Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F367DFA4/08B8D82093AC11EBB1D2A832F8AEA228/CF81CC3AFE7A11F0B4B985BDDAE4EC9C.roa
File: CF81CC3AFE7A11F0B4B985BDDAE4EC9C.roa (raw, json)
Hash identifier: 8w3/imc11Q2ZdBQ5TY2aN2iI3SuzfxXhHbBPc/sBT6s=
Subject key identifier: B4:E8:91:9A:AF:43:66:33:C1:AF:A7:7E:68:38:DB:A0:A6:E1:3A:58
Certificate issuer: /CN=F367DFA4AF/serialNumber=97C90E25212D887CF9E1DE6FDDF551BA812FA139
Certificate serial: 08B5
Authority key identifier: 97:C9:0E:25:21:2D:88:7C:F9:E1:DE:6F:DD:F5:51:BA:81:2F:A1:39
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/l8kOJSEtiHz54d5v3fVRuoEvoTk.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F367DFA4/08B8D82093AC11EBB1D2A832F8AEA228/CF81CC3AFE7A11F0B4B985BDDAE4EC9C.roa
Signing time: Sat 31 Jan 2026 07:59:47 +0000
ROA not before: Sat 31 Jan 2026 07:59:42 +0000
ROA not after: Mon 02 Mar 2026 07:59:42 +0000
asID: 22724
IP address blocks: 102.177.168.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2229 (0x8b5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F367DFA4AF, serialNumber=97C90E25212D887CF9E1DE6FDDF551BA812FA139
Validity
Not Before: Jan 31 07:59:42 2026 GMT
Not After : Mar 2 07:59:42 2026 GMT
Subject: CN=697db673-db07
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:2b:55:1e:62:dd:f6:4e:cc:90:f2:0d:d3:62:
94:28:f6:3e:9b:cf:61:fa:27:c7:db:af:a4:a1:a8:
0c:5a:d9:ad:d4:7f:01:c2:80:20:fd:aa:72:8b:23:
60:5e:53:34:e1:28:71:0b:75:7e:7c:d0:14:81:1d:
1f:ab:45:c6:ad:f1:10:e7:3f:91:da:2b:5d:5a:91:
3b:bd:45:21:20:3c:55:f6:94:52:b1:b3:a3:b3:89:
74:5e:02:9d:60:bc:3a:4a:c0:de:f1:e9:70:88:92:
de:8c:fa:02:0c:1c:24:23:0d:4d:30:64:9d:8f:0a:
26:1f:e9:6a:e9:54:78:b1:13:62:8c:3b:65:94:43:
b6:5a:04:28:4a:65:39:ba:f9:78:d2:d9:15:3a:de:
14:16:73:1f:a4:0f:60:ba:9c:12:05:91:6e:51:c9:
5c:46:6a:98:25:d7:2b:4c:14:d3:97:b9:85:d2:90:
01:d0:07:20:b3:cd:76:54:05:a0:32:d1:8f:75:45:
5a:a1:fd:b0:ac:0e:af:bd:23:32:b1:3c:5f:59:b0:
11:4a:95:d9:85:bc:b3:3c:fe:e8:9e:db:71:6e:7c:
a8:b2:46:5a:0c:6e:b2:e3:2d:3c:4b:3b:ca:0f:b5:
2a:b2:d9:94:0e:3b:19:fc:13:14:0b:2b:39:c9:9d:
3d:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:E8:91:9A:AF:43:66:33:C1:AF:A7:7E:68:38:DB:A0:A6:E1:3A:58
X509v3 Authority Key Identifier:
keyid:97:C9:0E:25:21:2D:88:7C:F9:E1:DE:6F:DD:F5:51:BA:81:2F:A1:39
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F367DFA4/08B8D82093AC11EBB1D2A832F8AEA228/l8kOJSEtiHz54d5v3fVRuoEvoTk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/l8kOJSEtiHz54d5v3fVRuoEvoTk.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F367DFA4/08B8D82093AC11EBB1D2A832F8AEA228/CF81CC3AFE7A11F0B4B985BDDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.177.168.0/24
