Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/0A218D08D41411F0A8F7DF8FDAE4EC9C.roa
File: 0A218D08D41411F0A8F7DF8FDAE4EC9C.roa (raw, json)
Hash identifier: LI/NFX8j1HWrvi7BwUHjnNTJMDIA+ssRYf/Xn8FlDyM=
Subject key identifier: 01:5C:D5:F0:A6:17:B3:EC:D8:CB:48:A3:75:BA:5F:25:84:B3:62:17
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01AD59
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/0A218D08D41411F0A8F7DF8FDAE4EC9C.roa
Signing time: Mon 08 Dec 2025 08:58:19 +0000
ROA not before: Mon 08 Dec 2025 08:58:13 +0000
ROA not after: Thu 18 Dec 2025 08:58:13 +0000
asID: 151970
IP address blocks: 154.197.74.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 109913 (0x1ad59)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Dec 8 08:58:13 2025 GMT
Not After : Dec 18 08:58:13 2025 GMT
Subject: CN=6936932a-a24f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:e1:2f:41:15:4e:14:93:9a:39:f2:a8:5c:75:
17:70:59:dd:8e:57:1b:b6:61:de:4b:a6:0c:7c:26:
e4:c4:a9:39:f4:ba:34:58:50:d0:05:be:35:91:ae:
34:ff:b9:4c:00:94:c3:5c:6e:bd:db:14:c0:65:a0:
b0:7a:53:8e:b4:75:81:4c:f7:7c:2f:74:af:14:b8:
90:4c:7a:38:52:4d:53:b1:84:78:e8:95:83:eb:ba:
22:b3:e4:27:93:05:dd:f2:c5:42:fc:1b:b8:e3:69:
3b:1a:74:72:6e:12:a1:1a:2b:0d:52:67:4b:b6:81:
84:c9:fb:33:2e:6c:d9:80:83:d5:0c:b2:e6:a4:f9:
5d:26:8a:c5:b2:c6:3c:a3:fb:31:eb:d0:85:90:20:
63:64:c7:c2:00:db:04:b8:81:c9:f8:3f:48:c9:8f:
1a:b3:97:75:1a:39:58:0e:72:15:f3:24:c3:b9:cc:
37:07:d2:ed:25:97:2e:f3:7c:b8:d8:9a:4e:38:7d:
f2:d4:a6:ab:97:b5:e8:fe:35:28:ed:ac:9a:da:81:
2f:0b:2f:a9:d6:cb:e4:d6:ff:7a:21:c2:47:c1:07:
95:ea:dd:8f:49:67:06:13:f8:01:9f:b8:cc:8d:7a:
cd:2f:8c:a0:5d:fa:8c:47:83:cd:02:68:2f:c6:81:
42:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:5C:D5:F0:A6:17:B3:EC:D8:CB:48:A3:75:BA:5F:25:84:B3:62:17
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/0A218D08D41411F0A8F7DF8FDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.197.74.0/24
Signature Algorithm: sha256WithRSAEncryption
3a:e9:97:23:c4:11:7e:32:1b:ba:8e:e0:e2:0c:f0:7d:05:37:
4c:d1:ed:de:9d:6b:0b:2c:fd:8e:08:c8:f7:49:62:17:75:bb:
1d:d8:ae:fc:29:38:17:d6:84:a9:24:cc:6e:e4:50:73:31:a5:
69:17:62:91:43:9d:9a:d4:7c:0a:4c:df:2a:4e:4a:4c:2e:3d:
27:59:38:cd:04:05:d3:3c:47:b8:ce:46:6e:a7:ad:fe:a3:80:
a1:38:bf:db:7d:27:17:d5:fe:58:20:f3:f8:44:cf:25:5e:c1:
1e:e4:e1:24:45:8e:a5:db:9f:f1:f3:36:68:af:67:38:c1:a2:
ca:ed:24:63:4c:a5:55:cb:10:44:c6:44:e0:2f:3f:f3:44:5a:
7a:aa:d1:ee:d4:a1:14:71:bf:24:aa:db:56:18:e7:c3:2b:19:
3d:35:28:71:82:e3:f0:4c:e7:10:26:31:ec:e7:dc:c8:16:1e:
64:a9:dc:84:91:2a:b9:e7:5f:c2:57:d2:bb:88:ba:3a:37:71:
3d:82:d6:1b:67:05:1a:72:ac:6b:fb:b1:32:5e:46:91:7e:6b:
6b:e7:98:c4:df:48:f2:46:19:a7:03:d7:f0:b6:fd:23:d2:e4:
c3:f9:7d:07:24:b6:20:fe:aa:03:d5:cd:7c:c4:63:3c:17:f8:
59:98:25:01
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAa1ZMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUxMjA4MDg1ODEzWhcNMjUxMjE4MDg1ODEzWjAYMRYw
FAYDVQQDEw02OTM2OTMyYS1hMjRmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAouEvQRVOFJOaOfKoXHUXcFndjlcbtmHeS6YMfCbkxKk59Lo0WFDQBb41
ka40/7lMAJTDXG692xTAZaCwelOOtHWBTPd8L3SvFLiQTHo4Uk1TsYR46JWD67oi
s+QnkwXd8sVC/Bu442k7GnRybhKhGisNUmdLtoGEyfszLmzZgIPVDLLmpPldJorF
ssY8o/sx69CFkCBjZMfCANsEuIHJ+D9IyY8as5d1GjlYDnIV8yTDucw3B9LtJZcu
83y42JpOOH3y1Karl7Xo/jUo7aya2oEvCy+p1svk1v96IcJHwQeV6t2PSWcGE/gB
n7jMjXrNL4ygXfqMR4PNAmgvxoFC/QIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFAFc
1fCmF7Ps2MtIo3W6XyWEs2IXMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8wQTIxOEQwOEQ0MTQxMUYwQThGN0RGOEZEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmsVKMA0GCSqGSIb3DQEB
CwUAA4IBAQA66ZcjxBF+Mhu6juDiDPB9BTdM0e3enWsLLP2OCMj3SWIXdbsd2K78
KTgX1oSpJMxu5FBzMaVpF2KRQ52a1HwKTN8qTkpMLj0nWTjNBAXTPEe4zkZup63+
o4ChOL/bfScX1f5YIPP4RM8lXsEe5OEkRY6l25/x8zZor2c4waLK7SRjTKVVyxBE
xkTgLz/zRFp6qtHu1KEUcb8kqttWGOfDKxk9NShxguPwTOcQJjHs59zIFh5kqdyE
kSq551/CV9K7iLo6N3E9gtYbZwUacqxr+7EyXkaRfmtr55jE30jyRhmnA9fwtv0j
0uTD+X0HJLYg/qoD1c18xGM8F/hZmCUB
-----END CERTIFICATE-----
Generated at Thu Mar 12 05:07:33 2026 by rpki-client