Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36185D8/1C1348B45BD711EFAF2C3D5E762E951A/B721857E274011F1B7B4A1AADAE4EC9C.roa
File: B721857E274011F1B7B4A1AADAE4EC9C.roa (raw, json)
Hash identifier: M0E9A+YM5acTInIiLhaKFro4wGaQNKUlchNWtwILkCU=
Subject key identifier: FD:E8:A8:12:E8:AF:6D:17:50:D9:D6:A1:43:52:AC:54:72:FB:BD:C0
Certificate issuer: /CN=F36185D8AF/serialNumber=64D4BC3EAD919AE8A467329510B5204185335C52
Certificate serial: 025C
Authority key identifier: 64:D4:BC:3E:AD:91:9A:E8:A4:67:32:95:10:B5:20:41:85:33:5C:52
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/ZNS8Pq2RmuikZzKVELUgQYUzXFI.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36185D8/1C1348B45BD711EFAF2C3D5E762E951A/B721857E274011F1B7B4A1AADAE4EC9C.roa
Signing time: Tue 24 Mar 2026 05:17:13 +0000
ROA not before: Tue 24 Mar 2026 05:17:08 +0000
ROA not after: Wed 01 Mar 2028 05:17:08 +0000
asID: 329462
IP address blocks: 2c0f:820::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36185D8/1C1348B45BD711EFAF2C3D5E762E951A/ZNS8Pq2RmuikZzKVELUgQYUzXFI.crl
rsync://rpki.afrinic.net/repository/member_repository/F36185D8/1C1348B45BD711EFAF2C3D5E762E951A/ZNS8Pq2RmuikZzKVELUgQYUzXFI.mft
rsync://rpki.afrinic.net/repository/afrinic/ZNS8Pq2RmuikZzKVELUgQYUzXFI.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 28 Mar 2026 00:07:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 604 (0x25c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36185D8AF, serialNumber=64D4BC3EAD919AE8A467329510B5204185335C52
Validity
Not Before: Mar 24 05:17:08 2026 GMT
Not After : Mar 1 05:17:08 2028 GMT
Subject: CN=69c21e59-f75c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:36:b0:2d:47:5c:c9:0f:81:57:48:30:cd:0f:
62:3d:5f:f0:5a:68:12:82:75:51:11:3e:b6:2c:30:
29:b7:5c:14:1f:c9:4f:b2:87:a4:b4:47:55:63:d0:
06:a1:8f:54:5a:37:89:5f:13:28:16:25:f0:4c:c7:
09:82:db:a8:66:49:a0:b9:6b:1a:55:3d:7b:17:d8:
d0:db:f0:f2:d2:5e:ef:b7:8d:24:8a:06:a7:ab:38:
5a:bb:aa:e6:de:32:2f:2c:10:f6:67:5c:7c:52:34:
d2:fb:b1:d2:9b:53:4b:17:f7:e8:e1:d2:2a:e1:e4:
8b:c9:0d:1a:77:24:31:5e:0e:82:29:aa:90:37:7a:
a8:6e:f9:93:37:36:2d:77:e9:25:cf:f1:db:76:51:
2f:10:4a:d3:5a:46:b1:08:0f:46:19:50:e6:f9:48:
07:f2:7a:65:08:7c:69:3e:4a:a6:1d:e5:e4:5f:5c:
e7:fd:1d:be:78:5e:5d:d9:3b:ad:40:dd:18:ae:40:
0e:e7:f4:fd:f1:d0:c9:ab:dd:70:13:22:91:c6:d9:
3a:dc:dc:7e:09:a5:05:b5:01:b6:56:79:d4:4f:f1:
62:0c:50:6c:1e:17:1a:58:b2:b9:dd:d6:ba:6f:48:
27:c6:d8:1a:e3:7d:f3:8c:92:52:db:d1:c7:56:d9:
33:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:E8:A8:12:E8:AF:6D:17:50:D9:D6:A1:43:52:AC:54:72:FB:BD:C0
X509v3 Authority Key Identifier:
keyid:64:D4:BC:3E:AD:91:9A:E8:A4:67:32:95:10:B5:20:41:85:33:5C:52
