Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F361C3A1/2D96772EE0D011E88AE6071CF8AEA228/F3EC743C187C11F1A4A99A8EDAE4EC9C.roa
File: F3EC743C187C11F1A4A99A8EDAE4EC9C.roa (raw, json)
Hash identifier: 4VygvVhLx7+KOSC9EeJup6TPuBSZ6sqghpeBeI1rIHk=
Subject key identifier: 3C:B6:DC:E7:83:58:6E:7B:1B:FA:02:9C:0B:AC:92:FA:6B:6C:91:12
Certificate issuer: /CN=F361C3A1AF/serialNumber=90E9887791CF2D960501F8AEDE24A2334ABA5403
Certificate serial: 0ACF
Authority key identifier: 90:E9:88:77:91:CF:2D:96:05:01:F8:AE:DE:24:A2:33:4A:BA:54:03
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/kOmId5HPLZYFAfiu3iSiM0q6VAM.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F361C3A1/2D96772EE0D011E88AE6071CF8AEA228/F3EC743C187C11F1A4A99A8EDAE4EC9C.roa
Signing time: Thu 05 Mar 2026 10:20:37 +0000
ROA not before: Thu 05 Mar 2026 10:20:33 +0000
ROA not after: Wed 05 Mar 2036 10:20:33 +0000
asID: 36915
IP address blocks: 2001:4370::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F361C3A1/2D96772EE0D011E88AE6071CF8AEA228/kOmId5HPLZYFAfiu3iSiM0q6VAM.crl
rsync://rpki.afrinic.net/repository/member_repository/F361C3A1/2D96772EE0D011E88AE6071CF8AEA228/kOmId5HPLZYFAfiu3iSiM0q6VAM.mft
rsync://rpki.afrinic.net/repository/afrinic/kOmId5HPLZYFAfiu3iSiM0q6VAM.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 29 Mar 2026 00:06:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2767 (0xacf)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F361C3A1AF, serialNumber=90E9887791CF2D960501F8AEDE24A2334ABA5403
Validity
Not Before: Mar 5 10:20:33 2026 GMT
Not After : Mar 5 10:20:33 2036 GMT
Subject: CN=69a958f5-887a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:94:6b:12:8b:94:3a:50:d3:21:e9:44:0e:cd:
81:5b:f4:77:07:fe:07:11:b1:d1:27:dd:f5:d0:ca:
ee:19:17:37:6d:e7:42:fd:f2:c0:e0:22:b9:3f:32:
8c:a6:7d:c6:99:63:fe:af:76:86:0c:76:22:2d:62:
90:4e:d5:2c:ff:ee:f4:38:17:1c:ad:2b:a8:94:84:
8f:0b:7b:17:6e:29:34:12:9c:86:37:54:8c:b9:3f:
d9:44:62:21:5a:9f:c4:77:7d:6f:13:b1:67:4a:1c:
ab:82:42:b6:5b:ba:cf:6a:44:74:bc:43:aa:d3:1d:
1d:a6:bf:65:13:02:24:2b:de:b2:1e:a4:39:98:1c:
09:93:08:e4:c7:54:4e:0d:d1:08:9e:3f:09:55:41:
40:5a:05:e4:4b:50:ae:6c:ba:44:c4:8e:a1:ff:41:
12:c8:ef:5f:ee:38:5c:5b:76:e8:79:bb:ab:e3:f2:
cf:bd:cb:6b:74:06:9c:c6:25:6f:8f:82:ec:6a:92:
de:e0:3b:40:e4:0f:1d:08:42:58:c9:5a:72:f1:9b:
7e:0f:d7:33:cd:97:27:d2:83:20:1b:c4:52:34:8a:
a1:5c:51:63:6a:a8:55:d8:b2:78:37:f0:a4:93:19:
cf:0f:19:0e:77:35:ca:28:5e:9f:db:21:2e:83:d8:
fb:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:B6:DC:E7:83:58:6E:7B:1B:FA:02:9C:0B:AC:92:FA:6B:6C:91:12
X509v3 Authority Key Identifier:
keyid:90:E9:88:77:91:CF:2D:96:05:01:F8:AE:DE:24:A2:33:4A:BA:54:03
