Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F367DFA4/08B8D82093AC11EBB1D2A832F8AEA228/3384E600FE7A11F0939366BBDAE4EC9C.roa
File: 3384E600FE7A11F0939366BBDAE4EC9C.roa (raw, json)
Hash identifier: xB3wYhH3XLyGWY+r81uYsFjHItjknHEeHmYLJyu+eTY=
Subject key identifier: 73:8F:8E:D4:55:41:FF:23:A2:A5:01:E0:96:EE:10:A7:40:57:05:01
Certificate issuer: /CN=F367DFA4AF/serialNumber=97C90E25212D887CF9E1DE6FDDF551BA812FA139
Certificate serial: 08AF
Authority key identifier: 97:C9:0E:25:21:2D:88:7C:F9:E1:DE:6F:DD:F5:51:BA:81:2F:A1:39
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/l8kOJSEtiHz54d5v3fVRuoEvoTk.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F367DFA4/08B8D82093AC11EBB1D2A832F8AEA228/3384E600FE7A11F0939366BBDAE4EC9C.roa
Signing time: Sat 31 Jan 2026 07:55:25 +0000
ROA not before: Sat 31 Jan 2026 07:55:21 +0000
ROA not after: Mon 02 Mar 2026 07:55:21 +0000
asID: 22724
IP address blocks: 102.177.166.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2223 (0x8af)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F367DFA4AF, serialNumber=97C90E25212D887CF9E1DE6FDDF551BA812FA139
Validity
Not Before: Jan 31 07:55:21 2026 GMT
Not After : Mar 2 07:55:21 2026 GMT
Subject: CN=697db56d-20c0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:c6:89:b8:bf:29:30:f8:88:47:0b:e5:b1:53:
9c:5a:97:4b:cb:a8:d4:3e:2a:b8:fd:ed:16:4f:fd:
08:c3:93:11:ab:6c:b0:ce:e8:91:40:3f:48:e9:3b:
d9:14:2d:42:e3:0e:d4:e5:bc:2a:e7:e1:f1:b5:83:
ea:1f:5d:c2:15:c0:0b:91:17:b7:78:b6:fb:71:35:
3e:0b:1b:30:60:84:89:47:3a:30:d2:05:fe:5c:d8:
64:06:ed:2d:a3:07:d7:f3:87:c1:fa:75:7e:41:35:
cc:69:60:95:26:e9:35:80:f8:1d:35:53:c8:2a:d3:
02:fa:64:1e:e5:7c:a4:d6:7f:68:3a:b1:ad:1d:6b:
4f:45:30:38:e5:57:d6:97:66:4e:c8:b9:1c:79:f7:
09:c5:e3:b9:0e:14:ca:6f:d2:08:d2:a5:e0:89:6a:
8e:ed:3d:e1:47:59:8e:bf:75:d6:04:09:f2:57:c8:
c0:3c:48:06:5e:a6:f2:e4:00:54:46:ec:eb:38:95:
df:92:4b:42:44:4e:7c:da:c0:30:95:84:da:04:f8:
ad:ab:85:74:83:67:8f:df:1a:ca:ee:64:c4:dc:41:
ae:6b:00:e0:4b:c7:ba:1a:57:aa:13:46:17:8e:f8:
0f:66:b3:5a:c0:aa:fe:4f:c0:b3:50:31:52:76:ce:
23:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:8F:8E:D4:55:41:FF:23:A2:A5:01:E0:96:EE:10:A7:40:57:05:01
X509v3 Authority Key Identifier:
keyid:97:C9:0E:25:21:2D:88:7C:F9:E1:DE:6F:DD:F5:51:BA:81:2F:A1:39
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F367DFA4/08B8D82093AC11EBB1D2A832F8AEA228/l8kOJSEtiHz54d5v3fVRuoEvoTk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/l8kOJSEtiHz54d5v3fVRuoEvoTk.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F367DFA4/08B8D82093AC11EBB1D2A832F8AEA228/3384E600FE7A11F0939366BBDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.177.166.0/24
