Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/01DF24C4993711F0B18346B3DAE4EC9C.roa
File: 01DF24C4993711F0B18346B3DAE4EC9C.roa (raw, json)
Hash identifier: skmkDxbM3r4tcetlXuPhERgtKxwsTqe5p9FxovSFDi4=
Subject key identifier: B0:F9:AB:39:B6:B0:7A:6A:C7:FA:78:08:D0:5D:95:87:8B:98:33:17
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01A04C
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/01DF24C4993711F0B18346B3DAE4EC9C.roa
Signing time: Wed 24 Sep 2025 11:09:58 +0000
ROA not before: Wed 24 Sep 2025 11:09:54 +0000
ROA not after: Sat 18 Oct 2025 11:09:54 +0000
asID: 204044
IP address blocks: 154.84.184.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 106572 (0x1a04c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Sep 24 11:09:54 2025 GMT
Not After : Oct 18 11:09:54 2025 GMT
Subject: CN=68d3d186-beb0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f1:22:a7:06:ab:2c:8b:ec:67:f0:7a:94:66:9f:
90:24:28:f2:16:0d:d3:f7:5d:d4:ba:38:b6:ab:d8:
9b:d7:45:6a:7c:7f:96:55:1c:cd:6b:e8:60:91:61:
fb:74:02:1d:32:03:35:31:fb:40:4c:78:79:7e:ec:
52:ab:89:7a:1a:9a:6a:59:77:de:73:35:d2:10:11:
aa:aa:96:c3:b5:6a:40:68:cc:6f:d3:6a:30:1a:20:
b7:9b:ce:b4:5e:3a:62:5a:2d:74:f4:99:db:c3:cb:
69:b3:75:16:fa:1c:2d:0c:ce:83:84:fc:3f:63:5f:
0e:b6:77:e1:de:a2:ee:7f:47:61:21:c9:1c:22:26:
40:12:4e:6c:76:3e:e8:a2:e0:94:c7:b6:ec:ac:e6:
f1:f0:80:41:c2:8b:82:ee:5f:08:7e:8b:a8:0d:35:
ba:7b:73:50:c3:e9:62:04:c0:c2:c5:59:ab:fe:1f:
a7:5f:9c:6b:56:78:58:d0:26:4a:41:d1:a8:d2:fc:
52:8a:f2:b1:ea:dd:ef:71:9d:ac:a6:68:a4:35:13:
c2:b3:83:76:8e:8d:44:a0:d0:d6:6c:4e:a1:16:95:
af:6f:e5:97:47:f4:46:97:af:19:cd:38:df:e6:e5:
96:f5:77:95:e1:e3:19:7b:21:58:12:9e:e4:1f:fd:
4f:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:F9:AB:39:B6:B0:7A:6A:C7:FA:78:08:D0:5D:95:87:8B:98:33:17
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/01DF24C4993711F0B18346B3DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.84.184.0/24
Signature Algorithm: sha256WithRSAEncryption
d0:25:86:16:2d:55:8d:d5:a1:29:9b:22:57:54:c8:a6:90:8c:
9a:87:da:19:4e:eb:35:21:5f:c2:fc:4d:80:d8:1a:49:c5:af:
3e:c8:01:6f:59:e7:14:2f:9d:54:f1:eb:b1:66:6c:ce:a9:21:
79:36:3c:79:e4:a0:d6:5e:16:14:08:e3:05:b7:85:7f:32:8e:
35:70:2c:c5:86:54:28:fc:5d:4f:53:62:45:dd:62:97:a9:b0:
22:41:b9:22:f2:45:22:68:9a:8a:aa:66:a9:a7:d7:26:a8:ab:
1a:88:ce:ee:7f:36:28:3c:7a:a6:cf:6d:a0:f1:e3:07:a4:c7:
17:d4:5c:60:48:b0:86:6d:b3:b3:a5:44:6b:66:83:4a:7f:c1:
52:ca:20:21:7a:aa:67:4e:96:60:78:b7:6b:9e:98:78:7b:65:
33:32:34:47:9c:74:43:f3:bc:03:3e:e5:d0:88:69:77:e9:47:
95:be:7b:be:eb:70:e7:e2:d5:f2:6d:c5:db:92:6b:68:1c:9f:
35:ad:39:09:14:77:bf:8e:ad:69:bb:db:1e:97:cc:44:f6:1a:
06:1d:88:9c:61:55:5c:52:bf:9b:b7:93:5e:70:b8:66:3f:f4:
60:88:e1:1e:93:49:8d:5f:99:86:97:ed:86:87:6b:b0:f4:96:
40:b3:ce:27
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAaBMMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwOTI0MTEwOTU0WhcNMjUxMDE4MTEwOTU0WjAYMRYw
FAYDVQQDEw02OGQzZDE4Ni1iZWIwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA8SKnBqssi+xn8HqUZp+QJCjyFg3T913Uuji2q9ib10VqfH+WVRzNa+hg
kWH7dAIdMgM1MftATHh5fuxSq4l6GppqWXfeczXSEBGqqpbDtWpAaMxv02owGiC3
m860XjpiWi109Jnbw8tps3UW+hwtDM6DhPw/Y18Otnfh3qLuf0dhIckcIiZAEk5s
dj7oouCUx7bsrObx8IBBwouC7l8IfouoDTW6e3NQw+liBMDCxVmr/h+nX5xrVnhY
0CZKQdGo0vxSivKx6t3vcZ2spmikNRPCs4N2jo1EoNDWbE6hFpWvb+WXR/RGl68Z
zTjf5uWW9XeV4eMZeyFYEp7kH/1PpwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFLD5
qzm2sHpqx/p4CNBdlYeLmDMXMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8wMURGMjRDNDk5MzcxMUYwQjE4MzQ2QjNEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmlS4MA0GCSqGSIb3DQEB
CwUAA4IBAQDQJYYWLVWN1aEpmyJXVMimkIyah9oZTus1IV/C/E2A2BpJxa8+yAFv
WecUL51U8euxZmzOqSF5Njx55KDWXhYUCOMFt4V/Mo41cCzFhlQo/F1PU2JF3WKX
qbAiQbki8kUiaJqKqmapp9cmqKsaiM7ufzYoPHqmz22g8eMHpMcX1FxgSLCGbbOz
pURrZoNKf8FSyiAheqpnTpZgeLdrnph4e2UzMjRHnHRD87wDPuXQiGl36UeVvnu+
63Dn4tXybcXbkmtoHJ81rTkJFHe/jq1pu9sel8xE9hoGHYicYVVcUr+bt5NecLhm
P/RgiOEek0mNX5mGl+2Gh2uw9JZAs84n
-----END CERTIFICATE-----
Generated at Sun Oct 19 08:51:22 2025 by rpki-client