Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F367DFA4/08B8D82093AC11EBB1D2A832F8AEA228/9C3DCA5AFE7911F0B10C56B7DAE4EC9C.roa
File: 9C3DCA5AFE7911F0B10C56B7DAE4EC9C.roa (raw, json)
Hash identifier: ILo9m+fqFiquyud/+FQos+rjyrHiV9PCIgKWBtInBsA=
Subject key identifier: 4B:DC:D5:DA:EA:5B:89:C3:04:38:00:0F:2D:7C:F3:0C:64:93:96:3C
Certificate issuer: /CN=F367DFA4AF/serialNumber=97C90E25212D887CF9E1DE6FDDF551BA812FA139
Certificate serial: 08AB
Authority key identifier: 97:C9:0E:25:21:2D:88:7C:F9:E1:DE:6F:DD:F5:51:BA:81:2F:A1:39
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/l8kOJSEtiHz54d5v3fVRuoEvoTk.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F367DFA4/08B8D82093AC11EBB1D2A832F8AEA228/9C3DCA5AFE7911F0B10C56B7DAE4EC9C.roa
Signing time: Sat 31 Jan 2026 07:51:12 +0000
ROA not before: Sat 31 Jan 2026 07:51:07 +0000
ROA not after: Mon 02 Mar 2026 07:51:07 +0000
asID: 22724
IP address blocks: 102.177.160.0/20 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2219 (0x8ab)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F367DFA4AF, serialNumber=97C90E25212D887CF9E1DE6FDDF551BA812FA139
Validity
Not Before: Jan 31 07:51:07 2026 GMT
Not After : Mar 2 07:51:07 2026 GMT
Subject: CN=697db470-2027
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:d0:1e:8f:01:4a:77:47:2d:a0:9a:15:6d:ba:
76:6c:22:a5:e6:a3:3f:a6:5b:c5:2b:86:36:62:0d:
62:d9:29:b3:41:66:8e:0c:36:01:23:35:91:c3:d6:
d0:17:92:a9:ab:c6:69:2a:23:e6:d8:db:5f:69:bf:
48:22:c4:bb:42:90:85:a6:d7:ec:0b:34:c2:d3:c6:
2a:2f:c7:e4:d8:70:68:6c:80:2d:ec:6c:6e:96:35:
27:90:e2:d7:12:ba:1c:c6:36:35:44:41:e1:c3:2e:
31:3f:89:5c:a5:55:92:53:79:8d:3d:03:6b:1e:fb:
a8:d2:11:46:9a:eb:fc:4d:37:9a:a2:48:8b:7a:3b:
00:81:d3:ac:b1:18:32:d8:74:8a:cd:b3:66:f9:13:
13:76:e8:d5:5b:3c:cf:a0:cf:12:d5:ac:1c:f1:81:
f0:12:c4:13:1c:1e:df:20:e3:b6:72:55:6d:ac:81:
8d:ce:70:9d:67:21:55:4a:e7:09:2e:da:0d:31:fb:
89:27:23:c9:e8:c3:ae:28:eb:79:04:19:ab:d6:20:
0b:86:4a:7c:4b:31:b5:c4:5d:b4:80:6c:76:47:dc:
d6:a7:01:bd:c6:00:37:88:e9:c8:8c:d5:67:80:e1:
36:be:0b:02:c2:82:4c:b5:3d:ee:cd:ee:ed:c9:30:
60:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:DC:D5:DA:EA:5B:89:C3:04:38:00:0F:2D:7C:F3:0C:64:93:96:3C
X509v3 Authority Key Identifier:
keyid:97:C9:0E:25:21:2D:88:7C:F9:E1:DE:6F:DD:F5:51:BA:81:2F:A1:39
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F367DFA4/08B8D82093AC11EBB1D2A832F8AEA228/l8kOJSEtiHz54d5v3fVRuoEvoTk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/l8kOJSEtiHz54d5v3fVRuoEvoTk.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F367DFA4/08B8D82093AC11EBB1D2A832F8AEA228/9C3DCA5AFE7911F0B10C56B7DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.177.160.0/20
