Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3652E81/2DA244A0416711EC870A307CD8A014CE/4271F39E1D5411F1A0107AC5DAE4EC9C.roa
File: 4271F39E1D5411F1A0107AC5DAE4EC9C.roa (raw, json)
Hash identifier: GfmgIfHQlHFs0VWeSTKqFMLmHPB6ns7vlyr6ru21/OM=
Subject key identifier: 26:4E:F8:CA:33:3E:17:A6:F4:58:FE:8C:01:68:F2:19:E8:A4:0C:A6
Certificate issuer: /CN=F3652E81AF/serialNumber=813164E535DF5B1B43F8FA6E225DD0FA98CF6FED
Certificate serial: 0665
Authority key identifier: 81:31:64:E5:35:DF:5B:1B:43:F8:FA:6E:22:5D:D0:FA:98:CF:6F:ED
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/gTFk5TXfWxtD-PpuIl3Q-pjPb-0.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3652E81/2DA244A0416711EC870A307CD8A014CE/4271F39E1D5411F1A0107AC5DAE4EC9C.roa
Signing time: Wed 11 Mar 2026 14:11:56 +0000
ROA not before: Wed 11 Mar 2026 14:11:51 +0000
ROA not after: Fri 31 Dec 2049 14:11:51 +0000
asID: 5713
IP address blocks: 196.13.70.0/24 maxlen: 24
196.13.79.0/24 maxlen: 24
2c0f:f440::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F3652E81/2DA244A0416711EC870A307CD8A014CE/gTFk5TXfWxtD-PpuIl3Q-pjPb-0.crl
rsync://rpki.afrinic.net/repository/member_repository/F3652E81/2DA244A0416711EC870A307CD8A014CE/gTFk5TXfWxtD-PpuIl3Q-pjPb-0.mft
rsync://rpki.afrinic.net/repository/afrinic/gTFk5TXfWxtD-PpuIl3Q-pjPb-0.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 28 Mar 2026 00:07:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1637 (0x665)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3652E81AF, serialNumber=813164E535DF5B1B43F8FA6E225DD0FA98CF6FED
Validity
Not Before: Mar 11 14:11:51 2026 GMT
Not After : Dec 31 14:11:51 2049 GMT
Subject: CN=69b1782c-7b84
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:a7:70:8b:f0:48:88:9c:af:b4:a6:a3:5d:26:
bc:61:3b:59:6a:04:88:b1:15:f0:4e:83:97:c1:e8:
f0:a9:7e:21:24:7d:a1:82:71:96:83:df:ed:d4:1e:
2c:fb:90:8b:c4:de:d9:47:ed:1e:6a:a9:8c:c3:b8:
8d:bd:16:26:e5:0a:ab:e0:11:10:a8:ff:47:aa:57:
32:63:54:e8:bd:02:6a:08:71:1c:03:d8:0c:26:5b:
8c:c8:64:2e:63:a1:0d:b1:cf:db:d3:33:a3:95:5d:
e2:1e:04:7f:9d:16:d5:ea:57:44:b1:58:89:2e:bf:
f9:dc:9c:12:41:58:a6:7c:0e:45:dc:9e:78:37:63:
6a:17:4e:1f:42:ed:50:a2:b8:00:ae:69:f6:43:c4:
ec:25:92:48:00:39:ed:9a:37:d2:56:f9:db:68:40:
7c:48:a0:f7:00:2a:81:78:a7:70:d6:27:76:9e:b5:
85:ca:c8:88:5d:02:d0:7c:17:44:3c:7f:6f:b6:70:
5d:e5:76:07:f8:eb:8f:5a:1e:d5:86:88:6a:13:5e:
bd:10:0a:c2:d5:d2:8e:23:05:47:82:c7:17:1a:60:
c7:50:a6:c4:ce:6d:62:36:8e:77:25:c5:d3:bd:32:
67:26:25:3c:7f:8e:c7:b1:53:29:96:8b:1e:3f:9b:
3d:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
26:4E:F8:CA:33:3E:17:A6:F4:58:FE:8C:01:68:F2:19:E8:A4:0C:A6
X509v3 Authority Key Identifier:
keyid:81:31:64:E5:35:DF:5B:1B:43:F8:FA:6E:22:5D:D0:FA:98:CF:6F:ED
