Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F361CA27/65AC04E001C911F1AF2D178EDAE4EC9C/2B610E664D3C11F18C134902CF1D38B0.roa
File: 2B610E664D3C11F18C134902CF1D38B0.roa (raw, json)
Hash identifier: x3pSDcWYc8zAV86L7GhVIjHtAFKuBpwByXKUI7sjVlQ=
Subject key identifier: 29:D5:3A:2F:4E:94:94:0B:C3:B8:6B:AE:34:71:8B:EB:2B:2B:F2:D7
Certificate issuer: /CN=F361CA27AF/serialNumber=90BE0185B927C882A5E9F7AA365E935CBF4559F8
Certificate serial: 65
Authority key identifier: 90:BE:01:85:B9:27:C8:82:A5:E9:F7:AA:36:5E:93:5C:BF:45:59:F8
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/kL4BhbknyIKl6feqNl6TXL9FWfg.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F361CA27/65AC04E001C911F1AF2D178EDAE4EC9C/2B610E664D3C11F18C134902CF1D38B0.roa
Signing time: Mon 11 May 2026 13:20:25 +0000
ROA not before: Mon 11 May 2026 13:20:20 +0000
ROA not after: Tue 11 May 2027 13:20:20 +0000
asID: 329615
IP address blocks: 2c0f:33c0::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F361CA27/65AC04E001C911F1AF2D178EDAE4EC9C/kL4BhbknyIKl6feqNl6TXL9FWfg.crl
rsync://rpki.afrinic.net/repository/member_repository/F361CA27/65AC04E001C911F1AF2D178EDAE4EC9C/kL4BhbknyIKl6feqNl6TXL9FWfg.mft
rsync://rpki.afrinic.net/repository/afrinic/kL4BhbknyIKl6feqNl6TXL9FWfg.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 15 May 2026 05:28:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 101 (0x65)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F361CA27AF, serialNumber=90BE0185B927C882A5E9F7AA365E935CBF4559F8
Validity
Not Before: May 11 13:20:20 2026 GMT
Not After : May 11 13:20:20 2027 GMT
Subject: CN=6a01d799-3471
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:ab:77:ad:d1:b4:dd:7b:9e:08:9d:72:4f:9b:
bb:ae:d7:2d:1d:1d:21:bc:22:52:4e:1c:d2:1c:b5:
c5:10:6d:45:22:94:8a:cc:7a:39:f9:a3:cb:47:af:
bd:0e:60:0a:21:d4:e8:f5:05:12:27:b4:94:73:92:
32:14:e8:62:a6:4a:35:4d:8e:52:e4:db:82:c7:e5:
83:51:60:40:0e:56:cd:4a:21:9d:39:e1:36:de:41:
0f:10:48:53:22:e4:0e:f2:5a:10:6a:00:79:e1:06:
04:db:d7:0e:ea:1c:66:66:c8:0a:55:9e:7b:ac:4b:
73:ac:2f:27:37:19:12:41:54:2a:29:92:e5:96:62:
ec:e6:ce:ee:b6:e5:d7:48:a9:75:c4:90:b5:4c:38:
30:dd:22:54:1c:58:13:73:0d:3d:ff:21:a5:36:8b:
d4:45:dc:39:80:38:da:8c:30:c1:b2:8e:e0:53:7b:
fb:6f:b7:c7:b3:57:ea:08:81:8c:7b:66:68:8e:d0:
8e:57:af:03:b6:80:e2:83:3d:65:cf:95:02:df:c1:
16:a9:2f:a4:92:a4:fd:20:73:d8:b0:a5:a5:d6:70:
00:64:3f:73:87:91:2f:eb:f4:63:1d:e4:f1:3f:37:
40:e1:ba:1c:99:70:9b:f0:4c:97:c9:f0:54:67:8d:
af:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:D5:3A:2F:4E:94:94:0B:C3:B8:6B:AE:34:71:8B:EB:2B:2B:F2:D7
X509v3 Authority Key Identifier:
keyid:90:BE:01:85:B9:27:C8:82:A5:E9:F7:AA:36:5E:93:5C:BF:45:59:F8
