Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/D5CFB5C09A2511F0B1BF60BEDAE4EC9C.roa
File: D5CFB5C09A2511F0B1BF60BEDAE4EC9C.roa (raw, json)
Hash identifier: +36lecY2lf+LSnIJWv1zfrWbIOF1uEOHul7es7g7fIg=
Subject key identifier: D2:0C:BE:6E:51:1A:44:44:52:37:BB:07:64:C9:CA:2B:8D:B9:F2:B1
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 017D4E
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/D5CFB5C09A2511F0B1BF60BEDAE4EC9C.roa
Signing time: Thu 25 Sep 2025 15:39:34 +0000
ROA not before: Thu 25 Sep 2025 15:39:29 +0000
ROA not after: Sat 18 Oct 2025 15:39:29 +0000
asID: 203020
IP address blocks: 156.233.16.0/21 maxlen: 24
156.241.8.0/21 maxlen: 24
156.241.32.0/21 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 97614 (0x17d4e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Sep 25 15:39:29 2025 GMT
Not After : Oct 18 15:39:29 2025 GMT
Subject: CN=68d56236-35ab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:a8:b7:e7:4e:a0:26:15:19:4c:14:5c:bc:76:
b1:09:3c:f9:8b:e6:4a:85:fd:22:1f:e1:3b:af:01:
b4:63:b1:32:62:b1:b4:2b:78:99:45:46:a3:4c:cb:
e0:52:86:00:f2:f3:03:36:4a:38:83:16:67:dd:11:
bd:49:b1:b9:c2:5d:49:94:97:f8:57:b0:03:7e:d4:
14:80:5e:5d:cd:fc:bc:d1:c5:bf:e8:b1:9c:18:03:
9e:d8:76:30:a0:f2:d2:5e:0d:c4:7c:23:67:66:64:
b2:52:85:7f:d9:4e:cb:18:c8:1a:ea:c1:19:98:2b:
c6:17:e4:67:6c:a5:e6:57:af:0f:0c:84:59:46:f8:
7d:48:05:22:35:19:a5:91:dd:5e:20:98:f0:5c:b1:
bc:37:35:5b:5e:70:29:fd:ae:b9:84:e1:20:8b:0a:
17:47:cf:8f:e2:e6:d6:5c:e2:58:f5:b8:ec:eb:a6:
7a:93:db:d1:61:40:19:2e:e1:5a:05:fb:bd:9c:74:
d5:1a:d0:4a:ac:c6:f4:b4:eb:2a:33:5e:27:fd:72:
68:73:11:ba:56:8b:3f:66:1f:45:e5:fc:b4:81:1f:
ef:4d:ee:81:b9:87:f3:3c:80:87:eb:0b:2f:52:80:
6b:b6:fd:ae:19:3c:d0:a5:a4:c8:4e:ea:2d:cf:e5:
b5:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:0C:BE:6E:51:1A:44:44:52:37:BB:07:64:C9:CA:2B:8D:B9:F2:B1
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/D5CFB5C09A2511F0B1BF60BEDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.233.16.0/21
156.241.8.0/21
156.241.32.0/21
Signature Algorithm: sha256WithRSAEncryption
a4:c2:98:df:1d:49:4f:ac:68:51:f7:3e:84:07:bf:95:99:68:
be:42:17:4f:3f:82:1e:1b:d5:2a:b5:c6:dc:20:b0:c2:40:bd:
08:09:ff:09:c6:7b:dc:16:ec:b9:13:57:2e:3a:09:14:85:ad:
42:57:77:9e:32:47:c5:21:e9:65:d5:9a:f6:c3:e4:31:8e:fe:
45:0a:98:2a:24:f8:9e:fa:f7:76:a7:88:d2:14:41:46:0f:16:
4c:44:b2:23:48:b4:3d:dc:3b:a9:8a:17:24:42:e0:a9:8f:c8:
db:d9:7e:1d:00:1e:07:d0:b9:75:62:85:82:79:6f:3a:51:53:
5e:8f:e2:3b:d6:d1:c8:56:e9:1d:33:79:0e:fd:22:59:35:a8:
9e:b5:38:de:9a:73:6f:fb:5c:b6:48:e1:62:61:65:9c:f0:f2:
b9:b4:f0:aa:b7:bc:18:af:c3:03:91:12:02:d5:73:27:11:6d:
b9:45:3f:47:c4:f4:38:bc:1d:0f:39:dd:9f:90:62:c6:60:ed:
89:7c:19:20:a0:78:ca:00:87:a2:91:ab:44:3f:93:39:a6:3a:
37:bb:8d:e1:df:8c:41:87:99:d4:4d:48:31:bb:14:ed:dc:35:
2f:61:dc:eb:5a:b2:84:84:96:23:60:10:b2:00:1c:8c:2f:82:
5f:0e:7c:41
-----BEGIN CERTIFICATE-----
MIIFjTCCBHWgAwIBAgIDAX1OMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwOTI1MTUzOTI5WhcNMjUxMDE4MTUzOTI5WjAYMRYw
FAYDVQQDEw02OGQ1NjIzNi0zNWFiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAq6i3506gJhUZTBRcvHaxCTz5i+ZKhf0iH+E7rwG0Y7EyYrG0K3iZRUaj
TMvgUoYA8vMDNko4gxZn3RG9SbG5wl1JlJf4V7ADftQUgF5dzfy80cW/6LGcGAOe
2HYwoPLSXg3EfCNnZmSyUoV/2U7LGMga6sEZmCvGF+RnbKXmV68PDIRZRvh9SAUi
NRmlkd1eIJjwXLG8NzVbXnAp/a65hOEgiwoXR8+P4ubWXOJY9bjs66Z6k9vRYUAZ
LuFaBfu9nHTVGtBKrMb0tOsqM14n/XJocxG6Vos/Zh9F5fy0gR/vTe6BuYfzPICH
6wsvUoBrtv2uGTzQpaTITuotz+W1mwIDAQABo4ICrjCCAqowHQYDVR0OBBYEFNIM
vm5RGkREUje7B2TJyiuNufKxMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9ENUNGQjVDMDlBMjUxMUYwQjFCRjYwQkVEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQDnOkQAwQDnPEIAwQDnPEgMA0G
CSqGSIb3DQEBCwUAA4IBAQCkwpjfHUlPrGhR9z6EB7+VmWi+QhdPP4IeG9Uqtcbc
ILDCQL0ICf8JxnvcFuy5E1cuOgkUha1CV3eeMkfFIell1Zr2w+Qxjv5FCpgqJPie
+vd2p4jSFEFGDxZMRLIjSLQ93DupihckQuCpj8jb2X4dAB4H0Ll1YoWCeW86UVNe
j+I71tHIVukdM3kO/SJZNaietTjemnNv+1y2SOFiYWWc8PK5tPCqt7wYr8MDkRIC
1XMnEW25RT9HxPQ4vB0POd2fkGLGYO2JfBkgoHjKAIeikatEP5M5pjo3u43h34xB
h5nUTUgxuxTt3DUvYdzrWrKEhJYjYBCyAByML4JfDnxB
-----END CERTIFICATE-----
Generated at Sun Oct 19 11:34:16 2025 by rpki-client