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3652E81/2DA244A0416711EC870A307CD8A014CE/gTFk5TXfWxtD-PpuIl3Q-pjPb-0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/gTFk5TXfWxtD-PpuIl3Q-pjPb-0.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3652E81/2DA244A0416711EC870A307CD8A014CE/4271F39E1D5411F1A0107AC5DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
196.13.70.0/24
196.13.79.0/24
IPv6:
2c0f:f440::/32
Signature Algorithm: sha256WithRSAEncryption
6f:0b:e3:41:28:03:0c:df:b6:93:fb:22:c9:91:d8:49:96:e8:
3e:e6:9a:f1:b3:ba:1d:99:f8:46:d1:ba:3b:dd:3c:7f:de:f9:
ea:52:13:c0:72:7d:d6:6f:8a:22:f6:39:84:f3:5e:6d:a3:20:
21:3d:92:a2:41:87:eb:78:03:b1:3d:ca:b7:52:47:b8:c7:2c:
3d:5d:fb:9d:b4:94:0b:da:43:c0:58:6d:b6:68:e3:91:22:a0:
6e:13:a8:8d:79:d8:74:4f:4a:d9:b3:8a:7c:7b:a5:17:65:6c:
29:dc:b2:cd:26:b4:a1:3b:da:74:6d:e7:97:84:b5:b9:a0:53:
e1:b6:5b:e4:ff:a0:a2:ce:77:52:11:e4:4f:dc:3e:3a:87:69:
b5:74:8f:a2:e6:da:5e:c4:b6:b4:16:e8:ea:7e:3e:a1:e6:35:
91:6f:8d:8b:d8:a6:11:a4:ef:7a:68:d1:b2:b8:40:dd:6d:e7:
4c:8a:20:74:e8:95:44:aa:a4:63:b3:f0:23:8c:a0:c0:13:e7:
bf:c4:d8:ae:6b:ba:f5:dd:4a:f8:ec:73:50:7a:e4:04:73:f8:
c9:77:3a:54:19:5a:f0:03:2c:17:ad:cf:2a:9b:7c:79:c8:b2:
6b:ce:6c:40:92:fc:a8:26:18:6c:89:d4:77:e2:33:e7:35:25:
86:55:b2:1a
-----BEGIN CERTIFICATE-----
MIIFmDCCBICgAwIBAgICBmUwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
NTJFODFBRjExMC8GA1UEBRMoODEzMTY0RTUzNURGNUIxQjQzRjhGQTZFMjI1REQw
RkE5OENGNkZFRDAeFw0yNjAzMTExNDExNTFaFw00OTEyMzExNDExNTFaMBgxFjAU
BgNVBAMTDTY5YjE3ODJjLTdiODQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDFp3CL8EiInK+0pqNdJrxhO1lqBIixFfBOg5fB6PCpfiEkfaGCcZaD3+3U
Hiz7kIvE3tlH7R5qqYzDuI29FiblCqvgERCo/0eqVzJjVOi9AmoIcRwD2AwmW4zI
ZC5joQ2xz9vTM6OVXeIeBH+dFtXqV0SxWIkuv/ncnBJBWKZ8DkXcnng3Y2oXTh9C
7VCiuACuafZDxOwlkkgAOe2aN9JW+dtoQHxIoPcAKoF4p3DWJ3aetYXKyIhdAtB8
F0Q8f2+2cF3ldgf4649aHtWGiGoTXr0QCsLV0o4jBUeCxxcaYMdQpsTObWI2jncl
xdO9MmcmJTx/jsexUymWix4/mz3xAgMBAAGjggK6MIICtjAdBgNVHQ4EFgQUJk74
yjM+F6b0WP6MAWjyGeikDKYwHwYDVR0jBBgwFoAUgTFk5TXfWxtD+PpuIl3Q+pjP
b+0wDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjUyRTgxLzJEQTI0NEEwNDE2NzExRUM4NzBBMzA3Q0Q4QTAxNENFL2dURms1
VFhmV3h0RC1QcHVJbDNRLXBqUGItMC5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL2dURms1VFhmV3h0RC1QcHVJbDNRLXBqUGItMC5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjUyRTgxLzJEQTI0NEEwNDE2NzExRUM4NzBBMzA3Q0Q4
QTAxNENFLzQyNzFGMzlFMUQ1NDExRjFBMDEwN0FDNURBRTRFQzlDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwNAYIKwYBBQUHAQcBAf8EJTAjMBIEAgABMAwDBADEDUYDBADEDU8wDQQCAAIw
BwMFACwP9EAwDQYJKoZIhvcNAQELBQADggEBAG8L40EoAwzftpP7IsmR2EmW6D7m
mvGzuh2Z+EbRujvdPH/e+epSE8ByfdZviiL2OYTzXm2jICE9kqJBh+t4A7E9yrdS
R7jHLD1d+520lAvaQ8BYbbZo45EioG4TqI152HRPStmzinx7pRdlbCncss0mtKE7
2nRt55eEtbmgU+G2W+T/oKLOd1IR5E/cPjqHabV0j6Lm2l7EtrQW6Op+PqHmNZFv
jYvYphGk73po0bK4QN1t50yKIHTolUSqpGOz8COMoMAT57/E2K5ruvXdSvjsc1B6
5ARz+Ml3OlQZWvADLBetzyqbfHnIsmvObECS/KgmGGyJ1HfiM+c1JYZVsho=
-----END CERTIFICATE-----
Generated at Thu Mar 26 15:26:03 2026 by rpki-client