Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/CC9DB2CC259011F0A265DECFDAE4EC9C.roa
File: CC9DB2CC259011F0A265DECFDAE4EC9C.roa (raw, json)
Hash identifier: 1hlTeuIKAF6qyWKBZ2tY6YG20cAdMjD9MKGO5+gkahw=
Subject key identifier: D9:C6:98:25:3D:D5:F3:B1:70:26:36:84:0F:AC:43:9D:A1:77:2B:16
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 015063
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/CC9DB2CC259011F0A265DECFDAE4EC9C.roa
Signing time: Wed 30 Apr 2025 07:00:29 +0000
ROA not before: Wed 30 Apr 2025 07:00:24 +0000
ROA not after: Fri 09 May 2025 07:00:24 +0000
asID: 9009
IP address blocks: 156.246.34.0/24 maxlen: 24
156.246.38.0/24 maxlen: 24
156.246.41.0/24 maxlen: 24
156.246.43.0/24 maxlen: 24
156.246.46.0/24 maxlen: 24
156.246.49.0/24 maxlen: 24
156.246.50.0/24 maxlen: 24
156.246.55.0/24 maxlen: 24
156.246.59.0/24 maxlen: 24
156.246.62.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 86115 (0x15063)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Apr 30 07:00:24 2025 GMT
Not After : May 9 07:00:24 2025 GMT
Subject: CN=6811ca8d-94f6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:c1:e9:a7:c7:04:e6:12:7d:70:5e:2c:19:6a:
2d:db:2b:dd:5c:79:19:f0:c4:f4:54:36:89:4b:8c:
17:cb:58:c2:ef:ea:4f:8f:df:4d:c8:9c:29:67:55:
52:4a:ff:94:c8:28:68:fb:86:db:3c:3a:44:84:23:
15:3d:b7:51:93:42:05:9e:b8:bf:cb:93:3d:dd:14:
22:74:45:77:fe:f4:51:2c:72:77:dd:3f:57:11:cc:
d2:9d:d3:db:b8:1c:65:9b:94:9a:99:55:8e:b5:82:
7d:4a:79:a4:d8:7c:61:47:5c:ae:5c:01:04:80:5a:
42:3d:ea:86:ec:01:78:e2:ba:94:d5:c9:18:88:be:
81:aa:60:e5:4d:70:7d:89:b8:be:c5:b4:8a:bf:f9:
17:cb:1d:a2:49:84:3e:e0:09:72:e8:3f:e5:60:49:
25:b5:22:e6:c2:34:df:b8:7b:08:94:22:a5:31:d5:
4e:a6:f9:94:ef:3f:75:21:ce:b6:3a:67:9b:42:ee:
75:b6:a8:7b:0e:e4:c8:7e:97:4c:78:4f:55:27:bb:
93:9e:68:a1:3b:8e:a6:01:a0:2d:68:32:a9:0c:be:
72:0d:62:7d:83:53:d9:a5:2c:1a:b7:5f:4e:d8:c3:
61:84:a4:ac:aa:e4:f9:7d:22:77:74:be:50:50:ff:
aa:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:C6:98:25:3D:D5:F3:B1:70:26:36:84:0F:AC:43:9D:A1:77:2B:16
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/CC9DB2CC259011F0A265DECFDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.246.34.0/24
156.246.38.0/24
156.246.41.0/24
156.246.43.0/24
156.246.46.0/24
