Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3644FCC/9E115C3CD12A11EC9A8943EAF1222468/7D4E32F618A011F19FCAA5E3DAE4EC9C.roa
File: 7D4E32F618A011F19FCAA5E3DAE4EC9C.roa (raw, json)
Hash identifier: TRWuvYSjP3zqMyAi2RpvwyDMW+PHu21x8ySiuhAGVHo=
Subject key identifier: 49:E7:47:EC:57:7D:E9:5F:57:B6:F3:9B:3C:0B:B9:5E:5C:BC:61:B8
Certificate issuer: /CN=F3644FCCAR/serialNumber=88FE8D7BD3B7DC3D54425B8C736D2CEC387F737C
Certificate serial: 059D
Authority key identifier: 88:FE:8D:7B:D3:B7:DC:3D:54:42:5B:8C:73:6D:2C:EC:38:7F:73:7C
Authority info access: rsync://rpki.afrinic.net/repository/arin/iP6Ne9O33D1UQluMc20s7Dh_c3w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3644FCC/9E115C3CD12A11EC9A8943EAF1222468/7D4E32F618A011F19FCAA5E3DAE4EC9C.roa
Signing time: Thu 05 Mar 2026 14:35:00 +0000
ROA not before: Thu 05 Mar 2026 14:34:56 +0000
ROA not after: Mon 31 Mar 2036 14:34:56 +0000
asID: 25695
IP address blocks: 64.57.112.0/20 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F3644FCC/9E115C3CD12A11EC9A8943EAF1222468/iP6Ne9O33D1UQluMc20s7Dh_c3w.crl
rsync://rpki.afrinic.net/repository/member_repository/F3644FCC/9E115C3CD12A11EC9A8943EAF1222468/iP6Ne9O33D1UQluMc20s7Dh_c3w.mft
rsync://rpki.afrinic.net/repository/arin/iP6Ne9O33D1UQluMc20s7Dh_c3w.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 28 Mar 2026 00:26:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1437 (0x59d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3644FCCAR, serialNumber=88FE8D7BD3B7DC3D54425B8C736D2CEC387F737C
Validity
Not Before: Mar 5 14:34:56 2026 GMT
Not After : Mar 31 14:34:56 2036 GMT
Subject: CN=69a99494-96f4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:31:10:a9:42:17:b4:8a:c2:e9:df:cf:38:d6:
25:d5:16:6b:68:c6:8c:a7:aa:85:56:0c:72:2f:40:
62:c4:e2:81:a6:21:f1:15:34:b7:8d:d7:a9:6b:df:
b4:4d:57:66:93:e4:a3:f9:f9:74:ae:9f:bf:18:ad:
df:e5:ec:86:99:bf:6f:15:67:9c:cf:76:37:24:7f:
df:77:5f:c8:5f:da:2e:f8:ce:b4:fc:d1:92:67:27:
17:ad:32:b7:13:ba:d5:ab:c7:d6:19:8c:43:94:52:
37:18:bd:cc:76:ce:4d:54:05:d6:1e:e9:30:2d:ce:
b1:c7:ae:80:0c:49:a3:0d:a1:03:f7:00:d4:fd:a8:
48:39:6e:94:eb:ee:87:7d:57:72:e8:ae:05:45:ea:
5c:e8:cc:20:06:79:fd:46:a7:83:75:15:04:40:2c:
64:60:e0:6e:31:24:96:c8:26:6d:3b:b6:70:ed:c1:
a2:51:af:6b:6f:40:94:43:f4:36:22:4b:4a:89:dc:
c5:f5:79:db:82:ce:ea:ed:85:9c:f2:ca:cb:bd:1b:
53:e0:2a:bf:7e:95:fc:8a:d7:56:f1:6c:40:aa:0a:
74:a2:cb:69:2d:d9:56:35:ac:f9:b3:fb:82:5f:98:
80:8d:4f:29:38:78:c2:6c:ec:0a:88:f2:39:d6:11:
c6:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:E7:47:EC:57:7D:E9:5F:57:B6:F3:9B:3C:0B:B9:5E:5C:BC:61:B8
X509v3 Authority Key Identifier:
keyid:88:FE:8D:7B:D3:B7:DC:3D:54:42:5B:8C:73:6D:2C:EC:38:7F:73:7C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3644FCC/9E115C3CD12A11EC9A8943EAF1222468/iP6Ne9O33D1UQluMc20s7Dh_c3w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/iP6Ne9O33D1UQluMc20s7Dh_c3w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3644FCC/9E115C3CD12A11EC9A8943EAF1222468/7D4E32F618A011F19FCAA5E3DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
