Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F362C7E9/08F07C14E8D911E98515C740F8AEA228/77EDD0961C5611F194102C82DAE4EC9C.roa
File: 77EDD0961C5611F194102C82DAE4EC9C.roa (raw, json)
Hash identifier: yb13uKqvOaUhwTpukxMYPaYtf0MpRvzLLQNXovaDCao=
Subject key identifier: 0A:A3:2D:0F:9A:53:CF:54:2D:8D:FC:68:A6:5F:70:1B:5B:D4:FE:FB
Certificate issuer: /CN=F362C7E9AR/serialNumber=B97DC46099CD50FCF299DA5E82B005646984C4F3
Certificate serial: 0971
Authority key identifier: B9:7D:C4:60:99:CD:50:FC:F2:99:DA:5E:82:B0:05:64:69:84:C4:F3
Authority info access: rsync://rpki.afrinic.net/repository/arin/uX3EYJnNUPzymdpegrAFZGmExPM.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F362C7E9/08F07C14E8D911E98515C740F8AEA228/77EDD0961C5611F194102C82DAE4EC9C.roa
Signing time: Tue 10 Mar 2026 07:55:13 +0000
ROA not before: Tue 10 Mar 2026 07:54:56 +0000
ROA not after: Sun 31 Mar 2030 07:54:56 +0000
asID: 22572
IP address blocks: 66.18.64.0/20 maxlen: 24
66.18.80.0/21 maxlen: 24
66.18.88.0/22 maxlen: 24
66.18.92.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F362C7E9/08F07C14E8D911E98515C740F8AEA228/uX3EYJnNUPzymdpegrAFZGmExPM.crl
rsync://rpki.afrinic.net/repository/member_repository/F362C7E9/08F07C14E8D911E98515C740F8AEA228/uX3EYJnNUPzymdpegrAFZGmExPM.mft
rsync://rpki.afrinic.net/repository/arin/uX3EYJnNUPzymdpegrAFZGmExPM.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 28 Mar 2026 00:26:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2417 (0x971)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F362C7E9AR, serialNumber=B97DC46099CD50FCF299DA5E82B005646984C4F3
Validity
Not Before: Mar 10 07:54:56 2026 GMT
Not After : Mar 31 07:54:56 2030 GMT
Subject: CN=69afce61-5cf1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:c5:2a:0f:e2:91:f0:d2:a5:ef:66:65:c1:a1:
6a:c7:4d:4b:df:88:3c:44:ba:6a:94:3b:b2:46:6f:
fc:ff:15:15:fe:af:6b:20:62:fa:af:36:0a:56:0d:
c6:17:76:cd:17:74:b6:4a:f1:a9:77:68:40:bc:fb:
2b:9b:7b:c1:89:d4:61:cf:07:9a:73:ae:45:fe:9d:
2b:11:33:a9:44:ca:db:24:ca:be:77:8f:1f:cf:b3:
fa:0d:47:0a:2c:0d:62:43:83:82:64:0e:c1:db:e6:
33:70:12:eb:09:13:bc:95:98:75:0a:f0:54:33:12:
10:40:54:38:d1:a9:a2:0e:f7:1e:ab:97:98:8a:5a:
e1:c7:80:62:8b:1a:3c:60:e0:11:52:f3:cd:52:24:
50:29:0e:86:b1:f9:db:75:85:40:d8:31:fb:fb:b1:
38:5d:09:9a:c2:28:6d:77:ed:6f:7a:c6:38:ad:ba:
a8:b3:50:9d:22:28:d0:76:0c:70:07:89:b0:6a:8a:
2b:5c:68:02:48:89:39:52:c2:c1:fc:76:a7:ec:e8:
0e:67:10:21:a7:fb:ce:dc:38:11:35:6d:87:d7:35:
83:9c:2f:17:9c:21:b6:4a:23:2b:5c:a6:09:fa:f8:
39:8b:a6:4a:1d:15:48:4d:bc:4b:cc:f0:a2:d3:2e:
2c:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:A3:2D:0F:9A:53:CF:54:2D:8D:FC:68:A6:5F:70:1B:5B:D4:FE:FB
X509v3 Authority Key Identifier:
keyid:B9:7D:C4:60:99:CD:50:FC:F2:99:DA:5E:82:B0:05:64:69:84:C4:F3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F362C7E9/08F07C14E8D911E98515C740F8AEA228/uX3EYJnNUPzymdpegrAFZGmExPM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/uX3EYJnNUPzymdpegrAFZGmExPM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F362C7E9/08F07C14E8D911E98515C740F8AEA228/77EDD0961C5611F194102C82DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
