Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3632159/A24C983C4ABC11EDA0F57084F1222468/1B35856C195C11F1A4BE1BE6DAE4EC9C.roa
File: 1B35856C195C11F1A4BE1BE6DAE4EC9C.roa (raw, json)
Hash identifier: CHaNrBOXzFgVGFou41x3nuG9Yh9iFT+XuvLJW7NRZ94=
Subject key identifier: DD:BF:B0:F1:17:90:E3:4D:6E:49:D9:E3:5A:B1:FD:98:1B:F1:BD:47
Certificate issuer: /CN=F3632159AF/serialNumber=A68573041B43F39C788EF35B764B318C8849C9FE
Certificate serial: 04FE
Authority key identifier: A6:85:73:04:1B:43:F3:9C:78:8E:F3:5B:76:4B:31:8C:88:49:C9:FE
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/poVzBBtD85x4jvNbdksxjIhJyf4.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3632159/A24C983C4ABC11EDA0F57084F1222468/1B35856C195C11F1A4BE1BE6DAE4EC9C.roa
Signing time: Fri 06 Mar 2026 12:58:01 +0000
ROA not before: Fri 06 Mar 2026 12:57:44 +0000
ROA not after: Thu 06 Mar 2036 12:57:44 +0000
asID: 328218
IP address blocks: 2c0f:f148::/32 maxlen: 33
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F3632159/A24C983C4ABC11EDA0F57084F1222468/poVzBBtD85x4jvNbdksxjIhJyf4.crl
rsync://rpki.afrinic.net/repository/member_repository/F3632159/A24C983C4ABC11EDA0F57084F1222468/poVzBBtD85x4jvNbdksxjIhJyf4.mft
rsync://rpki.afrinic.net/repository/afrinic/poVzBBtD85x4jvNbdksxjIhJyf4.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 28 Mar 2026 00:07:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1278 (0x4fe)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3632159AF, serialNumber=A68573041B43F39C788EF35B764B318C8849C9FE
Validity
Not Before: Mar 6 12:57:44 2026 GMT
Not After : Mar 6 12:57:44 2036 GMT
Subject: CN=69aacf59-bcd1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:30:86:87:a5:e4:f3:8f:25:44:a2:7a:28:2e:
0b:7b:23:47:f9:7d:9c:fb:9a:68:c3:61:26:7f:96:
f5:b6:6f:c1:76:78:1a:39:99:e4:c3:80:67:b0:06:
b6:12:06:3c:55:a2:80:5f:ed:5e:c3:d1:d5:2b:05:
39:b1:30:22:9b:5f:a7:27:6e:39:8d:d3:0d:35:97:
94:88:f2:4f:9b:71:31:02:35:ef:e0:ff:a1:a6:fb:
10:8a:45:e1:61:ef:93:80:8f:0a:32:8f:d6:87:1a:
d6:34:f4:d8:c1:1b:02:17:dc:3a:37:2e:72:63:a6:
1c:a6:72:2c:03:e3:fe:0e:9e:86:8c:85:a0:0c:71:
18:8f:81:06:5a:7a:a9:c2:cb:3b:a7:bf:03:cd:ef:
08:31:1c:34:34:5b:68:87:c4:3b:b2:f6:2e:2a:8e:
07:29:55:99:ae:6a:18:e5:f8:d9:17:16:b3:3c:ac:
c0:a5:35:b4:a4:7f:03:a9:77:8c:be:83:eb:d0:47:
71:ba:58:a1:a0:2c:b7:3e:39:2a:f3:00:99:9e:0a:
da:49:26:6a:1b:78:33:c4:54:23:02:54:f4:d2:ce:
8c:85:f8:3f:05:8a:f0:dd:7d:b6:b0:5c:41:04:11:
8d:d7:6d:1b:ae:3a:99:f5:68:b7:87:a8:f1:d1:13:
73:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:BF:B0:F1:17:90:E3:4D:6E:49:D9:E3:5A:B1:FD:98:1B:F1:BD:47
X509v3 Authority Key Identifier:
keyid:A6:85:73:04:1B:43:F3:9C:78:8E:F3:5B:76:4B:31:8C:88:49:C9:FE