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F361C3A1/2D96772EE0D011E88AE6071CF8AEA228/kOmId5HPLZYFAfiu3iSiM0q6VAM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/kOmId5HPLZYFAfiu3iSiM0q6VAM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F361C3A1/2D96772EE0D011E88AE6071CF8AEA228/F3EC743C187C11F1A4A99A8EDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv6:
2001:4370::/32
Signature Algorithm: sha256WithRSAEncryption
6c:c0:e0:8a:17:d1:39:2b:fe:7c:42:29:6d:7a:b4:53:72:17:
ee:c1:eb:dd:59:78:7e:60:35:49:ed:79:50:bb:db:49:c5:84:
02:03:ea:7f:f6:7d:18:f9:f2:ad:9e:a5:3a:74:0f:18:6b:7e:
1c:4d:54:ad:04:8b:39:4a:b5:c5:56:b0:30:83:77:c0:27:d5:
1a:66:a7:12:91:1a:23:bf:fa:ca:21:19:94:a3:90:f9:70:88:
39:f4:e7:1c:33:46:81:de:4b:ff:01:ca:75:36:eb:ad:c5:57:
bb:40:ef:a5:a2:e4:e4:7f:5d:2b:d5:56:9f:6f:a0:7d:d9:70:
aa:c7:ac:6c:14:20:26:ab:9f:c5:c0:89:c2:4b:19:2d:51:79:
25:a1:32:eb:b7:92:ed:6b:dd:88:2a:16:b4:8a:c1:a4:55:0e:
d8:0e:e1:dc:ab:95:04:bb:e6:77:5a:49:11:5e:5f:a3:4f:5e:
9e:de:6d:e5:a9:49:d0:f5:d9:2a:6e:e4:e4:d5:55:51:68:94:
7f:f6:00:9e:54:f1:16:5d:71:12:56:d5:8c:bb:f9:d5:9f:db:
30:32:be:5f:f6:1b:27:5b:6c:ef:1c:84:26:93:0b:42:58:5d:
e7:0a:72:f0:5b:37:64:5a:8e:fd:4b:f8:3b:6d:3e:a3:b7:37:
1d:ff:69:41
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICCs8wDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
MUMzQTFBRjExMC8GA1UEBRMoOTBFOTg4Nzc5MUNGMkQ5NjA1MDFGOEFFREUyNEEy
MzM0QUJBNTQwMzAeFw0yNjAzMDUxMDIwMzNaFw0zNjAzMDUxMDIwMzNaMBgxFjAU
BgNVBAMTDTY5YTk1OGY1LTg4N2EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQC3lGsSi5Q6UNMh6UQOzYFb9HcH/gcRsdEn3fXQyu4ZFzdt50L98sDgIrk/
MoymfcaZY/6vdoYMdiItYpBO1Sz/7vQ4FxytK6iUhI8LexduKTQSnIY3VIy5P9lE
YiFan8R3fW8TsWdKHKuCQrZbus9qRHS8Q6rTHR2mv2UTAiQr3rIepDmYHAmTCOTH
VE4N0QiePwlVQUBaBeRLUK5sukTEjqH/QRLI71/uOFxbduh5u6vj8s+9y2t0BpzG
JW+Pguxqkt7gO0DkDx0IQljJWnLxm34P1zPNlyfSgyAbxFI0iqFcUWNqqFXYsng3
8KSTGc8PGQ53NcooXp/bIS6D2Pt1AgMBAAGjggKmMIICojAdBgNVHQ4EFgQUPLbc
54NYbnsb+gKcC6yS+mtskRIwHwYDVR0jBBgwFoAUkOmId5HPLZYFAfiu3iSiM0q6
VAMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjFDM0ExLzJEOTY3NzJFRTBEMDExRTg4QUU2MDcxQ0Y4QUVBMjI4L2tPbUlk
NUhQTFpZRkFmaXUzaVNpTTBxNlZBTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL2tPbUlkNUhQTFpZRkFmaXUzaVNpTTBxNlZBTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjFDM0ExLzJEOTY3NzJFRTBEMDExRTg4QUU2MDcxQ0Y4
QUVBMjI4L0YzRUM3NDNDMTg3QzExRjFBNEE5OUE4RURBRTRFQzlDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwIAYIKwYBBQUHAQcBAf8EETAPMA0EAgACMAcDBQAgAUNwMA0GCSqGSIb3DQEB
CwUAA4IBAQBswOCKF9E5K/58QilterRTchfuwevdWXh+YDVJ7XlQu9tJxYQCA+p/
9n0Y+fKtnqU6dA8Ya34cTVStBIs5SrXFVrAwg3fAJ9UaZqcSkRojv/rKIRmUo5D5
cIg59OccM0aB3kv/Acp1NuutxVe7QO+louTkf10r1Vafb6B92XCqx6xsFCAmq5/F
wInCSxktUXkloTLrt5Lta92IKha0isGkVQ7YDuHcq5UEu+Z3WkkRXl+jT16e3m3l
qUnQ9dkqbuTk1VVRaJR/9gCeVPEWXXESVtWMu/nVn9swMr5f9hsnW2zvHIQmkwtC
WF3nCnLwWzdkWo79S/g7bT6jtzcd/2lB
-----END CERTIFICATE-----
Generated at Fri Mar 27 05:06:30 2026 by rpki-client