Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F362F418/5B014658F16611EC9FCB21C1F1222468/EB703DBA1BBB11F1999800F1DAE4EC9C.roa
File: EB703DBA1BBB11F1999800F1DAE4EC9C.roa (raw, json)
Hash identifier: Zumw2o6HFsdqiJoh6ccEDdZSM0dgAvPQLJh0mtf+RgQ=
Subject key identifier: 7C:9B:D0:67:BC:5D:6C:4A:BA:D4:1A:E8:79:EE:FF:C3:43:D7:A6:6C
Certificate issuer: /CN=F362F418AF/serialNumber=EDF8D8DAB4B2E668954A40BA56DD21C6452839DC
Certificate serial: 057A
Authority key identifier: ED:F8:D8:DA:B4:B2:E6:68:95:4A:40:BA:56:DD:21:C6:45:28:39:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/7fjY2rSy5miVSkC6Vt0hxkUoOdw.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F362F418/5B014658F16611EC9FCB21C1F1222468/EB703DBA1BBB11F1999800F1DAE4EC9C.roa
Signing time: Mon 09 Mar 2026 13:28:55 +0000
ROA not before: Mon 09 Mar 2026 13:28:50 +0000
ROA not after: Tue 09 Mar 2032 13:28:50 +0000
asID: 328763
IP address blocks: 102.221.0.0/22 maxlen: 22
102.221.0.0/24 maxlen: 24
102.221.1.0/24 maxlen: 24
102.221.2.0/24 maxlen: 24
102.221.3.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F362F418/5B014658F16611EC9FCB21C1F1222468/7fjY2rSy5miVSkC6Vt0hxkUoOdw.crl
rsync://rpki.afrinic.net/repository/member_repository/F362F418/5B014658F16611EC9FCB21C1F1222468/7fjY2rSy5miVSkC6Vt0hxkUoOdw.mft
rsync://rpki.afrinic.net/repository/afrinic/7fjY2rSy5miVSkC6Vt0hxkUoOdw.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 28 Mar 2026 00:07:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1402 (0x57a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F362F418AF, serialNumber=EDF8D8DAB4B2E668954A40BA56DD21C6452839DC
Validity
Not Before: Mar 9 13:28:50 2026 GMT
Not After : Mar 9 13:28:50 2032 GMT
Subject: CN=69aecb17-bbdd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:c9:c1:77:06:29:d7:bb:97:0f:e8:79:97:5d:
30:e9:b4:46:c4:b9:f5:6c:3f:96:ee:3a:8f:50:9d:
3c:64:2e:f2:df:83:72:71:55:e6:43:16:74:12:52:
95:39:b7:4f:d4:93:b0:b6:78:68:b0:21:bc:49:2c:
e2:59:58:f6:ad:a3:68:64:f4:bf:02:a3:1a:97:31:
35:82:35:08:97:29:4b:70:4a:58:e5:19:5d:ec:a9:
fb:7e:4b:e7:cf:65:20:0c:b8:ad:c3:8a:53:39:f4:
a7:23:58:3f:3b:f3:84:91:9d:88:84:ae:45:97:ca:
17:02:9c:32:4a:9c:e5:2c:4f:6a:dc:e7:16:7b:7c:
b0:5c:e8:0e:42:6b:58:50:46:0c:b3:c1:b7:3f:eb:
8a:d7:df:e0:2d:bc:80:9b:38:3a:b4:16:9b:6b:9f:
1a:56:1b:79:dd:b7:31:93:ca:b4:fe:42:03:d4:33:
ca:e3:54:77:93:b3:05:b1:54:a4:bc:e5:5e:68:12:
70:82:57:1f:6d:2b:44:bb:c1:a9:6f:6d:30:9c:75:
06:1f:5a:21:85:a9:26:d2:39:4f:37:a2:c5:bb:91:
fd:87:8d:ec:32:3b:d6:1b:d5:c7:23:e7:b6:c4:a9:
ba:69:56:32:62:da:b9:08:f6:ec:7d:c6:f7:30:99:
5d:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:9B:D0:67:BC:5D:6C:4A:BA:D4:1A:E8:79:EE:FF:C3:43:D7:A6:6C
X509v3 Authority Key Identifier:
