Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/D4F60650258F11F08D92C7C8DAE4EC9C.roa
File: D4F60650258F11F08D92C7C8DAE4EC9C.roa (raw, json)
Hash identifier: /kISbVeVitvIl24tVaDgEMbV/HG1wy4FsCMMuAAgkBw=
Subject key identifier: 75:69:BE:23:F0:85:A5:C4:B3:D1:97:E7:42:BF:7E:21:6B:0D:3D:57
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 015061
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/D4F60650258F11F08D92C7C8DAE4EC9C.roa
Signing time: Wed 30 Apr 2025 06:53:34 +0000
ROA not before: Wed 30 Apr 2025 06:53:29 +0000
ROA not after: Fri 09 May 2025 06:53:29 +0000
asID: 9009
IP address blocks: 156.225.76.0/24 maxlen: 24
156.225.77.0/24 maxlen: 24
156.225.78.0/24 maxlen: 24
156.225.79.0/24 maxlen: 24
156.246.32.0/24 maxlen: 24
156.246.33.0/24 maxlen: 24
156.246.37.0/24 maxlen: 24
156.246.40.0/24 maxlen: 24
156.246.56.0/24 maxlen: 24
156.246.63.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 86113 (0x15061)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Apr 30 06:53:29 2025 GMT
Not After : May 9 06:53:29 2025 GMT
Subject: CN=6811c8ed-de75
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:b6:29:33:cc:c5:cc:c6:0e:d4:47:ea:c1:a6:
52:22:fa:f7:ca:95:77:f1:a3:67:8e:07:55:fa:95:
25:65:ea:3b:98:6c:83:75:ed:73:b7:eb:b3:cd:df:
da:e0:8a:df:9b:4b:9c:44:aa:85:87:a7:11:e9:07:
8e:62:7c:65:20:22:d5:ae:b2:ea:84:8a:98:f6:ff:
1c:39:13:a7:13:8c:ca:35:92:52:f5:e9:fb:77:3d:
23:b4:62:a2:12:d0:7f:a7:73:8f:7c:d9:59:52:57:
10:48:8c:96:f3:83:cd:0d:ba:97:de:20:dc:65:c1:
04:68:a0:2d:27:66:9e:3a:01:c4:e0:31:9b:b9:ef:
20:7f:28:b4:00:c5:15:df:09:a9:c7:d9:71:9c:1a:
55:8b:d1:ba:cf:a6:15:c0:f6:61:f6:aa:c3:77:51:
a6:62:bc:8b:b5:4e:e8:5f:46:ba:c8:c7:9d:3f:e8:
15:cf:f1:b8:1d:52:26:72:aa:59:89:b6:41:fc:12:
4b:57:e5:47:1c:8b:7c:c0:f1:be:3f:9c:de:0a:b6:
6a:f0:26:21:68:05:77:ca:18:10:7c:cd:2d:f1:4a:
b2:74:40:b8:e1:65:fe:67:99:22:bc:1e:55:58:e2:
a6:44:04:30:37:b0:0e:83:a8:06:99:13:3c:a5:91:
2d:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:69:BE:23:F0:85:A5:C4:B3:D1:97:E7:42:BF:7E:21:6B:0D:3D:57
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/D4F60650258F11F08D92C7C8DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.225.76.0/22
156.246.32.0/23
156.246.37.0/24
156.246.40.0/24
156.246.56.0/24
156.246.63.0/24
Signature Algorithm: sha256WithRSAEncryption
36:67:65:c1:e2:40:5d:82:df:ec:fd:46:c5:90:42:f2:39:cb:
af:2d:ec:0d:67:8f:51:ef:16:ba:23:8b:79:14:99:6e:90:23:
2d:3b:39:b1:89:0c:07:72:f7:39:de:21:61:1a:fc:77:34:26:
3f:0d:e0:04:05:f5:18:9f:99:7d:6b:11:22:fe:26:d8:ba:1e:
e5:76:46:7f:39:bd:e4:0f:58:c6:e5:27:b7:1c:3e:04:d9:98:
20:bb:13:2c:7d:a6:ec:eb:66:93:d3:56:b8:f3:e9:d1:cd:dc:
84:9d:16:a8:4d:67:5a:70:d9:e2:2a:e2:86:d2:aa:3d:cb:4e:
99:52:ce:89:eb:b3:22:95:7f:f5:6a:13:e5:b7:4e:4d:86:49:
e1:47:9a:cc:cb:f5:d5:97:bf:8e:3f:fa:53:bd:5f:fa:40:50:
64:06:b0:26:c7:b7:ac:3f:a6:02:6e:e0:17:5f:6f:10:a1:8f:
e4:41:fb:e3:34:4f:9a:8e:00:25:01:17:06:41:f4:da:b3:31:
90:12:11:20:e8:99:2f:30:8a:e0:74:41:2a:76:22:f1:af:93:
3c:f4:df:c4:bd:4c:b1:07:ea:d8:20:f7:b0:9e:bb:b7:f5:26:
16:ef:a6:93:91:5d:71:e2:d1:0d:64:58:64:4f:9c:92:1d:0f:
ad:79:c5:bf
-----BEGIN CERTIFICATE-----
MIIFnzCCBIegAwIBAgIDAVBhMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNDMwMDY1MzI5WhcNMjUwNTA5MDY1MzI5WjAYMRYw
FAYDVQQDEw02ODExYzhlZC1kZTc1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAt7YpM8zFzMYO1EfqwaZSIvr3ypV38aNnjgdV+pUlZeo7mGyDde1zt+uz
zd/a4Irfm0ucRKqFh6cR6QeOYnxlICLVrrLqhIqY9v8cOROnE4zKNZJS9en7dz0j
tGKiEtB/p3OPfNlZUlcQSIyW84PNDbqX3iDcZcEEaKAtJ2aeOgHE4DGbue8gfyi0
AMUV3wmpx9lxnBpVi9G6z6YVwPZh9qrDd1GmYryLtU7oX0a6yMedP+gVz/G4HVIm
cqpZibZB/BJLV+VHHIt8wPG+P5zeCrZq8CYhaAV3yhgQfM0t8UqydEC44WX+Z5ki
vB5VWOKmRAQwN7AOg6gGmRM8pZEtNwIDAQABo4ICwDCCArwwHQYDVR0OBBYEFHVp
viPwhaXEs9GX50K/fiFrDT1XMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9ENEY2MDY1MDI1OEYxMUYwOEQ5MkM3QzhEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQCnOFMAwQBnPYgAwQAnPYlAwQA
nPYoAwQAnPY4AwQAnPY/MA0GCSqGSIb3DQEBCwUAA4IBAQA2Z2XB4kBdgt/s/UbF
kELyOcuvLewNZ49R7xa6I4t5FJlukCMtOzmxiQwHcvc53iFhGvx3NCY/DeAEBfUY
n5l9axEi/ibYuh7ldkZ/Ob3kD1jG5Se3HD4E2ZgguxMsfabs62aT01a48+nRzdyE
nRaoTWdacNniKuKG0qo9y06ZUs6J67MilX/1ahPlt05NhknhR5rMy/XVl7+OP/pT
vV/6QFBkBrAmx7esP6YCbuAXX28QoY/kQfvjNE+ajgAlARcGQfTaszGQEhEg6Jkv
MIrgdEEqdiLxr5M89N/EvUyxB+rYIPewnru39SYW76aTkV1x4tENZFhkT5ySHQ+t
ecW/
-----END CERTIFICATE-----
Generated at Sat May 10 16:40:12 2025 by rpki-client