:e4:20:ea:6c:
cd:63:77:c6:97:e8:d8:13:b3:66:a8:27:d3:68:89:8e:0f:71:
62:b6:d8:b7:1a:06:2f:39:07:6d:0c:01:d0:d3:f3:18:50:5b:
09:70:63:da:0a:7a:a7:57:92:c0:98:50:d6:83:63:69:32:9e:
65:fd:d0:0b:64:fa:56:ad:4a:3d:54:89:d3:6b:3d:04:a7:64:
9c:5f:04:60:16:e3:d9:23:db:4a:46:90:c0:80:38:62:a6:ba:
4e:bb:fe:ad:d0:1c:24:b0:97:30:ab:49:fe:39:ff:05:75:6c:
69:af:b9:cd:73:7f:4c:c2:f8:b8:fa:7a:3b:ce:1f:eb:7a:38:
5d:fe:6f:37:b1:89:cf:d6:d5:87:36:fa:e4:c5:23:ee:54:f2:
0c:87:57:15:e9:ef:e5:e9:83:47:32:ee:a0:56:1b:ef:11:66:
df:57:14:7a:45:0d:38:d9:56:f7:3b:8e:5d:97:29:7b:10:4c:
70:f1:d5:56
-----BEGIN CERTIFICATE-----
MIIF0TCCBLmgAwIBAgIDAVF7MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNTAyMTAwNzA4WhcNMjUwNTA5MTAwNzA4WjAYMRYw
FAYDVQQDEw02ODE0OTk1MS0xNjJjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAszl9KZ+XSkH6YKLxcMm9DDx6oG3376ykSNJZcBS7zyK4N3FqPSe1+FEz
4qeymZxmvMmIVZAMfhYz6rpwNrsKBd+qRLKh86oPNi4jWM6li4Yncq7c3gRT2uMN
dOXlKy6pVzhlxyhLvp0bI2DlZiDISYeGFchd6ujMx+NcUtsY074NDE/CC93KqZra
QGgev27KqO6YhDuOh/X9J9/2QdOJzg2g8wnzVY4ZQH9zw0TGdV0jM27GDQTvzAWB
NaSbSA3AoiQkvsdKDbxutfBUadtvx2wMk1RdZkI5w1SJO3OFvVN6pxtmzIEBxXlJ
uuv7miFSkfGsLUEs8WiOcWubeqVDpwIDAQABo4IC8jCCAu4wHQYDVR0OBBYEFOpB
4bc21gSXyg01AkWkixdqjgIMMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8zN0RFQjhFRTI3M0QxMUYwOThEMTc4ODFEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MG8GCCsGAQUFBwEHAQH/BGAwXjBcBAIAATBWAwQAnOQAMAwDBAKc5EwDBAOc5HAD
BAGc5HwDBACc5KswDAMEAZzkrgMEAZzkuDAMAwQAnOS9AwQAnOS+AwQCnOlIMAwD
BAKc6VQDBAWc6UADBACc8GMwDQYJKoZIhvcNAQELBQADggEBAHe1+/1jm5Cwm/BE
5ddo7Cww/96x2ee9G+ICQKCxQYhIqBnyZH3i6JKPL7Paoes/TDnjI+tYugY09WzY
3WIkOvVQFG0t5CDqbM1jd8aX6NgTs2aoJ9NoiY4PcWK22LcaBi85B20MAdDT8xhQ
WwlwY9oKeqdXksCYUNaDY2kynmX90Atk+latSj1UidNrPQSnZJxfBGAW49kj20pG
kMCAOGKmuk67/q3QHCSwlzCrSf45/wV1bGmvuc1zf0zC+Lj6ejvOH+t6OF3+bzex
ic/W1Yc2+uTFI+5U8gyHVxXp7+Xpg0cy7qBWG+8RZt9XFHpFDTjZVvc7jl2XKXsQ
THDx1VY=
-----END CERTIFICATE-----
Generated at Sun May 11 22:52:37 2025 by rpki-client