keyid:ED:F8:D8:DA:B4:B2:E6:68:95:4A:40:BA:56:DD:21:C6:45:28:39:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F362F418/5B014658F16611EC9FCB21C1F1222468/7fjY2rSy5miVSkC6Vt0hxkUoOdw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/7fjY2rSy5miVSkC6Vt0hxkUoOdw.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F362F418/5B014658F16611EC9FCB21C1F1222468/EB703DBA1BBB11F1999800F1DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.221.0.0/22
Signature Algorithm: sha256WithRSAEncryption
2b:36:5b:4f:49:36:eb:2a:b8:bb:18:98:a6:af:fc:cf:79:9d:
a0:e3:42:53:b3:93:92:84:1f:36:da:a8:89:24:56:ca:ee:20:
77:09:6b:e2:0a:87:93:81:f9:aa:12:f7:ce:7a:9c:43:e4:5d:
7b:50:cd:72:9a:9f:4b:ea:24:a4:74:15:87:3f:f0:dd:b7:51:
4f:50:42:dd:0d:08:e4:25:e3:5a:02:93:bf:d0:1a:22:2b:07:
cf:11:39:ae:10:0e:79:c1:98:5a:a9:3a:30:e7:7d:70:f0:a1:
ef:f1:ce:e3:bc:33:b5:d9:59:c5:c3:3c:5e:21:21:b2:66:ad:
05:33:4c:f3:89:c0:72:15:4e:57:7d:ed:b1:17:f1:63:5a:04:
c1:5c:5a:93:f5:8a:f5:43:42:4a:a4:7b:df:cc:3d:de:0f:bf:
58:8b:db:97:48:d3:cd:5d:d8:d8:a1:85:4d:00:71:16:c4:30:
48:7a:93:e7:be:5f:37:ff:dd:8e:11:c3:fd:ff:36:04:9c:44:
e8:28:e0:3b:b5:7f:f7:d2:64:52:5c:e7:84:30:c2:2c:d9:e7:
27:44:f4:38:0f:68:df:ef:6d:35:af:ad:ba:8c:da:47:a7:13:
a1:4f:b9:e1:16:06:a0:4d:a3:bb:55:b4:81:25:64:1d:68:29:
5b:af:2a:43
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICBXowDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
MkY0MThBRjExMC8GA1UEBRMoRURGOEQ4REFCNEIyRTY2ODk1NEE0MEJBNTZERDIx
QzY0NTI4MzlEQzAeFw0yNjAzMDkxMzI4NTBaFw0zMjAzMDkxMzI4NTBaMBgxFjAU
BgNVBAMTDTY5YWVjYjE3LWJiZGQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDKycF3BinXu5cP6HmXXTDptEbEufVsP5buOo9QnTxkLvLfg3JxVeZDFnQS
UpU5t0/Uk7C2eGiwIbxJLOJZWPato2hk9L8CoxqXMTWCNQiXKUtwSljlGV3sqft+
S+fPZSAMuK3DilM59KcjWD8784SRnYiErkWXyhcCnDJKnOUsT2rc5xZ7fLBc6A5C
a1hQRgyzwbc/64rX3+AtvICbODq0FptrnxpWG3ndtzGTyrT+QgPUM8rjVHeTswWx
VKS85V5oEnCCVx9tK0S7walvbTCcdQYfWiGFqSbSOU83osW7kf2HjewyO9Yb1ccj
57bEqbppVjJi2rkI9ux9xvcwmV35AgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUfJvQ
Z7xdbEq61Broee7/w0PXpmwwHwYDVR0jBBgwFoAU7fjY2rSy5miVSkC6Vt0hxkUo
OdwwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjJGNDE4LzVCMDE0NjU4RjE2NjExRUM5RkNCMjFDMUYxMjIyNDY4Lzdmalky
clN5NW1pVlNrQzZWdDBoeGtVb09kdy5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljLzdmalkyclN5NW1pVlNrQzZWdDBoeGtVb09kdy5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjJGNDE4LzVCMDE0NjU4RjE2NjExRUM5RkNCMjFDMUYx
MjIyNDY4L0VCNzAzREJBMUJCQjExRjE5OTk4MDBGMURBRTRFQzlDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAJm3QAwDQYJKoZIhvcNAQEL
BQADggEBACs2W09JNusquLsYmKav/M95naDjQlOzk5KEHzbaqIkkVsruIHcJa+IK
h5OB+aoS9856nEPkXXtQzXKan0vqJKR0FYc/8N23UU9QQt0NCOQl41oCk7/QGiIr
B88ROa4QDnnBmFqpOjDnfXDwoe/xzuO8M7XZWcXDPF4hIbJmrQUzTPOJwHIVTld9
7bEX8WNaBMFcWpP1ivVDQkqke9/MPd4Pv1iL25dI081d2NihhU0AcRbEMEh6k+e+
Xzf/3Y4Rw/3/NgScROgo4Du1f/fSZFJc54QwwizZ5ydE9DgPaN/vbTWvrbqM2ken
E6FPueEWBqBNo7tVtIElZB1oKVuvKkM=
-----END CERTIFICATE-----
Generated at Thu Mar 26 16:16:11 2026 by rpki-client