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F361CA27/65AC04E001C911F1AF2D178EDAE4EC9C/kL4BhbknyIKl6feqNl6TXL9FWfg.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/kL4BhbknyIKl6feqNl6TXL9FWfg.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F361CA27/65AC04E001C911F1AF2D178EDAE4EC9C/2B610E664D3C11F18C134902CF1D38B0.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv6:
2c0f:33c0::/32
Signature Algorithm: sha256WithRSAEncryption
9b:a8:f8:d4:42:67:a0:f3:d6:46:e4:73:50:db:c8:76:52:18:
7b:61:62:4b:ad:cb:85:52:1d:bf:bc:34:b0:e5:4a:90:1e:a5:
39:ad:6c:d4:ba:20:40:e8:b2:f7:97:43:09:bf:a9:d3:43:08:
8c:45:f0:48:8d:14:60:20:ab:f3:fa:ad:1c:88:6b:42:44:1a:
f5:f1:5d:8f:10:f4:25:2e:e6:cc:ca:3a:8e:a0:c6:16:e4:37:
d9:3e:68:6e:e1:2a:b0:f0:d1:86:14:eb:77:70:bf:f2:8c:f9:
d5:a6:7e:d3:b5:fb:6b:a2:f1:ac:84:92:04:0d:b7:14:13:95:
f3:66:2b:21:3c:c5:d8:09:74:84:0e:d7:2b:22:05:79:2d:72:
dc:82:87:d6:89:1e:6e:d7:f8:0f:e7:39:fd:9b:5b:ca:9a:56:
3f:0c:54:b4:b8:6e:34:5a:7d:2f:47:79:ea:30:2d:12:7b:f4:
aa:04:ec:7b:04:0c:6d:97:74:bb:46:b2:bb:c5:79:ef:19:ce:
54:4c:28:61:72:7b:77:ea:f1:56:40:76:6b:62:9e:7e:54:d8:
b0:fe:6c:b7:f5:c2:36:d1:fe:7b:3d:24:95:3f:f4:b5:df:72:
93:02:61:99:f0:cc:c1:17:b2:8e:7e:fb:36:78:60:a1:e3:15:
3d:21:cf:f9
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgIBZTANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzYx
Q0EyN0FGMTEwLwYDVQQFEyg5MEJFMDE4NUI5MjdDODgyQTVFOUY3QUEzNjVFOTM1
Q0JGNDU1OUY4MB4XDTI2MDUxMTEzMjAyMFoXDTI3MDUxMTEzMjAyMFowGDEWMBQG
A1UEAxMNNmEwMWQ3OTktMzQ3MTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALyrd63RtN17ngidck+bu67XLR0dIbwiUk4c0hy1xRBtRSKUisx6Ofmjy0ev
vQ5gCiHU6PUFEie0lHOSMhToYqZKNU2OUuTbgsflg1FgQA5WzUohnTnhNt5BDxBI
UyLkDvJaEGoAeeEGBNvXDuocZmbIClWee6xLc6wvJzcZEkFUKimS5ZZi7ObO7rbl
10ipdcSQtUw4MN0iVBxYE3MNPf8hpTaL1EXcOYA42owwwbKO4FN7+2+3x7NX6giB
jHtmaI7QjlevA7aA4oM9Zc+VAt/BFqkvpJKk/SBz2LClpdZwAGQ/c4eRL+v0Yx3k
8T83QOG6HJlwm/BMl8nwVGeNr/cCAwEAAaOCAqYwggKiMB0GA1UdDgQWBBQp1Tov
TpSUC8O4a640cYvrKyvy1zAfBgNVHSMEGDAWgBSQvgGFuSfIgqXp96o2XpNcv0VZ
+DAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2MUNBMjcvNjVBQzA0RTAwMUM5MTFGMUFGMkQxNzhFREFFNEVDOUMva0w0Qmhi
a255SUtsNmZlcU5sNlRYTDlGV2ZnLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMva0w0Qmhia255SUtsNmZlcU5sNlRYTDlGV2ZnLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2MUNBMjcvNjVBQzA0RTAwMUM5MTFGMUFGMkQxNzhFREFF
NEVDOUMvMkI2MTBFNjY0RDNDMTFGMThDMTM0OTAyQ0YxRDM4QjAucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACwPM8AwDQYJKoZIhvcNAQEL
BQADggEBAJuo+NRCZ6Dz1kbkc1DbyHZSGHthYkuty4VSHb+8NLDlSpAepTmtbNS6
IEDosveXQwm/qdNDCIxF8EiNFGAgq/P6rRyIa0JEGvXxXY8Q9CUu5szKOo6gxhbk
N9k+aG7hKrDw0YYU63dwv/KM+dWmftO1+2ui8ayEkgQNtxQTlfNmKyE8xdgJdIQO
1ysiBXktctyCh9aJHm7X+A/nOf2bW8qaVj8MVLS4bjRafS9HeeowLRJ79KoE7HsE
DG2XdLtGsrvFee8ZzlRMKGFye3fq8VZAdmtinn5U2LD+bLf1wjbR/ns9JJU/9LXf
cpMCYZnwzMEXso5++zZ4YKHjFT0hz/k=
-----END CERTIFICATE-----
Generated at Wed May 13 13:31:30 2026 by rpki-client