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3632159/A24C983C4ABC11EDA0F57084F1222468/poVzBBtD85x4jvNbdksxjIhJyf4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/poVzBBtD85x4jvNbdksxjIhJyf4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3632159/A24C983C4ABC11EDA0F57084F1222468/1B35856C195C11F1A4BE1BE6DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv6:
2c0f:f148::/32
Signature Algorithm: sha256WithRSAEncryption
b0:41:33:76:4f:17:ba:0d:9c:ea:f9:20:ca:a2:a9:b4:50:e1:
b1:c8:26:9a:af:ca:3f:21:2d:64:3e:17:98:0d:95:51:00:0b:
e6:b9:83:b2:ed:4c:57:a7:cb:12:db:80:2d:bd:ca:d9:bd:07:
40:b9:45:c4:f3:a9:8b:e8:89:f9:cc:eb:38:b2:ed:8c:a8:34:
f4:5d:35:75:a8:74:9c:4b:d3:f8:c3:d0:9b:5c:cb:1d:94:95:
d0:c9:3b:92:12:b3:3d:3d:8d:ab:15:55:4e:e0:30:f2:78:ac:
bd:96:94:a3:b5:ad:8d:81:b4:48:c4:a1:39:91:71:e5:94:ab:
e3:0c:bb:0f:5f:87:37:9d:e8:48:af:ad:b2:18:a5:6c:95:01:
4c:8d:a0:9f:b0:ce:5c:26:63:86:89:13:9a:71:df:1b:a7:8e:
89:7c:6c:8b:36:60:12:6f:4e:2a:01:74:af:63:8c:07:d5:8a:
81:43:f7:d2:5d:3b:b9:7c:b9:4a:f5:77:aa:ae:49:0f:12:4c:
50:75:02:cb:22:94:8d:af:6d:2a:53:95:63:55:42:cc:d1:3a:
ad:42:87:7d:d9:99:1e:d4:51:07:4d:6c:3e:44:ad:0a:f8:5d:
4d:f9:98:a4:e1:19:08:8e:8d:04:d9:60:d0:05:88:85:21:db:
51:40:0e:a0
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICBP4wDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
MzIxNTlBRjExMC8GA1UEBRMoQTY4NTczMDQxQjQzRjM5Qzc4OEVGMzVCNzY0QjMx
OEM4ODQ5QzlGRTAeFw0yNjAzMDYxMjU3NDRaFw0zNjAzMDYxMjU3NDRaMBgxFjAU
BgNVBAMTDTY5YWFjZjU5LWJjZDEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDUMIaHpeTzjyVEonooLgt7I0f5fZz7mmjDYSZ/lvW2b8F2eBo5meTDgGew
BrYSBjxVooBf7V7D0dUrBTmxMCKbX6cnbjmN0w01l5SI8k+bcTECNe/g/6Gm+xCK
ReFh75OAjwoyj9aHGtY09NjBGwIX3Do3LnJjphymciwD4/4OnoaMhaAMcRiPgQZa
eqnCyzunvwPN7wgxHDQ0W2iHxDuy9i4qjgcpVZmuahjl+NkXFrM8rMClNbSkfwOp
d4y+g+vQR3G6WKGgLLc+OSrzAJmeCtpJJmobeDPEVCMCVPTSzoyF+D8FivDdfbaw
XEEEEY3XbRuuOpn1aLeHqPHRE3OzAgMBAAGjggKmMIICojAdBgNVHQ4EFgQU3b+w
8ReQ401uSdnjWrH9mBvxvUcwHwYDVR0jBBgwFoAUpoVzBBtD85x4jvNbdksxjIhJ
yf4wDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjMyMTU5L0EyNEM5ODNDNEFCQzExRURBMEY1NzA4NEYxMjIyNDY4L3BvVnpC
QnREODV4NGp2TmJka3N4akloSnlmNC5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL3BvVnpCQnREODV4NGp2TmJka3N4akloSnlmNC5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjMyMTU5L0EyNEM5ODNDNEFCQzExRURBMEY1NzA4NEYx
MjIyNDY4LzFCMzU4NTZDMTk1QzExRjFBNEJFMUJFNkRBRTRFQzlDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwIAYIKwYBBQUHAQcBAf8EETAPMA0EAgACMAcDBQAsD/FIMA0GCSqGSIb3DQEB
CwUAA4IBAQCwQTN2Txe6DZzq+SDKoqm0UOGxyCaar8o/IS1kPheYDZVRAAvmuYOy
7UxXp8sS24AtvcrZvQdAuUXE86mL6In5zOs4su2MqDT0XTV1qHScS9P4w9CbXMsd
lJXQyTuSErM9PY2rFVVO4DDyeKy9lpSjta2NgbRIxKE5kXHllKvjDLsPX4c3nehI
r62yGKVslQFMjaCfsM5cJmOGiROacd8bp46JfGyLNmASb04qAXSvY4wH1YqBQ/fS
XTu5fLlK9XeqrkkPEkxQdQLLIpSNr20qU5VjVULM0TqtQod92Zke1FEHTWw+RK0K
+F1N+Zik4RkIjo0E2WDQBYiFIdtRQA6g
-----END CERTIFICATE-----
Generated at Thu Mar 26 11:49:27 2026 by rpki-client