Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/FB72D0EC266111F0A850CBC8DAE4EC9C.roa
File: FB72D0EC266111F0A850CBC8DAE4EC9C.roa (raw, json)
Hash identifier: +GK/9GDuGVWUKKMZzPwkZYaQE8FxQ11W7k90HBNDGoc=
Subject key identifier: 59:29:60:8D:F8:36:15:E5:AF:CD:4C:33:12:9A:41:90:10:A2:EB:7E
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 015124
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/FB72D0EC266111F0A850CBC8DAE4EC9C.roa
Signing time: Thu 01 May 2025 07:57:53 +0000
ROA not before: Thu 01 May 2025 07:57:48 +0000
ROA not after: Sat 10 May 2025 07:57:48 +0000
asID: 63888
IP address blocks: 156.254.114.0/24 maxlen: 24
156.254.115.0/24 maxlen: 24
156.255.68.0/22 maxlen: 24
156.255.88.0/21 maxlen: 24
156.255.96.0/24 maxlen: 24
156.255.99.0/24 maxlen: 24
156.255.100.0/22 maxlen: 24
156.255.104.0/21 maxlen: 24
156.255.112.0/22 maxlen: 24
156.255.120.0/21 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 86308 (0x15124)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: May 1 07:57:48 2025 GMT
Not After : May 10 07:57:48 2025 GMT
Subject: CN=68132980-5d6c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:d4:15:77:a5:92:9a:ad:67:55:36:2f:20:33:
b7:30:c6:e0:f3:1d:ef:f7:10:85:99:99:6e:3d:66:
c5:6b:c2:44:e9:5f:c5:d8:64:5c:61:c8:e1:e9:95:
c8:45:2b:4b:c3:29:fb:c1:e4:20:2b:75:cd:8b:91:
b4:e5:d4:bf:4d:84:19:0f:6f:58:36:3c:fa:c5:2c:
54:54:da:99:58:25:be:1e:cb:48:24:c0:e9:56:27:
d5:b8:f8:9e:a1:ac:6f:a0:9f:d3:76:35:32:e5:65:
c3:c5:8d:f2:fe:06:40:2e:65:c4:5c:b2:18:0e:ef:
7a:64:ba:52:64:b0:b6:6f:c8:02:3b:f0:9b:7c:6c:
7b:24:25:a2:84:df:d2:b6:76:2f:d3:e9:b8:f8:48:
3e:79:71:fc:65:fa:f8:90:d8:8c:8e:a4:3a:37:80:
b5:11:1d:30:1f:c3:a8:ce:78:94:b2:34:cc:52:1f:
c5:09:ec:14:aa:32:e0:ff:ec:16:fa:a6:27:cd:11:
06:da:c9:5b:6f:ab:74:65:75:6c:06:2d:82:a3:a9:
a2:8c:e7:7b:30:aa:a4:ac:4d:a7:49:18:fc:f4:e5:
c9:51:66:3a:99:99:6d:a7:d0:8a:b4:7a:00:37:2a:
7a:bc:83:56:20:f6:d6:d8:70:77:ac:fe:28:9f:48:
ea:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:29:60:8D:F8:36:15:E5:AF:CD:4C:33:12:9A:41:90:10:A2:EB:7E
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/FB72D0EC266111F0A850CBC8DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.254.114.0/23
156.255.68.0/22
156.255.88.0-156.255.96.255
