Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/BFAAB83A24CD11F0875AC4B4DAE4EC9C.roa
File: BFAAB83A24CD11F0875AC4B4DAE4EC9C.roa (raw, json)
Hash identifier: eh0lrIdH7I08Yi4N88meJNTXeqVd5ye5wJQR+f5QH+M=
Subject key identifier: 09:FC:F6:9E:08:54:C3:83:2D:EC:7E:56:BA:12:10:11:99:92:22:A7
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 015025
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/BFAAB83A24CD11F0875AC4B4DAE4EC9C.roa
Signing time: Tue 29 Apr 2025 07:44:15 +0000
ROA not before: Tue 29 Apr 2025 07:44:11 +0000
ROA not after: Fri 09 May 2025 07:44:11 +0000
asID: 203020
IP address blocks: 156.253.214.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 86053 (0x15025)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Apr 29 07:44:11 2025 GMT
Not After : May 9 07:44:11 2025 GMT
Subject: CN=6810834f-1fc5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:ad:4f:81:80:e0:d0:0e:d7:c4:6d:ca:f6:d9:
bb:8e:9d:1f:a9:fd:b5:1f:6d:cf:24:e7:be:a7:e1:
4a:3a:50:d1:c2:43:d6:d1:ca:63:e5:07:62:dc:e9:
2c:66:58:78:67:61:90:0f:07:ee:5a:c0:e6:cb:f2:
b3:19:9b:76:0e:19:37:d7:13:04:96:46:5c:1c:29:
07:5c:06:ca:b9:34:47:93:72:fa:a7:38:47:61:fa:
25:24:93:45:c1:9d:12:a6:fa:81:c5:cc:f8:8e:64:
ac:61:61:3e:5a:ae:b2:dd:a3:76:bc:8c:0b:2f:8e:
f9:0a:56:48:37:b5:fb:90:bf:ad:0d:18:72:57:ff:
d0:e3:94:4e:dc:8c:32:03:30:75:2c:9c:e3:24:4d:
0d:76:0a:e0:b3:bd:3a:52:ca:bd:f0:3f:1c:f5:78:
10:96:1e:a7:72:ea:c7:ff:11:7e:bf:78:a9:10:f1:
6a:50:32:86:db:3d:56:a6:a4:aa:6a:40:7a:da:c3:
1c:25:48:5c:09:37:a6:e6:62:06:db:3c:89:f6:d8:
ae:a5:f8:4b:7f:b8:c3:2b:13:dc:3b:e4:95:69:f4:
d2:f1:d5:98:c0:03:de:c5:ea:b9:d4:5f:d5:c5:97:
bc:19:2e:79:a5:ce:fc:25:57:a1:f4:d8:8a:37:37:
b3:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:FC:F6:9E:08:54:C3:83:2D:EC:7E:56:BA:12:10:11:99:92:22:A7
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/BFAAB83A24CD11F0875AC4B4DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.253.214.0/23
Signature Algorithm: sha256WithRSAEncryption
8a:00:ca:62:c5:80:d9:59:0b:52:19:07:6a:3e:24:4d:90:79:
2d:e4:12:83:66:7a:bc:34:a7:af:1f:4d:6d:a5:b3:b0:a0:1e:
e6:17:b5:4e:34:c0:22:9c:67:ca:45:e9:5e:c6:86:c1:c4:e3:
0c:20:3d:93:35:d4:ba:9c:33:b4:58:de:35:73:36:4a:7a:1c:
36:de:46:25:22:48:8a:31:36:3f:04:11:fa:53:7e:12:43:6f:
0c:ce:6f:b6:2b:f8:fe:82:ea:0c:a2:b6:dd:3a:0c:89:ea:19:
d6:2f:0a:e7:35:31:ec:31:b3:36:27:15:3e:de:8e:e6:d5:00:
64:22:d7:d3:46:5e:d8:f7:0d:95:7c:11:b7:60:f6:ab:11:78:
a6:3d:1c:f8:5c:07:3f:e7:3d:10:f8:b9:3e:c2:5e:17:d8:f4:
b1:8e:02:af:a4:23:44:4c:0c:96:a8:03:1c:ae:ab:a0:10:36:
38:2d:b7:ad:31:c9:4d:7f:fa:b4:5b:ac:e6:b3:b5:d4:f1:30:
1e:0d:0b:74:f1:47:e3:c4:69:a8:7e:e7:41:9c:96:c9:7c:bf:
06:11:91:ad:8e:cd:1b:49:00:1c:e8:61:f5:ae:77:dc:65:ec:
db:24:35:17:45:83:12:41:77:9d:19:cd:61:ec:d9:ae:1b:69:
87:7a:fb:1e
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAVAlMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNDI5MDc0NDExWhcNMjUwNTA5MDc0NDExWjAYMRYw
FAYDVQQDEw02ODEwODM0Zi0xZmM1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAp61PgYDg0A7XxG3K9tm7jp0fqf21H23PJOe+p+FKOlDRwkPW0cpj5Qdi
3OksZlh4Z2GQDwfuWsDmy/KzGZt2Dhk31xMElkZcHCkHXAbKuTRHk3L6pzhHYfol
JJNFwZ0SpvqBxcz4jmSsYWE+Wq6y3aN2vIwLL475ClZIN7X7kL+tDRhyV//Q45RO
3IwyAzB1LJzjJE0Ndgrgs706Usq98D8c9XgQlh6ncurH/xF+v3ipEPFqUDKG2z1W
pqSqakB62sMcJUhcCTem5mIG2zyJ9tiupfhLf7jDKxPcO+SVafTS8dWYwAPexeq5
1F/VxZe8GS55pc78JVeh9NiKNzezIwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFAn8
9p4IVMODLex+VroSEBGZkiKnMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9CRkFBQjgzQTI0Q0QxMUYwODc1QUM0QjREQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBnP3WMA0GCSqGSIb3DQEBCwUA
A4IBAQCKAMpixYDZWQtSGQdqPiRNkHkt5BKDZnq8NKevH01tpbOwoB7mF7VONMAi
nGfKRelexobBxOMMID2TNdS6nDO0WN41czZKehw23kYlIkiKMTY/BBH6U34SQ28M
zm+2K/j+guoMorbdOgyJ6hnWLwrnNTHsMbM2JxU+3o7m1QBkItfTRl7Y9w2VfBG3
YParEXimPRz4XAc/5z0Q+Lk+wl4X2PSxjgKvpCNETAyWqAMcrqugEDY4LbetMclN
f/q0W6zms7XU8TAeDQt08UfjxGmofudBnJbJfL8GEZGtjs0bSQAc6GH1rnfcZezb
JDUXRYMSQXedGc1h7NmuG2mHevse
-----END CERTIFICATE-----
Generated at Sun May 11 01:53:07 2025 by rpki-client