Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F361E497/708176AAF93211EC88DB648CF1222468/965BF5A6194211F18E533FCEDAE4EC9C.roa
File: 965BF5A6194211F18E533FCEDAE4EC9C.roa (raw, json)
Hash identifier: W9iQ9DD/t+SP2leOlzqvnE8SvkIPORkC0rbjeQakpwg=
Subject key identifier: 6A:58:4B:94:6A:70:E3:D3:78:C0:10:4D:A7:6E:A7:33:1C:2D:A6:D0
Certificate issuer: /CN=F361E497AF/serialNumber=24F4E354DDDEC8913823B0F92407A534ABF3F982
Certificate serial: 0570
Authority key identifier: 24:F4:E3:54:DD:DE:C8:91:38:23:B0:F9:24:07:A5:34:AB:F3:F9:82
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JPTjVN3eyJE4I7D5JAelNKvz-YI.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F361E497/708176AAF93211EC88DB648CF1222468/965BF5A6194211F18E533FCEDAE4EC9C.roa
Signing time: Fri 06 Mar 2026 09:55:21 +0000
ROA not before: Fri 06 Mar 2026 09:55:16 +0000
ROA not after: Thu 06 Mar 2036 09:55:16 +0000
asID: 329084
IP address blocks: 102.215.152.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F361E497/708176AAF93211EC88DB648CF1222468/JPTjVN3eyJE4I7D5JAelNKvz-YI.crl
rsync://rpki.afrinic.net/repository/member_repository/F361E497/708176AAF93211EC88DB648CF1222468/JPTjVN3eyJE4I7D5JAelNKvz-YI.mft
rsync://rpki.afrinic.net/repository/afrinic/JPTjVN3eyJE4I7D5JAelNKvz-YI.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 28 Mar 2026 00:07:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1392 (0x570)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F361E497AF, serialNumber=24F4E354DDDEC8913823B0F92407A534ABF3F982
Validity
Not Before: Mar 6 09:55:16 2026 GMT
Not After : Mar 6 09:55:16 2036 GMT
Subject: CN=69aaa489-63bd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:7f:7c:2c:bd:09:e0:2c:b6:f6:ba:73:fa:09:
a6:85:55:3b:7e:05:c9:0c:e6:27:ca:c1:67:b0:22:
56:18:9e:1a:f2:6e:81:3f:a4:d3:0c:37:5b:f3:6d:
f0:e1:7e:c5:dd:54:d3:02:d0:05:8a:be:b2:3e:94:
11:84:ad:62:29:ce:45:11:87:99:00:73:18:9a:f1:
f3:c1:fb:7a:ac:d4:5d:9c:d0:7a:31:41:24:57:20:
d6:2b:8a:44:18:54:dc:3d:4b:fa:cb:20:e7:bf:58:
47:32:ea:af:5a:a7:af:80:27:7b:70:0f:8f:73:05:
fd:42:b2:dd:de:cd:99:05:99:48:84:7b:f5:d4:8f:
b0:f0:34:f3:32:a1:ef:fa:6f:62:74:15:7d:41:ec:
9d:1f:5f:20:6c:1e:71:01:1a:89:98:dc:8d:60:9d:
87:dd:b2:0f:fd:eb:d0:19:54:8a:b9:d1:43:03:32:
9d:cb:75:f4:35:58:80:0b:c2:e6:ac:cd:a4:28:04:
09:e9:a3:3a:d3:13:af:79:30:3d:2c:36:7e:31:72:
3d:93:17:5c:e4:66:b6:20:29:21:65:95:7c:17:bf:
2b:ce:4c:91:29:01:85:ff:51:98:02:79:c2:53:96:
4b:29:d7:ef:b3:e9:49:39:39:e2:b6:74:78:43:76:
88:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:58:4B:94:6A:70:E3:D3:78:C0:10:4D:A7:6E:A7:33:1C:2D:A6:D0
X509v3 Authority Key Identifier:
keyid:24:F4:E3:54:DD:DE:C8:91:38:23:B0:F9:24:07:A5:34:AB:F3:F9:82