156.255.99.0-156.255.115.255
156.255.120.0/21
Signature Algorithm: sha256WithRSAEncryption
9e:f1:d4:e6:8d:a4:49:eb:db:66:db:23:8b:66:bb:7b:31:43:
75:6e:55:92:72:7b:0d:c8:ee:90:29:8c:bb:94:1b:e4:68:18:
a7:1a:e4:10:d1:1e:1f:ac:25:44:7a:ee:2e:e3:9f:9c:55:e6:
dd:49:69:a5:29:21:ad:9d:fe:85:6f:4e:89:3a:ec:80:09:bf:
56:0f:46:0b:5f:63:5e:3b:a3:15:47:1a:fa:da:2a:4e:a4:ce:
49:bb:da:26:2d:8a:a2:d3:fd:fa:61:20:a6:04:72:e4:ff:1b:
96:70:f1:ab:f0:69:ca:9a:6f:0c:27:8e:74:34:77:90:2d:29:
b1:ed:76:d1:5e:13:fa:d8:b3:1c:45:c1:61:01:d1:27:19:80:
d9:84:a2:2b:d5:42:86:b6:e5:bd:9d:0c:a4:73:55:ed:5e:44:
8e:6f:44:73:d6:d8:d4:b8:ea:b2:e4:03:77:97:e5:91:c9:09:
b5:51:b9:96:50:0d:26:d3:08:4d:eb:a4:49:d6:d8:11:6e:26:
16:83:b5:7a:ef:8f:82:9d:24:97:4b:d7:60:2b:ae:df:74:2f:
d6:a0:ae:84:aa:ea:fb:c5:88:18:ff:b1:8a:39:c7:7f:18:f1:
a2:f9:e7:a0:1c:1e:60:99:fd:1c:e1:8e:ca:0d:42:04:fc:c0:
3a:99:43:d5
-----BEGIN CERTIFICATE-----
MIIFqTCCBJGgAwIBAgIDAVEkMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNTAxMDc1NzQ4WhcNMjUwNTEwMDc1NzQ4WjAYMRYw
FAYDVQQDEw02ODEzMjk4MC01ZDZjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAu9QVd6WSmq1nVTYvIDO3MMbg8x3v9xCFmZluPWbFa8JE6V/F2GRcYcjh
6ZXIRStLwyn7weQgK3XNi5G05dS/TYQZD29YNjz6xSxUVNqZWCW+HstIJMDpVifV
uPieoaxvoJ/TdjUy5WXDxY3y/gZALmXEXLIYDu96ZLpSZLC2b8gCO/CbfGx7JCWi
hN/StnYv0+m4+Eg+eXH8Zfr4kNiMjqQ6N4C1ER0wH8OozniUsjTMUh/FCewUqjLg
/+wW+qYnzREG2slbb6t0ZXVsBi2Co6mijOd7MKqkrE2nSRj89OXJUWY6mZltp9CK
tHoANyp6vINWIPbW2HB3rP4on0jq9QIDAQABo4ICyjCCAsYwHQYDVR0OBBYEFFkp
YI34NhXlr81MMxKaQZAQout+MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9GQjcyRDBFQzI2NjExMUYwQTg1MENCQzhEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MEcGCCsGAQUFBwEHAQH/BDgwNjA0BAIAATAuAwQBnP5yAwQCnP9EMAwDBAOc/1gD
BACc/2AwDAMEAJz/YwMEApz/cAMEA5z/eDANBgkqhkiG9w0BAQsFAAOCAQEAnvHU
5o2kSevbZtsji2a7ezFDdW5VknJ7DcjukCmMu5Qb5GgYpxrkENEeH6wlRHruLuOf
nFXm3UlppSkhrZ3+hW9OiTrsgAm/Vg9GC19jXjujFUca+toqTqTOSbvaJi2KotP9
+mEgpgRy5P8blnDxq/BpyppvDCeOdDR3kC0pse120V4T+tizHEXBYQHRJxmA2YSi
K9VChrblvZ0MpHNV7V5Ejm9Ec9bY1LjqsuQDd5flkckJtVG5llANJtMITeukSdbY
EW4mFoO1eu+Pgp0kl0vXYCuu33Qv1qCuhKrq+8WIGP+xijnHfxjxovnnoBweYJn9
HOGOyg1CBPzAOplD1Q==
-----END CERTIFICATE-----
Generated at Sat May 10 18:50:17 2025 by rpki-client