Signature Algorithm: sha256WithRSAEncryption
d0:3f:e4:46:db:46:f8:71:04:82:33:24:47:8c:0c:a0:e9:00:
d9:68:e8:6c:a1:84:48:21:16:a5:cc:d1:5b:23:76:e2:c2:28:
d1:6d:7e:f7:16:2a:42:4c:6a:8c:2e:c5:3f:97:5f:b7:35:8e:
a9:d8:e6:14:09:c5:c4:da:00:92:f1:2f:da:f9:c7:b5:47:f9:
a0:fd:b2:0b:39:e0:cc:d0:2f:ba:e2:ea:d3:0f:f6:ee:fb:86:
80:51:ff:43:2f:f3:fe:84:ad:83:08:2e:3a:af:d7:8d:57:80:
8c:0a:80:b8:1d:9a:ec:84:e8:67:a6:55:a2:d0:1e:f7:2f:99:
c7:f0:4c:f2:54:d4:44:e2:7e:b6:7a:db:56:9b:2f:10:2f:72:
8f:03:e4:c0:8d:e1:f4:68:0f:b0:a6:61:fe:73:af:c6:bc:b5:
fe:f5:48:35:1c:6b:72:fd:d0:37:97:94:53:ac:b6:dc:72:d0:
8e:4d:aa:08:66:fd:e6:49:71:6d:20:fc:61:10:99:ff:0f:dd:
87:89:79:8b:c0:b3:64:a2:c5:67:5f:a4:f9:22:d2:20:25:38:
7b:15:be:56:45:88:96:11:8f:68:40:8c:aa:73:36:82:55:1f:
05:22:87:3f:49:31:a7:1d:36:bc:45:eb:48:b9:9b:0a:db:17:
a5:af:03:e1
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICCK8wDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
N0RGQTRBRjExMC8GA1UEBRMoOTdDOTBFMjUyMTJEODg3Q0Y5RTFERTZGRERGNTUx
QkE4MTJGQTEzOTAeFw0yNjAxMzEwNzU1MjFaFw0yNjAzMDIwNzU1MjFaMBgxFjAU
BgNVBAMTDTY5N2RiNTZkLTIwYzAwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQCaxom4vykw+IhHC+WxU5xal0vLqNQ+Krj97RZP/QjDkxGrbLDO6JFAP0jp
O9kULULjDtTlvCrn4fG1g+ofXcIVwAuRF7d4tvtxNT4LGzBghIlHOjDSBf5c2GQG
7S2jB9fzh8H6dX5BNcxpYJUm6TWA+B01U8gq0wL6ZB7lfKTWf2g6sa0da09FMDjl
V9aXZk7IuRx59wnF47kOFMpv0gjSpeCJao7tPeFHWY6/ddYECfJXyMA8SAZepvLk
AFRG7Os4ld+SS0JETnzawDCVhNoE+K2rhXSDZ4/fGsruZMTcQa5rAOBLx7oaV6oT
RheO+A9ms1rAqv5PwLNQMVJ2ziP3AgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUc4+O
1FVB/yOipQHglu4Qp0BXBQEwHwYDVR0jBBgwFoAUl8kOJSEtiHz54d5v3fVRuoEv
oTkwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjdERkE0LzA4QjhEODIwOTNBQzExRUJCMUQyQTgzMkY4QUVBMjI4L2w4a09K
U0V0aUh6NTRkNXYzZlZSdW9Fdm9Uay5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL2w4a09KU0V0aUh6NTRkNXYzZlZSdW9Fdm9Uay5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjdERkE0LzA4QjhEODIwOTNBQzExRUJCMUQyQTgzMkY4
QUVBMjI4LzMzODRFNjAwRkU3QTExRjA5MzkzNjZCQkRBRTRFQzlDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABmsaYwDQYJKoZIhvcNAQEL
BQADggEBANA/5EbbRvhxBIIzJEeMDKDpANlo6GyhhEghFqXM0VsjduLCKNFtfvcW
KkJMaowuxT+XX7c1jqnY5hQJxcTaAJLxL9r5x7VH+aD9sgs54MzQL7ri6tMP9u77
hoBR/0Mv8/6ErYMILjqv141XgIwKgLgdmuyE6GemVaLQHvcvmcfwTPJU1ETifrZ6
21abLxAvco8D5MCN4fRoD7CmYf5zr8a8tf71SDUca3L90DeXlFOsttxy0I5Nqghm
/eZJcW0g/GEQmf8P3YeJeYvAs2SixWdfpPki0iAlOHsVvlZFiJYRj2hAjKpzNoJV
HwUihz9JMacdNrxF60i5mwrbF6WvA+E=
-----END CERTIFICATE-----
Generated at Mon Mar 2 08:09:46 2026 by rpki-client