64.57.112.0/20
Signature Algorithm: sha256WithRSAEncryption
11:40:27:73:94:bb:91:a3:55:12:d2:9a:b8:06:1f:4a:2e:c0:
b1:d3:3c:39:f1:03:03:96:6a:99:82:ec:5e:60:6d:9e:a7:ce:
3d:12:54:29:20:b3:66:51:dc:d6:72:73:bc:a4:60:2d:4e:4f:
4c:7b:3b:92:1f:c0:84:69:61:f4:86:66:cb:d7:77:72:aa:86:
db:a2:c4:da:8b:c9:14:f1:4f:37:b3:68:a2:1f:70:b1:ff:63:
e7:23:a9:f7:35:bb:f8:b3:28:f1:c2:1f:98:73:3e:50:a7:d3:
74:bb:f6:2b:c6:fb:5a:d5:9b:97:e1:1e:5d:e4:7a:1d:bc:77:
50:d5:7d:ea:b7:e1:1c:cf:88:f6:bc:07:51:4c:4a:a7:5f:49:
70:bf:1e:32:e8:62:48:a5:1a:1b:9c:ec:52:ed:7a:a9:9d:39:
80:1e:fb:6c:97:a6:d5:03:b2:40:55:5a:08:05:67:25:32:38:
c5:24:3f:59:d3:08:7b:49:4f:bc:3f:f8:90:97:cd:39:01:83:
7f:47:a1:5d:a2:4c:11:1d:05:a0:e2:49:a2:ec:dd:ea:ab:d7:
8a:fc:83:66:62:81:07:aa:52:ef:0b:fc:ae:ca:e3:9a:3d:72:
0a:d2:bd:d1:d6:94:f7:2e:a3:e0:f7:f7:3e:2c:4e:f6:06:8f:
26:2d:5c:8a
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICBZ0wDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
NDRGQ0NBUjExMC8GA1UEBRMoODhGRThEN0JEM0I3REMzRDU0NDI1QjhDNzM2RDJD
RUMzODdGNzM3QzAeFw0yNjAzMDUxNDM0NTZaFw0zNjAzMzExNDM0NTZaMBgxFjAU
BgNVBAMTDTY5YTk5NDk0LTk2ZjQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDtMRCpQhe0isLp38841iXVFmtoxoynqoVWDHIvQGLE4oGmIfEVNLeN16lr
37RNV2aT5KP5+XSun78Yrd/l7IaZv28VZ5zPdjckf993X8hf2i74zrT80ZJnJxet
MrcTutWrx9YZjEOUUjcYvcx2zk1UBdYe6TAtzrHHroAMSaMNoQP3ANT9qEg5bpTr
7od9V3LorgVF6lzozCAGef1Gp4N1FQRALGRg4G4xJJbIJm07tnDtwaJRr2tvQJRD
9DYiS0qJ3MX1eduCzurthZzyysu9G1PgKr9+lfyK11bxbECqCnSiy2kt2VY1rPmz
+4JfmICNTyk4eMJs7AqI8jnWEcaZAgMBAAGjggKiMIICnjAdBgNVHQ4EFgQUSedH
7Fd96V9XtvObPAu5Xly8YbgwHwYDVR0jBBgwFoAUiP6Ne9O33D1UQluMc20s7Dh/
c3wwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjQ0RkNDLzlFMTE1QzNDRDEyQTExRUM5QTg5NDNFQUYxMjIyNDY4L2lQNk5l
OU8zM0QxVVFsdU1jMjBzN0RoX2Mzdy5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hcmlu
L2lQNk5lOU8zM0QxVVFsdU1jMjBzN0RoX2Mzdy5jZXIwTwYDVR0gAQH/BEUwQzBB
BggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5pYy5u
ZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEFBQcw
C4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9y
ZXBvc2l0b3J5L0YzNjQ0RkNDLzlFMTE1QzNDRDEyQTExRUM5QTg5NDNFQUYxMjIy
NDY4LzdENEUzMkY2MThBMDExRjE5RkNBQTVFM0RBRTRFQzlDLnJvYTA1BggrBgEF
BQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54bWww
HwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBARAOXAwDQYJKoZIhvcNAQELBQAD
ggEBABFAJ3OUu5GjVRLSmrgGH0ouwLHTPDnxAwOWapmC7F5gbZ6nzj0SVCkgs2ZR
3NZyc7ykYC1OT0x7O5IfwIRpYfSGZsvXd3KqhtuixNqLyRTxTzezaKIfcLH/Y+cj
qfc1u/izKPHCH5hzPlCn03S79ivG+1rVm5fhHl3keh28d1DVfeq34RzPiPa8B1FM
SqdfSXC/HjLoYkilGhuc7FLteqmdOYAe+2yXptUDskBVWggFZyUyOMUkP1nTCHtJ
T7w/+JCXzTkBg39HoV2iTBEdBaDiSaLs3eqr14r8g2ZigQeqUu8L/K7K45o9cgrS
vdHWlPcuo+D39z4sTvYGjyYtXIo=
-----END CERTIFICATE-----
Generated at Fri Mar 27 00:08:24 2026 by rpki-client