Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3625A15/92C3CE082ECD11E980230320F8AEA228/8DA0F20E22C011F1A24EFFECDAE4EC9C.roa
File: 8DA0F20E22C011F1A24EFFECDAE4EC9C.roa (raw, json)
Hash identifier: pJKKgO8f4WVnAhfiOK2fL78gUsep3QpfIXLd2mvgIoo=
Subject key identifier: DF:5F:52:34:B3:1A:96:34:13:B4:A9:D3:1B:96:30:16:95:08:2C:A1
Certificate issuer: /CN=F3625A15AF/serialNumber=08D2C54E7B51CBC73434DD00605145122F1ACB67
Certificate serial: 0A66
Authority key identifier: 08:D2:C5:4E:7B:51:CB:C7:34:34:DD:00:60:51:45:12:2F:1A:CB:67
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/CNLFTntRy8c0NN0AYFFFEi8ay2c.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3625A15/92C3CE082ECD11E980230320F8AEA228/8DA0F20E22C011F1A24EFFECDAE4EC9C.roa
Signing time: Wed 18 Mar 2026 11:49:44 +0000
ROA not before: Wed 18 Mar 2026 11:49:32 +0000
ROA not after: Tue 18 Mar 2036 11:49:32 +0000
asID: 328434
IP address blocks: 102.68.40.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F3625A15/92C3CE082ECD11E980230320F8AEA228/CNLFTntRy8c0NN0AYFFFEi8ay2c.crl
rsync://rpki.afrinic.net/repository/member_repository/F3625A15/92C3CE082ECD11E980230320F8AEA228/CNLFTntRy8c0NN0AYFFFEi8ay2c.mft
rsync://rpki.afrinic.net/repository/afrinic/CNLFTntRy8c0NN0AYFFFEi8ay2c.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 28 Mar 2026 00:07:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2662 (0xa66)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3625A15AF, serialNumber=08D2C54E7B51CBC73434DD00605145122F1ACB67
Validity
Not Before: Mar 18 11:49:32 2026 GMT
Not After : Mar 18 11:49:32 2036 GMT
Subject: CN=69ba9158-7a98
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:ad:55:4b:21:4b:6a:cf:3b:f5:50:ff:66:1d:
e5:fe:ba:ae:ba:e7:98:1c:6e:4e:0b:74:53:b9:70:
59:ac:91:ff:7c:56:43:4d:d3:a1:52:7f:30:9b:5e:
02:54:ac:58:3f:5e:cb:8b:98:01:6b:43:04:70:6b:
74:e5:38:ae:6a:c8:48:80:95:bb:40:ae:e0:c3:af:
d3:65:62:ee:23:c2:fb:33:ca:c7:25:a5:e1:a4:6c:
be:13:77:01:9b:83:49:cc:0f:77:a0:05:c3:a5:b4:
e9:33:7e:5b:2b:2d:d3:38:39:5f:28:55:92:09:51:
e5:ad:a0:69:6f:17:da:83:0d:22:f3:92:92:23:44:
0a:91:02:27:05:ed:8a:14:95:25:7a:16:3f:57:3b:
ce:bb:f1:e2:0c:20:39:b5:48:47:3a:d1:02:1d:f1:
09:cf:88:89:d4:af:c5:36:17:02:95:5c:c6:56:d6:
06:96:66:0b:06:46:ef:43:98:6f:e5:d4:79:5c:04:
58:59:47:3a:d1:79:b9:e3:fc:1a:62:6e:7a:b5:fb:
be:60:f0:8e:e7:bd:b9:cd:92:ed:71:92:ce:28:a6:
2f:6b:3f:b3:db:07:dd:f9:26:3b:5e:65:bf:7c:f8:
12:c8:f1:de:60:18:f6:14:07:c9:c3:da:91:63:a2:
66:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:5F:52:34:B3:1A:96:34:13:B4:A9:D3:1B:96:30:16:95:08:2C:A1
X509v3 Authority Key Identifier:
keyid:08:D2:C5:4E:7B:51:CB:C7:34:34:DD:00:60:51:45:12:2F:1A:CB:67
