Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/C1D21F22266211F0AAD161CDDAE4EC9C.roa
File: C1D21F22266211F0AAD161CDDAE4EC9C.roa (raw, json)
Hash identifier: l44bDyIZ0J+lO/OCWv4Yhus0BM0+wU4KIzjFLPuNerI=
Subject key identifier: F9:C6:DD:25:47:FA:D9:3F:A3:12:DF:76:11:DC:1B:E7:D4:FF:69:FD
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 015128
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/C1D21F22266211F0AAD161CDDAE4EC9C.roa
Signing time: Thu 01 May 2025 08:03:25 +0000
ROA not before: Thu 01 May 2025 08:03:20 +0000
ROA not after: Fri 09 May 2025 08:03:20 +0000
asID: 21859
IP address blocks: 156.231.84.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 86312 (0x15128)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: May 1 08:03:20 2025 GMT
Not After : May 9 08:03:20 2025 GMT
Subject: CN=68132acd-53dd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:2b:44:e3:8b:c6:e1:cc:0d:d5:35:95:84:c7:
42:51:5c:94:39:59:7f:57:9f:d0:38:88:da:38:bb:
a9:6e:55:cb:ec:65:46:1e:87:66:a9:b6:b3:02:b2:
56:ce:76:b5:c6:05:bc:64:07:bc:8c:c4:0a:e4:da:
69:a1:ef:6c:88:ad:50:71:67:ea:cb:b8:96:7c:a9:
c6:9f:b2:b0:c5:83:d2:e0:a5:48:ad:42:ba:33:02:
19:f9:cf:2c:3c:ab:49:71:c2:98:8d:d4:35:49:e3:
c9:bf:4f:aa:a9:f6:ac:40:92:57:f5:f6:77:b3:61:
c9:aa:9e:e4:e5:3a:bc:8d:59:66:e4:77:c1:d0:90:
e4:a9:4f:ad:37:5d:2f:f4:3a:d6:e5:be:e0:dd:df:
d5:51:29:d1:7d:8f:cc:27:ed:4e:4b:2e:5c:85:79:
01:d2:0e:dc:e5:f9:e9:f4:67:d7:13:d9:d2:bd:57:
b6:07:4a:89:53:c7:bc:63:89:bb:3a:1a:64:dc:a0:
a1:e8:a0:29:c7:8a:67:1a:25:6c:3a:fb:d3:80:24:
b3:b7:b0:49:27:bd:04:29:2d:99:03:66:86:1c:65:
e0:b8:a1:85:5c:15:d2:c4:ed:18:95:7b:41:e0:87:
c9:97:bc:d7:bb:4d:bb:6b:60:bd:49:3a:98:ae:e5:
37:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:C6:DD:25:47:FA:D9:3F:A3:12:DF:76:11:DC:1B:E7:D4:FF:69:FD
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/C1D21F22266211F0AAD161CDDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.231.84.0/22
Signature Algorithm: sha256WithRSAEncryption
bb:c8:18:27:83:9d:0a:9f:1b:dd:10:c7:de:31:1c:21:35:3d:
11:24:70:77:d5:01:eb:97:40:8f:f3:24:66:bd:e1:21:8b:07:
42:84:ec:4a:b8:8a:85:6e:1c:61:fa:0a:0e:27:c7:14:4a:c5:
e3:63:dc:5c:b3:cc:a5:48:d1:d7:56:86:6f:72:a9:4e:9e:44:
c5:5d:47:0e:a1:fb:af:ea:0e:6f:6e:70:22:56:40:a7:b5:07:
43:45:7c:5d:7d:17:cf:f2:04:0c:61:ff:cd:40:38:b0:5a:8e:
61:8e:e8:a2:ac:7c:e4:b9:b4:c2:b9:63:f7:17:2c:ff:8e:d7:
45:f0:9f:5a:98:29:92:eb:06:56:46:a7:dc:c9:77:cc:e1:d7:
41:c0:97:3d:92:8e:60:62:82:e2:d0:e7:a4:2b:2a:79:9c:25:
2d:c2:04:e1:9d:15:8f:24:8c:61:df:45:e0:bb:b7:6d:e7:f4:
9e:b9:4d:40:72:06:53:3c:78:3b:5e:43:09:9e:c9:9a:50:2b:
a2:85:f1:4e:bf:9c:d2:18:7b:16:18:8e:a0:3a:a1:f2:3d:c4:
ce:bf:68:8d:95:a4:11:9b:1c:cf:d9:6b:2d:b7:b2:37:71:a8:
c2:3d:49:5a:2c:b9:f7:4b:f2:16:9a:15:d2:00:4b:81:93:f1:
36:80:a4:0f
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAVEoMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNTAxMDgwMzIwWhcNMjUwNTA5MDgwMzIwWjAYMRYw
FAYDVQQDEw02ODEzMmFjZC01M2RkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAuCtE44vG4cwN1TWVhMdCUVyUOVl/V5/QOIjaOLupblXL7GVGHodmqbaz
ArJWzna1xgW8ZAe8jMQK5Nppoe9siK1QcWfqy7iWfKnGn7KwxYPS4KVIrUK6MwIZ
+c8sPKtJccKYjdQ1SePJv0+qqfasQJJX9fZ3s2HJqp7k5Tq8jVlm5HfB0JDkqU+t
N10v9DrW5b7g3d/VUSnRfY/MJ+1OSy5chXkB0g7c5fnp9GfXE9nSvVe2B0qJU8e8
Y4m7Ohpk3KCh6KApx4pnGiVsOvvTgCSzt7BJJ70EKS2ZA2aGHGXguKGFXBXSxO0Y
lXtB4IfJl7zXu027a2C9STqYruU3sQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFPnG
3SVH+tk/oxLfdhHcG+fU/2n9MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9DMUQyMUYyMjI2NjIxMUYwQUFEMTYxQ0REQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCnOdUMA0GCSqGSIb3DQEBCwUA
A4IBAQC7yBgng50KnxvdEMfeMRwhNT0RJHB31QHrl0CP8yRmveEhiwdChOxKuIqF
bhxh+goOJ8cUSsXjY9xcs8ylSNHXVoZvcqlOnkTFXUcOofuv6g5vbnAiVkCntQdD
RXxdfRfP8gQMYf/NQDiwWo5hjuiirHzkubTCuWP3Fyz/jtdF8J9amCmS6wZWRqfc
yXfM4ddBwJc9ko5gYoLi0OekKyp5nCUtwgThnRWPJIxh30Xgu7dt5/SeuU1AcgZT
PHg7XkMJnsmaUCuihfFOv5zSGHsWGI6gOqHyPcTOv2iNlaQRmxzP2Wstt7I3cajC
PUlaLLn3S/IWmhXSAEuBk/E2gKQP
-----END CERTIFICATE-----
Generated at Tue May 13 18:57:35 2025 by rpki-client