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F361E497/708176AAF93211EC88DB648CF1222468/JPTjVN3eyJE4I7D5JAelNKvz-YI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JPTjVN3eyJE4I7D5JAelNKvz-YI.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F361E497/708176AAF93211EC88DB648CF1222468/965BF5A6194211F18E533FCEDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.215.152.0/24
Signature Algorithm: sha256WithRSAEncryption
22:66:65:88:85:45:92:ce:35:f7:36:ab:c8:b7:a6:0a:09:4c:
5c:bf:fc:d2:db:73:cd:70:e7:e5:64:1c:65:60:a3:22:f4:60:
0f:6b:87:f2:87:a1:58:28:67:d9:11:98:82:e9:a6:4d:f9:3a:
d5:d8:cc:ca:46:b9:8d:91:0e:b5:4e:02:f1:ab:de:04:ab:0c:
da:9b:6f:38:3d:7f:27:83:7e:dd:cd:57:b0:97:49:70:01:79:
85:86:ad:80:2c:f9:52:30:06:60:32:c9:fa:76:fe:a3:89:e2:
54:18:d0:70:cc:58:5a:4c:52:e3:36:9f:df:09:95:28:52:d2:
b0:d2:f9:50:57:99:d3:45:da:ee:c1:dd:69:70:12:a2:31:dc:
f6:2c:9b:50:95:32:a8:9c:5f:fe:9d:19:af:e5:49:f6:f9:a2:
7f:3e:47:86:a7:5b:38:6f:d0:c7:cf:8b:37:2f:ed:3e:80:1e:
8f:8b:e3:eb:fe:9e:a7:b6:0f:8d:6d:96:28:92:53:b2:94:64:
20:59:ba:9e:ad:74:a8:89:d7:08:78:8f:df:fd:c9:28:fb:38:
5c:42:52:fa:51:b2:15:96:2a:92:71:fc:a6:7a:0a:74:bc:f4:
93:79:62:a0:d6:b5:32:00:ba:ec:97:30:6d:5a:7b:4c:f8:aa:
e4:b9:75:9e
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICBXAwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
MUU0OTdBRjExMC8GA1UEBRMoMjRGNEUzNTRERERFQzg5MTM4MjNCMEY5MjQwN0E1
MzRBQkYzRjk4MjAeFw0yNjAzMDYwOTU1MTZaFw0zNjAzMDYwOTU1MTZaMBgxFjAU
BgNVBAMTDTY5YWFhNDg5LTYzYmQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQC5f3wsvQngLLb2unP6CaaFVTt+BckM5ifKwWewIlYYnhryboE/pNMMN1vz
bfDhfsXdVNMC0AWKvrI+lBGErWIpzkURh5kAcxia8fPB+3qs1F2c0HoxQSRXINYr
ikQYVNw9S/rLIOe/WEcy6q9ap6+AJ3twD49zBf1Cst3ezZkFmUiEe/XUj7DwNPMy
oe/6b2J0FX1B7J0fXyBsHnEBGomY3I1gnYfdsg/969AZVIq50UMDMp3LdfQ1WIAL
wuaszaQoBAnpozrTE695MD0sNn4xcj2TF1zkZrYgKSFllXwXvyvOTJEpAYX/UZgC
ecJTlksp1++z6Uk5OeK2dHhDdohlAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUalhL
lGpw49N4wBBNp26nMxwtptAwHwYDVR0jBBgwFoAUJPTjVN3eyJE4I7D5JAelNKvz
+YIwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjFFNDk3LzcwODE3NkFBRjkzMjExRUM4OERCNjQ4Q0YxMjIyNDY4L0pQVGpW
TjNleUpFNEk3RDVKQWVsTkt2ei1ZSS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0pQVGpWTjNleUpFNEk3RDVKQWVsTkt2ei1ZSS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjFFNDk3LzcwODE3NkFBRjkzMjExRUM4OERCNjQ4Q0Yx
MjIyNDY4Lzk2NUJGNUE2MTk0MjExRjE4RTUzM0ZDRURBRTRFQzlDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABm15gwDQYJKoZIhvcNAQEL
BQADggEBACJmZYiFRZLONfc2q8i3pgoJTFy//NLbc81w5+VkHGVgoyL0YA9rh/KH
oVgoZ9kRmILppk35OtXYzMpGuY2RDrVOAvGr3gSrDNqbbzg9fyeDft3NV7CXSXAB
eYWGrYAs+VIwBmAyyfp2/qOJ4lQY0HDMWFpMUuM2n98JlShS0rDS+VBXmdNF2u7B
3WlwEqIx3PYsm1CVMqicX/6dGa/lSfb5on8+R4anWzhv0MfPizcv7T6AHo+L4+v+
nqe2D41tliiSU7KUZCBZup6tdKiJ1wh4j9/9ySj7OFxCUvpRshWWKpJx/KZ6CnS8
9JN5YqDWtTIAuuyXMG1ae0z4quS5dZ4=
-----END CERTIFICATE-----
Generated at Fri Mar 27 00:07:45 2026 by rpki-client