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3625A15/92C3CE082ECD11E980230320F8AEA228/CNLFTntRy8c0NN0AYFFFEi8ay2c.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/CNLFTntRy8c0NN0AYFFFEi8ay2c.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3625A15/92C3CE082ECD11E980230320F8AEA228/8DA0F20E22C011F1A24EFFECDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.68.40.0/21
Signature Algorithm: sha256WithRSAEncryption
79:5a:35:b5:03:28:f1:e4:5a:ad:08:69:ef:b9:cf:35:30:8e:
d5:64:87:88:1c:32:69:30:f1:4d:a1:8d:64:e9:62:fc:be:1b:
6c:19:20:03:7d:7c:e2:d2:8c:06:0a:65:07:f4:13:b8:ca:0f:
13:6e:1b:ba:77:71:6c:0a:38:58:08:eb:7b:09:5a:0c:03:d2:
5c:6a:e7:b5:a0:fd:c4:16:37:4a:26:39:98:86:65:66:f4:b7:
90:c5:55:b9:32:6f:3a:73:c1:91:c5:ac:09:62:19:17:4a:79:
71:e6:ed:70:b9:58:72:be:47:b1:ad:a0:1d:28:71:5c:51:18:
48:4c:71:31:0a:bd:45:90:11:b6:84:81:45:15:fd:0c:c6:89:
62:2d:ca:0e:dd:26:23:c1:d3:a5:eb:d1:3d:e3:5a:74:a3:df:
e1:61:98:86:3f:1e:b4:ee:91:40:fe:01:dd:c3:10:6f:90:b9:
fd:e6:6a:20:c9:a0:55:d4:fb:2d:be:3e:46:32:28:64:b2:99:
9a:1c:5e:eb:c5:98:b4:22:49:1e:c6:39:86:86:5c:71:4e:60:
d5:1e:85:60:ad:77:b8:77:29:f1:ea:ce:0f:83:38:6f:c2:b9:
9c:d5:37:a7:4e:61:63:80:03:3d:d2:88:3f:b2:a4:8b:e2:a8:
b9:55:bb:79
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICCmYwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
MjVBMTVBRjExMC8GA1UEBRMoMDhEMkM1NEU3QjUxQ0JDNzM0MzRERDAwNjA1MTQ1
MTIyRjFBQ0I2NzAeFw0yNjAzMTgxMTQ5MzJaFw0zNjAzMTgxMTQ5MzJaMBgxFjAU
BgNVBAMTDTY5YmE5MTU4LTdhOTgwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDdrVVLIUtqzzv1UP9mHeX+uq6655gcbk4LdFO5cFmskf98VkNN06FSfzCb
XgJUrFg/XsuLmAFrQwRwa3TlOK5qyEiAlbtAruDDr9NlYu4jwvszysclpeGkbL4T
dwGbg0nMD3egBcOltOkzflsrLdM4OV8oVZIJUeWtoGlvF9qDDSLzkpIjRAqRAicF
7YoUlSV6Fj9XO8678eIMIDm1SEc60QId8QnPiInUr8U2FwKVXMZW1gaWZgsGRu9D
mG/l1HlcBFhZRzrRebnj/Bpibnq1+75g8I7nvbnNku1xks4opi9rP7PbB935Jjte
Zb98+BLI8d5gGPYUB8nD2pFjombzAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQU319S
NLMaljQTtKnTG5YwFpUILKEwHwYDVR0jBBgwFoAUCNLFTntRy8c0NN0AYFFFEi8a
y2cwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjI1QTE1LzkyQzNDRTA4MkVDRDExRTk4MDIzMDMyMEY4QUVBMjI4L0NOTEZU
bnRSeThjME5OMEFZRkZGRWk4YXkyYy5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0NOTEZUbnRSeThjME5OMEFZRkZGRWk4YXkyYy5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjI1QTE1LzkyQzNDRTA4MkVDRDExRTk4MDIzMDMyMEY4
QUVBMjI4LzhEQTBGMjBFMjJDMDExRjFBMjRFRkZFQ0RBRTRFQzlDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBANmRCgwDQYJKoZIhvcNAQEL
BQADggEBAHlaNbUDKPHkWq0Iae+5zzUwjtVkh4gcMmkw8U2hjWTpYvy+G2wZIAN9
fOLSjAYKZQf0E7jKDxNuG7p3cWwKOFgI63sJWgwD0lxq57Wg/cQWN0omOZiGZWb0
t5DFVbkybzpzwZHFrAliGRdKeXHm7XC5WHK+R7GtoB0ocVxRGEhMcTEKvUWQEbaE
gUUV/QzGiWItyg7dJiPB06Xr0T3jWnSj3+FhmIY/HrTukUD+Ad3DEG+Quf3maiDJ
oFXU+y2+PkYyKGSymZocXuvFmLQiSR7GOYaGXHFOYNUehWCtd7h3KfHqzg+DOG/C
uZzVN6dOYWOAAz3SiD+ypIviqLlVu3k=
-----END CERTIFICATE-----
Generated at Thu Mar 26 09:18:53 2026 by rpki-client