66.18.64.0-66.18.93.255
Signature Algorithm: sha256WithRSAEncryption
65:b0:6f:80:a3:58:bc:63:25:da:ee:9f:a3:a8:e6:ec:4a:b7:
58:89:4d:69:39:20:77:fa:e6:e0:27:68:86:16:51:45:bf:8e:
3f:14:13:0a:d5:f6:1e:6b:f4:37:66:c7:eb:2e:01:3e:4b:9d:
b8:bd:66:7b:4c:d9:fc:b8:76:dc:dd:24:02:cb:0b:f6:94:8e:
f9:ab:5d:78:91:7b:ec:a2:7c:05:5b:fc:3e:e6:43:16:e9:d3:
94:1a:fd:69:28:c4:89:74:10:c8:2d:c0:c9:4e:18:8a:3d:40:
e8:7e:b5:23:22:f2:1e:bd:88:ad:14:dc:73:e3:d9:10:0f:81:
88:ae:bb:0d:9b:ea:50:55:bf:71:6e:5a:d5:df:e2:c3:d9:8a:
a6:58:de:34:ce:57:32:81:be:2f:b2:b0:85:74:37:73:bd:6f:
c5:f0:53:e3:f0:1a:44:df:9e:1e:17:28:9c:b8:4d:24:f0:5a:
fd:9e:82:7d:d4:98:93:14:fc:76:f5:79:a2:02:63:31:8a:0f:
9c:c0:07:21:44:50:48:ad:d3:2f:05:07:1c:a5:fb:84:d4:c2:
82:77:79:9a:72:96:4a:4d:12:3a:06:2a:1c:94:65:1e:ff:00:
93:be:60:11:31:1f:18:1e:55:3e:a0:9c:a0:57:64:33:e6:b7:
e6:cd:ee:f5
-----BEGIN CERTIFICATE-----
MIIFiDCCBHCgAwIBAgICCXEwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
MkM3RTlBUjExMC8GA1UEBRMoQjk3REM0NjA5OUNENTBGQ0YyOTlEQTVFODJCMDA1
NjQ2OTg0QzRGMzAeFw0yNjAzMTAwNzU0NTZaFw0zMDAzMzEwNzU0NTZaMBgxFjAU
BgNVBAMTDTY5YWZjZTYxLTVjZjEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDqxSoP4pHw0qXvZmXBoWrHTUvfiDxEumqUO7JGb/z/FRX+r2sgYvqvNgpW
DcYXds0XdLZK8al3aEC8+yube8GJ1GHPB5pzrkX+nSsRM6lEytskyr53jx/Ps/oN
RwosDWJDg4JkDsHb5jNwEusJE7yVmHUK8FQzEhBAVDjRqaIO9x6rl5iKWuHHgGKL
Gjxg4BFS881SJFApDoax+dt1hUDYMfv7sThdCZrCKG137W96xjituqizUJ0iKNB2
DHAHibBqiitcaAJIiTlSwsH8dqfs6A5nECGn+87cOBE1bYfXNYOcLxecIbZKIytc
pgn6+DmLpkodFUhNvEvM8KLTLiwjAgMBAAGjggKqMIICpjAdBgNVHQ4EFgQUCqMt
D5pTz1Qtjfxopl9wG1vU/vswHwYDVR0jBBgwFoAUuX3EYJnNUPzymdpegrAFZGmE
xPMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjJDN0U5LzA4RjA3QzE0RThEOTExRTk4NTE1Qzc0MEY4QUVBMjI4L3VYM0VZ
Sm5OVVB6eW1kcGVnckFGWkdtRXhQTS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hcmlu
L3VYM0VZSm5OVVB6eW1kcGVnckFGWkdtRXhQTS5jZXIwTwYDVR0gAQH/BEUwQzBB
BggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5pYy5u
ZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEFBQcw
C4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9y
ZXBvc2l0b3J5L0YzNjJDN0U5LzA4RjA3QzE0RThEOTExRTk4NTE1Qzc0MEY4QUVB
MjI4Lzc3RUREMDk2MUM1NjExRjE5NDEwMkM4MkRBRTRFQzlDLnJvYTA1BggrBgEF
BQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54bWww
JwYIKwYBBQUHAQcBAf8EGDAWMBQEAgABMA4wDAMEBkISQAMEAUISXDANBgkqhkiG
9w0BAQsFAAOCAQEAZbBvgKNYvGMl2u6fo6jm7Eq3WIlNaTkgd/rm4CdohhZRRb+O
PxQTCtX2Hmv0N2bH6y4BPkuduL1me0zZ/Lh23N0kAssL9pSO+atdeJF77KJ8BVv8
PuZDFunTlBr9aSjEiXQQyC3AyU4Yij1A6H61IyLyHr2IrRTcc+PZEA+BiK67DZvq
UFW/cW5a1d/iw9mKpljeNM5XMoG+L7KwhXQ3c71vxfBT4/AaRN+eHhconLhNJPBa
/Z6CfdSYkxT8dvV5ogJjMYoPnMAHIURQSK3TLwUHHKX7hNTCgnd5mnKWSk0SOgYq
HJRlHv8Ak75gETEfGB5VPqCcoFdkM+a35s3u9Q==
-----END CERTIFICATE-----
Generated at Thu Mar 26 10:59:51 2026 by rpki-client