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36185D8/1C1348B45BD711EFAF2C3D5E762E951A/ZNS8Pq2RmuikZzKVELUgQYUzXFI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/ZNS8Pq2RmuikZzKVELUgQYUzXFI.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36185D8/1C1348B45BD711EFAF2C3D5E762E951A/B721857E274011F1B7B4A1AADAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv6:
2c0f:820::/32
Signature Algorithm: sha256WithRSAEncryption
ae:2e:b6:62:cf:f3:df:5d:33:62:4d:41:cf:f5:a5:26:be:15:
eb:2a:e8:df:52:18:c5:c3:27:f8:a5:3f:6a:eb:1a:ad:5a:75:
d6:12:06:14:51:85:b9:39:af:18:1b:19:9f:c8:76:cb:44:86:
bb:9f:23:ad:3d:dc:96:a6:85:bb:07:08:06:09:0e:4e:7b:6d:
23:6d:44:aa:8a:2c:34:a5:99:87:05:de:97:ee:1b:e0:12:10:
83:1a:c1:04:20:ae:81:cd:c2:29:59:b0:14:30:86:b9:29:10:
82:a1:6d:b9:ba:e9:61:b0:8a:14:61:d2:12:48:df:68:c8:a3:
bb:22:2c:b1:b1:36:c7:0e:ed:48:1e:03:93:54:2f:41:eb:ec:
5c:5d:cc:d7:5f:03:d0:3c:32:13:85:64:7b:b8:8b:b0:da:c2:
99:a8:08:73:93:1f:d9:22:cb:b9:72:51:60:93:95:85:7e:1f:
de:7e:bd:27:0d:b9:d9:33:0c:20:70:88:3d:82:bc:dd:91:be:
44:80:e2:94:82:94:96:db:13:8d:c2:7b:a1:96:1c:16:d3:a9:
57:91:96:af:e1:07:60:e9:ec:2e:9e:3e:b5:9b:dc:5f:5e:41:
94:43:00:88:60:7b:dd:52:7f:35:26:88:e1:0b:d7:fd:93:a5:
f9:ed:8b:ed
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICAlwwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
MTg1RDhBRjExMC8GA1UEBRMoNjRENEJDM0VBRDkxOUFFOEE0NjczMjk1MTBCNTIw
NDE4NTMzNUM1MjAeFw0yNjAzMjQwNTE3MDhaFw0yODAzMDEwNTE3MDhaMBgxFjAU
BgNVBAMTDTY5YzIxZTU5LWY3NWMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQC+NrAtR1zJD4FXSDDND2I9X/BaaBKCdVERPrYsMCm3XBQfyU+yh6S0R1Vj
0Aahj1RaN4lfEygWJfBMxwmC26hmSaC5axpVPXsX2NDb8PLSXu+3jSSKBqerOFq7
qubeMi8sEPZnXHxSNNL7sdKbU0sX9+jh0irh5IvJDRp3JDFeDoIpqpA3eqhu+ZM3
Ni136SXP8dt2US8QStNaRrEID0YZUOb5SAfyemUIfGk+SqYd5eRfXOf9Hb54Xl3Z
O61A3RiuQA7n9P3x0Mmr3XATIpHG2Trc3H4JpQW1AbZWedRP8WIMUGweFxpYsrnd
1rpvSCfG2BrjffOMklLb0cdW2TNTAgMBAAGjggKmMIICojAdBgNVHQ4EFgQU/eio
EuivbRdQ2dahQ1KsVHL7vcAwHwYDVR0jBBgwFoAUZNS8Pq2RmuikZzKVELUgQYUz
XFIwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjE4NUQ4LzFDMTM0OEI0NUJENzExRUZBRjJDM0Q1RTc2MkU5NTFBL1pOUzhQ
cTJSbXVpa1p6S1ZFTFVnUVlVelhGSS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL1pOUzhQcTJSbXVpa1p6S1ZFTFVnUVlVelhGSS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjE4NUQ4LzFDMTM0OEI0NUJENzExRUZBRjJDM0Q1RTc2
MkU5NTFBL0I3MjE4NTdFMjc0MDExRjFCN0I0QTFBQURBRTRFQzlDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwIAYIKwYBBQUHAQcBAf8EETAPMA0EAgACMAcDBQAsDwggMA0GCSqGSIb3DQEB
CwUAA4IBAQCuLrZiz/PfXTNiTUHP9aUmvhXrKujfUhjFwyf4pT9q6xqtWnXWEgYU
UYW5Oa8YGxmfyHbLRIa7nyOtPdyWpoW7BwgGCQ5Oe20jbUSqiiw0pZmHBd6X7hvg
EhCDGsEEIK6BzcIpWbAUMIa5KRCCoW25uulhsIoUYdISSN9oyKO7IiyxsTbHDu1I
HgOTVC9B6+xcXczXXwPQPDIThWR7uIuw2sKZqAhzkx/ZIsu5clFgk5WFfh/efr0n
DbnZMwwgcIg9grzdkb5EgOKUgpSW2xONwnuhlhwW06lXkZav4Qdg6ewunj61m9xf
XkGUQwCIYHvdUn81JojhC9f9k6X57Yvt
-----END CERTIFICATE-----
Generated at Fri Mar 27 00:18:58 2026 by rpki-client