Signature Algorithm: sha256WithRSAEncryption
1c:09:b2:6d:4a:91:79:c7:3f:c6:7e:ad:0b:8a:33:72:a7:56:
73:ad:b1:2b:f9:8f:09:d6:28:cf:09:8c:ff:fb:3a:3e:e6:31:
58:8e:19:f1:ef:3a:6c:7b:e0:9f:cb:f1:62:91:ae:14:b6:bb:
67:11:5d:cd:d1:5d:f5:da:c7:51:3f:8c:c9:d8:9f:58:ae:d4:
56:af:e5:2d:a9:d4:1f:05:1c:cd:03:c7:27:2f:7d:c0:13:00:
6d:83:8e:93:5c:f4:6e:6b:86:15:90:08:c0:79:8c:8b:51:2b:
b5:b7:53:f6:4c:24:52:f1:88:ce:88:8e:03:d2:47:40:2d:8d:
78:d1:e4:5e:0a:d8:ac:59:25:7d:60:11:fe:b4:b8:30:06:c1:
f5:59:fc:3e:29:b4:95:8a:6b:32:6c:39:96:1b:a6:d1:af:30:
8b:9b:e8:52:fe:69:0c:8c:08:fc:f0:8f:11:83:a9:21:7a:29:
cb:eb:26:62:51:a3:d7:53:a1:16:c8:26:82:bf:70:90:bd:df:
2c:a4:3a:10:04:59:39:86:ba:d2:13:ae:5c:e4:54:93:d5:de:
91:f2:f6:63:e0:2c:20:d4:8d:11:94:ed:d0:f6:41:ab:31:0c:
4a:d0:6b:9b:74:78:fd:ca:67:96:50:27:52:f9:e6:37:6b:07:
c3:7b:b2:df
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICCKswDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
N0RGQTRBRjExMC8GA1UEBRMoOTdDOTBFMjUyMTJEODg3Q0Y5RTFERTZGRERGNTUx
QkE4MTJGQTEzOTAeFw0yNjAxMzEwNzUxMDdaFw0yNjAzMDIwNzUxMDdaMBgxFjAU
BgNVBAMTDTY5N2RiNDcwLTIwMjcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDG0B6PAUp3Ry2gmhVtunZsIqXmoz+mW8UrhjZiDWLZKbNBZo4MNgEjNZHD
1tAXkqmrxmkqI+bY219pv0gixLtCkIWm1+wLNMLTxiovx+TYcGhsgC3sbG6WNSeQ
4tcSuhzGNjVEQeHDLjE/iVylVZJTeY09A2se+6jSEUaa6/xNN5qiSIt6OwCB06yx
GDLYdIrNs2b5ExN26NVbPM+gzxLVrBzxgfASxBMcHt8g47ZyVW2sgY3OcJ1nIVVK
5wku2g0x+4knI8now64o63kEGavWIAuGSnxLMbXEXbSAbHZH3NanAb3GADeI6ciM
1WeA4Ta+CwLCgky1Pe7N7u3JMGCJAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUS9zV
2upbicMEOAAPLXzzDGSTljwwHwYDVR0jBBgwFoAUl8kOJSEtiHz54d5v3fVRuoEv
oTkwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjdERkE0LzA4QjhEODIwOTNBQzExRUJCMUQyQTgzMkY4QUVBMjI4L2w4a09K
U0V0aUh6NTRkNXYzZlZSdW9Fdm9Uay5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL2w4a09KU0V0aUh6NTRkNXYzZlZSdW9Fdm9Uay5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjdERkE0LzA4QjhEODIwOTNBQzExRUJCMUQyQTgzMkY4
QUVBMjI4LzlDM0RDQTVBRkU3OTExRjBCMTBDNTZCN0RBRTRFQzlDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBARmsaAwDQYJKoZIhvcNAQEL
BQADggEBABwJsm1KkXnHP8Z+rQuKM3KnVnOtsSv5jwnWKM8JjP/7Oj7mMViOGfHv
Omx74J/L8WKRrhS2u2cRXc3RXfXax1E/jMnYn1iu1Fav5S2p1B8FHM0DxycvfcAT
AG2DjpNc9G5rhhWQCMB5jItRK7W3U/ZMJFLxiM6IjgPSR0AtjXjR5F4K2KxZJX1g
Ef60uDAGwfVZ/D4ptJWKazJsOZYbptGvMIub6FL+aQyMCPzwjxGDqSF6KcvrJmJR
o9dToRbIJoK/cJC93yykOhAEWTmGutITrlzkVJPV3pHy9mPgLCDUjRGU7dD2Qasx
DErQa5t0eP3KZ5ZQJ1L55jdrB8N7st8=
-----END CERTIFICATE-----
Generated at Mon Mar 2 08:08:51 2026 by rpki-client