Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/48407D64259711F0A140E17BDAE4EC9C.roa
File: 48407D64259711F0A140E17BDAE4EC9C.roa (raw, json)
Hash identifier: lPkMveI2pxD5LskYprmAwhin50GKpI1INcZg4Uaa06E=
Subject key identifier: 6F:03:EE:3B:3E:CF:B2:EF:86:CF:90:19:6D:09:B4:0A:55:9F:5E:B9
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 01506F
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/48407D64259711F0A140E17BDAE4EC9C.roa
Signing time: Wed 30 Apr 2025 07:46:53 +0000
ROA not before: Wed 30 Apr 2025 07:46:48 +0000
ROA not after: Sat 10 May 2025 07:46:48 +0000
asID: 141159
IP address blocks: 156.233.230.0/24 maxlen: 24
156.233.231.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 86127 (0x1506f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Apr 30 07:46:48 2025 GMT
Not After : May 10 07:46:48 2025 GMT
Subject: CN=6811d56d-61b1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:01:ee:8f:ca:ab:cb:f0:5b:49:1a:c8:66:c4:
60:fc:5d:45:cf:b6:56:2d:d4:ff:b7:39:4e:06:f5:
51:c3:d7:48:6b:2f:37:1b:dc:ff:25:25:97:b7:3b:
ae:8c:68:31:13:0d:69:27:cb:0f:c3:04:1c:88:de:
ee:b4:10:29:59:1e:94:9d:fe:b9:47:10:f6:d0:4f:
59:51:bd:d3:52:c2:54:df:7c:8f:77:67:76:49:e7:
0d:c7:71:c8:c1:3d:77:96:cb:1e:77:4e:47:b7:f7:
de:b2:b1:cc:fb:14:ee:ea:0e:bd:c5:b8:23:e0:bc:
f9:80:27:3a:c2:3d:2b:16:f2:bc:99:3f:92:63:78:
34:b4:c5:53:38:43:9f:ff:b5:89:e7:34:3b:3e:d9:
d1:f1:21:29:0b:ad:9a:87:c5:9e:e7:91:05:51:93:
c1:6d:27:b2:87:ee:4a:04:72:2c:55:2c:f0:a2:26:
66:67:53:cf:91:f2:e1:44:3d:1c:07:cf:83:1c:1c:
b7:da:9f:00:bd:d8:c0:19:bd:4b:c6:e1:cc:6e:28:
ee:ed:f7:48:a2:6a:ec:33:4e:e4:be:0d:4e:e1:de:
a6:84:cd:72:01:00:64:5d:56:b9:09:62:35:50:77:
25:38:81:c9:5c:55:05:e9:b1:7b:59:fc:86:e1:77:
d0:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:03:EE:3B:3E:CF:B2:EF:86:CF:90:19:6D:09:B4:0A:55:9F:5E:B9
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/48407D64259711F0A140E17BDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.233.230.0/23
Signature Algorithm: sha256WithRSAEncryption
84:77:1f:4a:a8:e7:4e:d4:56:c9:b3:27:cb:f6:e2:f2:83:bf:
86:7a:bc:d4:9f:90:6c:97:f4:65:ea:98:e3:fe:52:44:8c:37:
9a:85:99:fe:14:26:41:52:61:7c:7d:33:36:d8:85:67:24:52:
0d:46:9b:4c:ca:99:16:36:a8:79:b4:e6:4e:f8:57:e5:c9:69:
c5:51:08:77:5f:31:78:3f:14:bc:34:3c:97:b5:a8:9a:e9:39:
01:42:da:bb:91:d5:6c:38:c2:90:19:ff:c0:ea:f0:5d:34:c6:
82:5f:a2:a5:b9:85:39:74:84:fd:a5:8d:f7:b2:45:ce:ce:85:
f7:b2:8f:54:23:14:89:27:88:7b:b8:66:b2:c2:c4:3d:0b:be:
0b:74:5d:43:38:c9:4b:2c:3f:b1:91:b0:70:49:b8:4b:26:05:
ec:ac:b1:ff:b6:17:95:c9:41:71:3e:93:f5:59:14:5a:9d:e7:
9f:58:e6:5a:b8:07:53:f4:90:c9:28:16:dc:46:2f:ef:5e:a7:
59:1d:74:13:26:2b:64:fd:50:9b:14:07:33:08:20:7c:4e:74:
0f:b6:e7:5f:66:a6:33:84:fa:01:19:14:2c:95:a7:4f:0f:9f:
9f:32:55:c1:24:6d:82:c3:66:83:d2:9c:41:97:e2:a3:d0:61:
9b:b7:55:d1
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAVBvMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNDMwMDc0NjQ4WhcNMjUwNTEwMDc0NjQ4WjAYMRYw
FAYDVQQDEw02ODExZDU2ZC02MWIxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAwwHuj8qry/BbSRrIZsRg/F1Fz7ZWLdT/tzlOBvVRw9dIay83G9z/JSWX
tzuujGgxEw1pJ8sPwwQciN7utBApWR6Unf65RxD20E9ZUb3TUsJU33yPd2d2SecN
x3HIwT13lssed05Ht/fesrHM+xTu6g69xbgj4Lz5gCc6wj0rFvK8mT+SY3g0tMVT
OEOf/7WJ5zQ7PtnR8SEpC62ah8We55EFUZPBbSeyh+5KBHIsVSzwoiZmZ1PPkfLh
RD0cB8+DHBy32p8AvdjAGb1LxuHMbiju7fdIomrsM07kvg1O4d6mhM1yAQBkXVa5
CWI1UHclOIHJXFUF6bF7WfyG4XfQ1wIDAQABo4ICojCCAp4wHQYDVR0OBBYEFG8D
7js+z7Lvhs+QGW0JtApVn165MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC80ODQwN0Q2NDI1OTcxMUYwQTE0MEUxN0JEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBnOnmMA0GCSqGSIb3DQEBCwUA
A4IBAQCEdx9KqOdO1FbJsyfL9uLyg7+GerzUn5Bsl/Rl6pjj/lJEjDeahZn+FCZB
UmF8fTM22IVnJFINRptMypkWNqh5tOZO+FflyWnFUQh3XzF4PxS8NDyXtaia6TkB
Qtq7kdVsOMKQGf/A6vBdNMaCX6KluYU5dIT9pY33skXOzoX3so9UIxSJJ4h7uGay
wsQ9C74LdF1DOMlLLD+xkbBwSbhLJgXsrLH/theVyUFxPpP1WRRaneefWOZauAdT
9JDJKBbcRi/vXqdZHXQTJitk/VCbFAczCCB8TnQPtudfZqYzhPoBGRQsladPD5+f
MlXBJG2Cw2aD0pxBl+Kj0GGbt1XR
-----END CERTIFICATE-----
Generated at Tue May 13 07:56:52 2025 by rpki-client