Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/C0C8F5BEB49D11F08FE4959CDAE4EC9C.roa
File: C0C8F5BEB49D11F08FE4959CDAE4EC9C.roa (raw, json)
Hash identifier: CKCZoshcoLcaZC499j8zEa9UNH0Qq2tKzx1ROJ4M/gM=
Subject key identifier: 3F:1F:56:05:C9:C9:F1:8B:17:AC:E3:8E:03:0A:17:7C:40:D9:32:93
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01A61C
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/C0C8F5BEB49D11F08FE4959CDAE4EC9C.roa
Signing time: Wed 29 Oct 2025 08:03:29 +0000
ROA not before: Wed 29 Oct 2025 08:03:24 +0000
ROA not after: Wed 05 Nov 2025 08:03:24 +0000
asID: 9294
IP address blocks: 154.88.96.0/19 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 108060 (0x1a61c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Oct 29 08:03:24 2025 GMT
Not After : Nov 5 08:03:24 2025 GMT
Subject: CN=6901ca51-372d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:31:71:24:a4:99:68:d0:d7:ef:8b:93:d3:ed:
15:2e:4f:f8:cf:99:63:cb:3b:5c:0c:09:3a:ce:06:
68:9e:5b:54:de:8b:42:da:db:11:b8:ba:fd:85:17:
79:41:36:e0:ce:09:c4:6d:00:f3:d6:1c:2f:81:ee:
5f:10:c6:49:e0:cb:b8:d0:6d:5f:32:91:08:93:36:
9c:0d:a1:0f:da:b5:db:8b:9a:c2:39:79:3c:15:7c:
a0:f8:07:92:bf:0b:8e:c7:c4:7d:85:01:fc:19:75:
99:f8:cd:50:4e:68:0e:6b:89:56:8e:ba:00:be:4f:
d4:2e:fa:3b:6c:25:44:6f:bc:18:9c:87:cc:d7:71:
f8:e8:39:cb:d1:da:48:57:13:b0:b2:f4:a6:6b:8b:
e5:3e:f0:04:53:fb:5c:5e:bb:35:de:86:d2:a8:a8:
16:66:c1:fe:31:e9:a0:aa:ac:8a:27:8f:d9:5c:46:
6e:54:88:6d:b4:47:78:bc:2e:89:13:b0:7d:8b:f6:
5f:d0:9c:db:27:10:f3:09:70:b4:0e:c6:16:66:0c:
bd:c5:ef:50:d1:a6:38:58:b2:6b:ff:af:27:b9:46:
a3:08:f0:96:16:6a:8e:18:34:35:26:3a:ee:31:5f:
35:12:fd:af:03:af:79:3d:16:04:2e:55:94:ec:c3:
86:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:1F:56:05:C9:C9:F1:8B:17:AC:E3:8E:03:0A:17:7C:40:D9:32:93
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/C0C8F5BEB49D11F08FE4959CDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.88.96.0/19
Signature Algorithm: sha256WithRSAEncryption
35:a7:06:28:74:fb:3f:35:80:52:d7:9d:28:32:b5:61:c7:97:
28:a4:84:c7:01:ac:cd:8f:bd:42:be:a7:cd:fa:21:23:79:c7:
30:11:d3:9b:32:dc:e7:d0:39:30:3e:5e:f0:47:51:43:0b:f3:
c8:37:df:4b:e8:41:f5:86:37:ac:c8:43:de:a1:2d:54:cd:46:
93:70:19:93:77:38:ca:d8:f3:e8:7f:65:2c:e6:dd:46:7a:c8:
a8:5e:e4:67:51:9c:be:62:1a:63:b8:08:de:40:05:65:77:a4:
db:a4:c6:70:59:8a:4c:c1:af:1d:62:92:09:8d:85:d9:5f:8c:
74:a7:71:20:4d:3e:f8:32:f3:01:65:08:eb:ae:c6:b5:d0:4c:
28:aa:0b:18:41:88:28:9b:59:03:cc:1c:f1:c3:6e:9a:73:1f:
8c:48:7d:58:34:52:4f:a6:47:66:75:46:d1:e9:ce:ab:b0:5b:
6b:47:e1:89:bc:ee:3b:d9:46:db:8a:1a:2e:10:42:bc:17:c5:
26:e4:c4:eb:53:6f:62:77:c8:2d:5e:d5:d1:ec:5b:5e:b8:fd:
95:61:f0:3c:7f:f3:e7:40:5c:da:1d:77:b0:f9:c3:63:2c:49:
49:83:77:d1:29:54:97:d3:97:35:52:88:d4:35:99:cb:3d:7a:
5b:61:d2:29
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAaYcMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUxMDI5MDgwMzI0WhcNMjUxMTA1MDgwMzI0WjAYMRYw
FAYDVQQDEw02OTAxY2E1MS0zNzJkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAuDFxJKSZaNDX74uT0+0VLk/4z5ljyztcDAk6zgZonltU3otC2tsRuLr9
hRd5QTbgzgnEbQDz1hwvge5fEMZJ4Mu40G1fMpEIkzacDaEP2rXbi5rCOXk8FXyg
+AeSvwuOx8R9hQH8GXWZ+M1QTmgOa4lWjroAvk/ULvo7bCVEb7wYnIfM13H46DnL
0dpIVxOwsvSma4vlPvAEU/tcXrs13obSqKgWZsH+MemgqqyKJ4/ZXEZuVIhttEd4
vC6JE7B9i/Zf0JzbJxDzCXC0DsYWZgy9xe9Q0aY4WLJr/68nuUajCPCWFmqOGDQ1
JjruMV81Ev2vA695PRYELlWU7MOGaQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFD8f
VgXJyfGLF6zjjgMKF3xA2TKTMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9DMEM4RjVCRUI0OUQxMUYwOEZFNDk1OUNEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQFmlhgMA0GCSqGSIb3DQEB
CwUAA4IBAQA1pwYodPs/NYBS150oMrVhx5copITHAazNj71CvqfN+iEjeccwEdOb
Mtzn0DkwPl7wR1FDC/PIN99L6EH1hjesyEPeoS1UzUaTcBmTdzjK2PPof2Us5t1G
esioXuRnUZy+YhpjuAjeQAVld6TbpMZwWYpMwa8dYpIJjYXZX4x0p3EgTT74MvMB
ZQjrrsa10EwoqgsYQYgom1kDzBzxw26acx+MSH1YNFJPpkdmdUbR6c6rsFtrR+GJ
vO472UbbihouEEK8F8Um5MTrU29id8gtXtXR7FteuP2VYfA8f/PnQFzaHXew+cNj
LElJg3fRKVSX05c1UojUNZnLPXpbYdIp
-----END CERTIFICATE-----
Generated at Wed Nov 5 15:19:20 2025 by rpki-client