Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/06E699D6A02911F0AC249EBDDAE4EC9C.roa
File: 06E699D6A02911F0AC249EBDDAE4EC9C.roa (raw, json)
Hash identifier: XFfykoXEtMn0MNV7dRnS0FcLOJqr73hYKG6euNvhvRg=
Subject key identifier: EC:00:59:98:10:5D:D3:8F:93:C1:20:2A:59:73:8A:3A:98:67:5E:D9
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01A217
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/06E699D6A02911F0AC249EBDDAE4EC9C.roa
Signing time: Fri 03 Oct 2025 07:17:32 +0000
ROA not before: Fri 03 Oct 2025 07:17:27 +0000
ROA not after: Sat 18 Oct 2025 07:17:27 +0000
asID: 211392
IP address blocks: 154.84.14.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 107031 (0x1a217)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Oct 3 07:17:27 2025 GMT
Not After : Oct 18 07:17:27 2025 GMT
Subject: CN=68df788c-b8dc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:4f:6d:56:00:31:72:58:ff:57:5e:03:86:23:
05:e9:d4:7f:21:b8:dd:59:c2:64:1a:1e:d0:72:a2:
c6:09:5c:d6:6e:e7:2f:27:f4:47:d9:03:83:0e:fa:
ee:51:09:62:ab:f9:a6:d6:a1:17:e4:91:96:b1:d0:
64:39:0f:31:55:5c:3c:cb:5d:e2:f6:79:0a:65:52:
d2:5f:42:49:b4:23:cc:fc:8c:89:eb:8a:7e:07:1e:
d0:f7:18:72:1d:af:53:97:19:4b:27:b7:fb:f9:5f:
40:00:1b:6c:c2:07:7a:8c:56:80:82:5b:75:e9:78:
51:1e:5f:05:11:92:5e:51:69:ce:ca:aa:8e:f4:cc:
81:ec:c4:62:7e:ed:45:c9:9a:0a:65:b8:f2:e9:10:
f9:73:86:6f:32:26:dd:ea:a4:e9:97:36:7d:50:41:
73:62:7e:86:ae:5f:59:84:0a:9e:77:15:af:95:09:
e7:07:80:85:4d:17:bf:3f:dc:09:9b:ad:39:5c:a8:
38:ee:f1:3a:75:4a:95:d5:de:c7:2b:65:a2:f8:3f:
74:e0:82:51:d2:15:f3:27:ef:a9:df:50:98:26:6f:
7b:3c:a9:60:ae:2a:6a:b3:a3:d0:fd:aa:e4:59:e4:
08:b8:20:e8:84:ac:45:b2:e5:b2:2a:5b:bc:ad:d7:
8b:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:00:59:98:10:5D:D3:8F:93:C1:20:2A:59:73:8A:3A:98:67:5E:D9
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/06E699D6A02911F0AC249EBDDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.84.14.0/24
Signature Algorithm: sha256WithRSAEncryption
7b:c9:2f:e6:c0:5a:fe:f6:af:2d:9b:53:4b:16:87:e7:21:91:
e1:a6:f9:60:0f:63:5b:19:34:bf:dd:ac:a3:0b:24:20:19:91:
71:e2:92:17:4a:47:69:70:5b:3b:03:c5:ef:1e:22:aa:50:64:
fa:20:da:6f:99:e4:37:31:7b:0f:7e:0e:54:c2:2e:cb:04:f1:
0a:07:0a:9b:a8:4b:fc:a6:d2:38:61:fe:3d:63:cd:2f:17:41:
0b:65:3f:d1:5b:e4:ad:fa:d0:0d:b2:1e:6a:b2:15:cc:a4:33:
3a:00:df:56:18:31:b5:5a:8c:4d:21:b8:48:51:88:92:fa:2d:
6f:64:91:ce:be:a2:d9:7d:f6:70:fb:44:18:52:56:d1:4e:c3:
3b:e1:3a:1b:3c:44:63:84:d6:5a:7c:12:7c:d0:ed:be:60:68:
9d:00:05:b0:a4:f3:4e:1e:8c:b3:08:e1:5d:e3:4f:14:3e:ee:
26:95:1a:fc:58:52:91:ea:16:6f:54:0f:bc:e3:cd:00:ea:40:
53:0b:6d:c4:af:5e:39:8d:05:c6:09:b8:0f:a3:8f:45:2e:8f:
9e:58:f1:cf:e4:f1:ec:4b:f5:e3:6e:c2:d3:0b:85:ea:a0:10:
7d:87:e4:e5:2d:cd:0a:7b:5e:8d:c8:a7:e6:fe:77:93:42:eb:
6d:97:15:59
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAaIXMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUxMDAzMDcxNzI3WhcNMjUxMDE4MDcxNzI3WjAYMRYw
FAYDVQQDEw02OGRmNzg4Yy1iOGRjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAv09tVgAxclj/V14DhiMF6dR/IbjdWcJkGh7QcqLGCVzWbucvJ/RH2QOD
DvruUQliq/mm1qEX5JGWsdBkOQ8xVVw8y13i9nkKZVLSX0JJtCPM/IyJ64p+Bx7Q
9xhyHa9TlxlLJ7f7+V9AABtswgd6jFaAglt16XhRHl8FEZJeUWnOyqqO9MyB7MRi
fu1FyZoKZbjy6RD5c4ZvMibd6qTplzZ9UEFzYn6Grl9ZhAqedxWvlQnnB4CFTRe/
P9wJm605XKg47vE6dUqV1d7HK2Wi+D904IJR0hXzJ++p31CYJm97PKlgripqs6PQ
/arkWeQIuCDohKxFsuWyKlu8rdeLQwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFOwA
WZgQXdOPk8EgKllzijqYZ17ZMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8wNkU2OTlENkEwMjkxMUYwQUMyNDlFQkREQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmlQOMA0GCSqGSIb3DQEB
CwUAA4IBAQB7yS/mwFr+9q8tm1NLFofnIZHhpvlgD2NbGTS/3ayjCyQgGZFx4pIX
SkdpcFs7A8XvHiKqUGT6INpvmeQ3MXsPfg5Uwi7LBPEKBwqbqEv8ptI4Yf49Y80v
F0ELZT/RW+St+tANsh5qshXMpDM6AN9WGDG1WoxNIbhIUYiS+i1vZJHOvqLZffZw
+0QYUlbRTsM74TobPERjhNZafBJ80O2+YGidAAWwpPNOHoyzCOFd408UPu4mlRr8
WFKR6hZvVA+8480A6kBTC23Er145jQXGCbgPo49FLo+eWPHP5PHsS/XjbsLTC4Xq
oBB9h+TlLc0Ke16NyKfm/neTQuttlxVZ
-----END CERTIFICATE-----
Generated at Sun Oct 19 08:50:52 2025 by rpki-client