Signature Algorithm: sha256WithRSAEncryption
5d:53:a5:82:e7:b4:2c:5e:41:0c:30:b3:63:14:4d:62:11:41:
0b:5b:ab:61:5e:a7:3f:18:22:ef:e6:db:d3:dd:bd:0d:c4:45:
d0:d8:e0:c0:e2:57:d2:ca:5c:1c:af:d7:bb:11:d6:dd:b0:d5:
eb:53:e0:d2:55:86:93:a3:45:68:9a:06:51:f4:64:32:5e:4b:
11:fd:57:9d:ad:67:66:e4:78:8a:dc:bf:fe:04:55:20:d8:6e:
79:66:6b:6a:ee:1f:e5:b7:c1:c9:99:d5:05:dd:1d:19:17:be:
5a:91:48:aa:a3:33:43:00:86:a2:3b:16:56:38:97:eb:65:0f:
2a:f4:4e:cc:83:41:f1:fc:b4:01:53:73:85:8b:80:03:cc:cf:
72:a1:e0:19:9b:16:e9:f4:50:5e:82:4b:5d:c6:60:39:b1:36:
13:20:b8:e8:8b:93:cf:fe:03:fd:0f:40:00:df:9f:94:58:5d:
34:99:62:2c:e7:20:e6:35:66:3c:aa:37:f2:83:f0:d1:1b:a6:
66:e3:e9:15:ee:82:a4:77:ad:f4:a5:50:20:0d:33:09:74:6d:
16:ed:02:e9:3d:a9:9f:24:8f:f0:21:e0:8b:13:a1:db:84:f0:
a7:24:54:73:28:e2:ec:62:25:c0:ad:3b:ef:6f:26:de:4c:03:
56:55:29:30
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICCLUwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
N0RGQTRBRjExMC8GA1UEBRMoOTdDOTBFMjUyMTJEODg3Q0Y5RTFERTZGRERGNTUx
QkE4MTJGQTEzOTAeFw0yNjAxMzEwNzU5NDJaFw0yNjAzMDIwNzU5NDJaMBgxFjAU
BgNVBAMTDTY5N2RiNjczLWRiMDcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDkK1UeYt32TsyQ8g3TYpQo9j6bz2H6J8fbr6ShqAxa2a3UfwHCgCD9qnKL
I2BeUzThKHELdX580BSBHR+rRcat8RDnP5HaK11akTu9RSEgPFX2lFKxs6OziXRe
Ap1gvDpKwN7x6XCIkt6M+gIMHCQjDU0wZJ2PCiYf6WrpVHixE2KMO2WUQ7ZaBChK
ZTm6+XjS2RU63hQWcx+kD2C6nBIFkW5RyVxGapgl1ytMFNOXuYXSkAHQByCzzXZU
BaAy0Y91RVqh/bCsDq+9IzKxPF9ZsBFKldmFvLM8/uie23FufKiyRloMbrLjLTxL
O8oPtSqy2ZQOOxn8ExQLKznJnT2PAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUtOiR
mq9DZjPBr6d+aDjboKbhOlgwHwYDVR0jBBgwFoAUl8kOJSEtiHz54d5v3fVRuoEv
oTkwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjdERkE0LzA4QjhEODIwOTNBQzExRUJCMUQyQTgzMkY4QUVBMjI4L2w4a09K
U0V0aUh6NTRkNXYzZlZSdW9Fdm9Uay5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL2w4a09KU0V0aUh6NTRkNXYzZlZSdW9Fdm9Uay5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjdERkE0LzA4QjhEODIwOTNBQzExRUJCMUQyQTgzMkY4
QUVBMjI4L0NGODFDQzNBRkU3QTExRjBCNEI5ODVCRERBRTRFQzlDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABmsagwDQYJKoZIhvcNAQEL
BQADggEBAF1TpYLntCxeQQwws2MUTWIRQQtbq2Fepz8YIu/m29PdvQ3ERdDY4MDi
V9LKXByv17sR1t2w1etT4NJVhpOjRWiaBlH0ZDJeSxH9V52tZ2bkeIrcv/4EVSDY
bnlma2ruH+W3wcmZ1QXdHRkXvlqRSKqjM0MAhqI7FlY4l+tlDyr0TsyDQfH8tAFT
c4WLgAPMz3Kh4BmbFun0UF6CS13GYDmxNhMguOiLk8/+A/0PQADfn5RYXTSZYizn
IOY1ZjyqN/KD8NEbpmbj6RXugqR3rfSlUCANMwl0bRbtAuk9qZ8kj/Ah4IsToduE
8KckVHMo4uxiJcCtO+9vJt5MA1ZVKTA=
-----END CERTIFICATE-----
Generated at Mon Mar 2 14:52:58 2026 by rpki-client