Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/B16B38A6FC1A11F0829004A6DAE4EC9C.roa
File: B16B38A6FC1A11F0829004A6DAE4EC9C.roa (raw, json)
Hash identifier: cODZyQTf1CzNcXNx94tJFsmh38S6+IPW4uXXGvXFxbU=
Subject key identifier: EC:0F:2D:44:24:A2:54:F5:4B:D9:F3:23:18:9B:4E:3D:1E:28:D2:A5
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01B6F7
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/B16B38A6FC1A11F0829004A6DAE4EC9C.roa
Signing time: Wed 28 Jan 2026 07:26:43 +0000
ROA not before: Wed 28 Jan 2026 07:26:37 +0000
ROA not after: Mon 02 Mar 2026 07:26:37 +0000
asID: 153671
IP address blocks: 154.196.128.0/24 maxlen: 24
154.196.152.0/21 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 112375 (0x1b6f7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jan 28 07:26:37 2026 GMT
Not After : Mar 2 07:26:37 2026 GMT
Subject: CN=6979ba33-f9ad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:e4:10:11:dc:0b:b5:c6:19:0f:19:e3:b8:7f:
90:e0:ee:24:38:f3:d8:a4:f3:26:dd:46:2c:41:72:
41:3d:36:8d:5c:e5:22:c5:d6:5d:8f:48:61:4e:b1:
ef:7f:0e:6f:12:0d:88:08:ac:4e:5c:6c:17:4f:d6:
46:96:ce:cd:8c:a6:f0:35:0f:a5:28:78:c5:c9:25:
ff:21:fb:91:e5:b5:33:4b:a1:60:1b:2b:ba:44:77:
fa:b7:03:00:9a:f6:f9:31:e2:10:b4:69:bf:f2:cf:
bb:fd:7d:a8:09:12:bf:99:51:99:9d:fe:9f:91:33:
a7:4e:b1:f7:82:7d:56:76:1f:a4:5f:39:5c:a0:11:
d0:ce:eb:81:0a:d8:82:0d:42:11:74:d7:16:ea:a1:
e4:69:46:a0:65:f5:92:f7:81:db:7b:a0:5f:8c:9e:
d3:95:df:b9:56:69:5b:ce:f6:48:82:ef:1a:9b:db:
2c:bc:77:04:03:23:19:e8:9a:6f:6e:12:89:e7:a8:
25:74:38:a1:17:f1:50:4f:fb:3e:83:ed:8e:cb:25:
4e:60:5b:f0:44:7e:d1:c8:ef:d9:d2:49:a6:fb:59:
f3:5b:36:6f:b9:31:5a:3f:de:69:20:b4:43:51:58:
c9:59:74:7b:6f:35:4e:37:88:db:39:fd:6a:fe:8a:
50:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:0F:2D:44:24:A2:54:F5:4B:D9:F3:23:18:9B:4E:3D:1E:28:D2:A5
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/B16B38A6FC1A11F0829004A6DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.196.128.0/24
154.196.152.0/21
Signature Algorithm: sha256WithRSAEncryption
4f:f7:f9:97:ac:fb:cb:9d:bc:c3:71:9d:f3:77:76:6c:2d:78:
3c:e1:6e:3f:6e:36:8f:a0:f8:dd:4e:7b:78:84:40:b1:7d:09:
7b:b0:60:01:81:23:6b:97:5e:15:11:97:dc:39:26:22:45:0f:
7d:b4:7f:ef:39:3c:12:fb:21:25:e9:33:8d:24:65:df:ac:a5:
1d:e7:8f:56:d6:ce:c6:c6:4e:c4:51:a2:e8:53:68:b0:a2:a4:
0c:80:9e:82:0b:95:17:c7:f9:94:54:20:85:1e:da:a7:f5:2d:
ba:c8:ee:13:89:4d:21:0d:d1:04:19:98:aa:c1:7e:2d:4a:7a:
f1:8b:cd:f5:43:8f:9e:9f:f5:1f:84:ca:d7:66:0b:a9:e4:78:
51:38:1e:8e:35:8c:10:85:ea:ec:c0:c9:79:c3:71:16:b4:42:
92:59:b3:bf:13:13:b1:59:00:5b:e5:e7:70:91:61:01:5a:ec:
45:dc:f7:f4:22:8e:a9:12:a0:37:e6:81:48:43:85:d7:eb:17:
ba:d8:7f:12:60:0f:a1:bf:f8:72:0e:1b:d8:36:e8:5a:cf:bf:
36:01:5f:e9:ce:bc:3d:37:75:43:62:c3:b4:b0:03:81:84:10:
51:26:17:cc:43:c1:2a:ec:ed:fe:e2:c9:a0:33:99:cf:dc:9f:
77:12:97:eb
-----BEGIN CERTIFICATE-----
MIIFijCCBHKgAwIBAgIDAbb3MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjYwMTI4MDcyNjM3WhcNMjYwMzAyMDcyNjM3WjAYMRYw
FAYDVQQDEw02OTc5YmEzMy1mOWFkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAt+QQEdwLtcYZDxnjuH+Q4O4kOPPYpPMm3UYsQXJBPTaNXOUixdZdj0hh
TrHvfw5vEg2ICKxOXGwXT9ZGls7NjKbwNQ+lKHjFySX/IfuR5bUzS6FgGyu6RHf6
twMAmvb5MeIQtGm/8s+7/X2oCRK/mVGZnf6fkTOnTrH3gn1Wdh+kXzlcoBHQzuuB
CtiCDUIRdNcW6qHkaUagZfWS94Hbe6BfjJ7Tld+5VmlbzvZIgu8am9ssvHcEAyMZ
6JpvbhKJ56gldDihF/FQT/s+g+2OyyVOYFvwRH7RyO/Z0kmm+1nzWzZvuTFaP95p
ILRDUVjJWXR7bzVON4jbOf1q/opQ6QIDAQABo4ICqzCCAqcwHQYDVR0OBBYEFOwP
LUQkolT1S9nzIxibTj0eKNKlMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9CMTZCMzhBNkZDMUExMUYwODI5MDA0QTZEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAmsSAAwQDmsSYMA0GCSqG
SIb3DQEBCwUAA4IBAQBP9/mXrPvLnbzDcZ3zd3ZsLXg84W4/bjaPoPjdTnt4hECx
fQl7sGABgSNrl14VEZfcOSYiRQ99tH/vOTwS+yEl6TONJGXfrKUd549W1s7Gxk7E
UaLoU2iwoqQMgJ6CC5UXx/mUVCCFHtqn9S26yO4TiU0hDdEEGZiqwX4tSnrxi831
Q4+en/UfhMrXZgup5HhROB6ONYwQherswMl5w3EWtEKSWbO/ExOxWQBb5edwkWEB
WuxF3Pf0Io6pEqA35oFIQ4XX6xe62H8SYA+hv/hyDhvYNuhaz782AV/pzrw9N3VD
YsO0sAOBhBBRJhfMQ8Eq7O3+4smgM5nP3J93Epfr
-----END CERTIFICATE-----
Generated at Mon Mar 2 11:20:54 2026 by rpki-client