156.246.49.0-156.246.50.255
156.246.55.0/24
156.246.59.0/24
156.246.62.0/24
Signature Algorithm: sha256WithRSAEncryption
13:56:8a:ee:32:df:f7:b0:c3:11:ee:83:33:bd:04:45:6a:c5:
df:09:19:2a:df:46:34:c8:be:dc:ca:f1:cc:b2:f9:38:23:80:
64:94:e0:39:34:42:19:58:53:02:b9:8e:e5:2f:89:0d:cf:b6:
77:0d:ed:52:e9:3d:d4:c4:11:78:a8:4a:e3:05:d4:09:46:a3:
36:45:60:bc:2e:58:06:9d:6b:42:cd:80:90:bd:c5:e4:99:54:
3a:9a:35:07:a9:fa:9c:ab:e6:7c:6a:c0:49:34:7f:28:d2:6a:
b3:c4:09:df:4f:d2:21:5c:01:62:9e:dd:21:43:2f:be:fc:22:
af:77:00:21:54:c9:38:bf:9e:9a:05:6c:a1:76:52:31:9b:a8:
64:5e:46:8b:80:98:03:94:08:71:d0:38:a5:b9:ce:bb:c1:6d:
a3:6a:c3:7d:d6:9a:58:b6:62:fd:19:ec:64:8c:07:10:81:ba:
e0:be:03:41:91:92:8d:90:e7:80:c5:ad:85:eb:21:52:86:ee:
93:f0:a6:d5:ca:a0:07:3f:b5:5e:2c:ee:04:13:4e:90:12:22:
12:03:cd:15:ec:f7:a4:59:14:d1:19:5d:57:c7:e7:56:10:c4:
54:85:56:41:ae:2b:3c:e6:cd:5f:60:a5:09:59:1a:2a:01:84:
50:a6:ff:78
-----BEGIN CERTIFICATE-----
MIIFuTCCBKGgAwIBAgIDAVBjMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNDMwMDcwMDI0WhcNMjUwNTA5MDcwMDI0WjAYMRYw
FAYDVQQDEw02ODExY2E4ZC05NGY2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAy8Hpp8cE5hJ9cF4sGWot2yvdXHkZ8MT0VDaJS4wXy1jC7+pPj99NyJwp
Z1VSSv+UyCho+4bbPDpEhCMVPbdRk0IFnri/y5M93RQidEV3/vRRLHJ33T9XEczS
ndPbuBxlm5SamVWOtYJ9Snmk2HxhR1yuXAEEgFpCPeqG7AF44rqU1ckYiL6BqmDl
TXB9ibi+xbSKv/kXyx2iSYQ+4Aly6D/lYEkltSLmwjTfuHsIlCKlMdVOpvmU7z91
Ic62OmebQu51tqh7DuTIfpdMeE9VJ7uTnmihO46mAaAtaDKpDL5yDWJ9g1PZpSwa
t19O2MNhhKSsquT5fSJ3dL5QUP+qbwIDAQABo4IC2jCCAtYwHQYDVR0OBBYEFNnG
mCU91fOxcCY2hA+sQ52hdysWMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9DQzlEQjJDQzI1OTAxMUYwQTI2NURFQ0ZEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MFcGCCsGAQUFBwEHAQH/BEgwRjBEBAIAATA+AwQAnPYiAwQAnPYmAwQAnPYpAwQA
nPYrAwQAnPYuMAwDBACc9jEDBACc9jIDBACc9jcDBACc9jsDBACc9j4wDQYJKoZI
hvcNAQELBQADggEBABNWiu4y3/ewwxHugzO9BEVqxd8JGSrfRjTIvtzK8cyy+Tgj
gGSU4Dk0QhlYUwK5juUviQ3PtncN7VLpPdTEEXioSuMF1AlGozZFYLwuWAada0LN
gJC9xeSZVDqaNQep+pyr5nxqwEk0fyjSarPECd9P0iFcAWKe3SFDL778Iq93ACFU
yTi/npoFbKF2UjGbqGReRouAmAOUCHHQOKW5zrvBbaNqw33Wmli2Yv0Z7GSMBxCB
uuC+A0GRko2Q54DFrYXrIVKG7pPwptXKoAc/tV4s7gQTTpASIhIDzRXs96RZFNEZ
XVfH51YQxFSFVkGuKzzmzV9gpQlZGioBhFCm/3g=
-----END CERTIFICATE-----
Generated at Sat May 10 22:41:15 2025 by rpki-client