Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3662367/B4508CE8082011ED828588F7F1222468/5360D7AE189211F19AFD138CDAE4EC9C.roa
File: 5360D7AE189211F19AFD138CDAE4EC9C.roa (raw, json)
Hash identifier: 5kRmyHtZRcaeGU4ILxEdFGVfX+Za3u6NPetv91VJohw=
Subject key identifier: F1:C4:56:CC:F3:0D:B7:0B:6A:55:AA:36:A5:14:E8:73:A2:80:F1:8D
Certificate issuer: /CN=F3662367AF/serialNumber=0BD00848F838FD90B99EDC37690720955FB00906
Certificate serial: 0572
Authority key identifier: 0B:D0:08:48:F8:38:FD:90:B9:9E:DC:37:69:07:20:95:5F:B0:09:06
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/C9AISPg4_ZC5ntw3aQcglV-wCQY.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3662367/B4508CE8082011ED828588F7F1222468/5360D7AE189211F19AFD138CDAE4EC9C.roa
Signing time: Thu 05 Mar 2026 12:53:37 +0000
ROA not before: Thu 05 Mar 2026 12:53:32 +0000
ROA not after: Wed 05 Mar 2036 12:53:32 +0000
asID: 328178
IP address blocks: 102.212.16.0/22 maxlen: 24
102.217.20.0/22 maxlen: 24
2c0f:f1c0::/32 maxlen: 36
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F3662367/B4508CE8082011ED828588F7F1222468/C9AISPg4_ZC5ntw3aQcglV-wCQY.crl
rsync://rpki.afrinic.net/repository/member_repository/F3662367/B4508CE8082011ED828588F7F1222468/C9AISPg4_ZC5ntw3aQcglV-wCQY.mft
rsync://rpki.afrinic.net/repository/afrinic/C9AISPg4_ZC5ntw3aQcglV-wCQY.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 28 Mar 2026 00:07:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1394 (0x572)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3662367AF, serialNumber=0BD00848F838FD90B99EDC37690720955FB00906
Validity
Not Before: Mar 5 12:53:32 2026 GMT
Not After : Mar 5 12:53:32 2036 GMT
Subject: CN=69a97cd1-fe2e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:72:d0:e9:6d:7c:2c:24:51:3d:fb:37:ca:2a:
f8:c1:95:52:a7:c5:41:81:9a:1f:38:7d:c6:19:73:
d4:50:5b:a2:06:7d:1f:b4:f1:62:20:8c:2d:5f:1b:
66:9e:cd:26:32:f3:3e:84:97:80:ed:e6:c4:60:4e:
e3:e6:f6:49:1d:cc:a1:2c:29:d0:d6:2b:81:74:c8:
fa:30:a0:87:2a:11:d5:2d:ee:65:11:5b:e9:58:71:
c7:2e:dd:86:01:88:e2:d4:13:40:c7:75:9b:b2:35:
62:a8:c7:d0:82:24:36:2b:84:ef:0a:8a:7f:a4:97:
66:fc:29:07:17:5d:1b:72:b5:2b:a4:1a:d9:12:6a:
8b:16:71:5c:7e:a8:86:02:72:60:e9:59:71:44:62:
ff:2e:48:c1:f8:1c:5f:73:ac:78:a6:2d:c6:b9:1c:
0b:ec:ab:30:b1:3f:ee:b6:2c:9a:0b:fe:3f:e8:81:
08:df:c2:e8:18:63:70:77:fb:39:98:c0:b7:31:48:
1a:55:3f:a6:17:ce:af:6a:8a:10:83:f0:d2:f2:a2:
47:30:7e:75:50:f5:6b:7c:8c:e4:07:e2:c8:9c:e8:
a6:63:37:55:90:a6:af:b2:53:40:30:0c:2c:31:07:
4e:20:7c:59:10:c1:7c:dd:85:7a:d8:1b:46:00:4d:
af:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:C4:56:CC:F3:0D:B7:0B:6A:55:AA:36:A5:14:E8:73:A2:80:F1:8D
X509v3 Authority Key Identifier:
keyid:0B:D0:08:48:F8:38:FD:90:B9:9E:DC:37:69:07:20:95:5F:B0:09:06
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3662367/B4508CE8082011ED828588F7F1222468/C9AISPg4_ZC5ntw3aQcglV-wCQY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/C9AISPg4_ZC5ntw3aQcglV-wCQY.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3662367/B4508CE8082011ED828588F7F1222468/5360D7AE189211F19AFD138CDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.212.16.0/22
102.217.20.0/22
IPv6:
2c0f:f1c0::/32
Signature Algorithm: sha256WithRSAEncryption
a8:4b:92:6d:20:13:18:e4:64:61:a1:b5:0d:fa:09:ad:6d:2b:
87:38:d3:a5:55:63:a1:c0:7c:65:e7:5e:a5:21:93:15:76:19:
e6:79:f5:3d:69:ad:c2:e8:92:9d:f4:fa:6a:10:ca:67:4e:6a:
43:1c:d5:b9:1d:00:15:07:39:48:1b:c9:9a:4c:16:e9:87:b1:
8e:00:82:e2:36:7a:23:71:ef:12:a6:4a:54:7a:8d:1e:82:99:
ab:3a:26:61:8c:0a:60:b2:f1:70:d7:d8:e7:d7:f2:0f:0c:d9:
ee:d4:3a:0f:09:ba:de:6d:46:2c:76:be:86:77:b3:74:0d:43:
52:fa:59:13:5a:ba:fa:05:54:6b:81:b1:c3:05:10:ee:51:ca:
ca:82:e3:fd:ec:70:2e:7a:d9:04:11:7d:f5:2b:3d:ae:ee:48:
d5:7e:77:0b:a1:89:f8:00:29:73:89:d2:5e:a9:cb:82:5a:00:
5a:2b:c2:56:40:00:18:37:68:91:ba:6e:3e:02:47:be:4b:c1:
e7:91:a2:2d:dd:3b:c6:a9:79:b0:97:01:0d:a2:8a:50:30:86:
96:94:72:bc:f7:ec:50:f8:c2:ab:4d:e4:48:0f:f0:dd:7b:10:
11:08:01:f5:3c:1e:2a:f0:10:8a:23:bd:10:a8:02:ca:4a:e4:
4b:7a:39:32
-----BEGIN CERTIFICATE-----
MIIFmDCCBICgAwIBAgICBXIwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
NjIzNjdBRjExMC8GA1UEBRMoMEJEMDA4NDhGODM4RkQ5MEI5OUVEQzM3NjkwNzIw
OTU1RkIwMDkwNjAeFw0yNjAzMDUxMjUzMzJaFw0zNjAzMDUxMjUzMzJaMBgxFjAU
BgNVBAMTDTY5YTk3Y2QxLWZlMmUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDmctDpbXwsJFE9+zfKKvjBlVKnxUGBmh84fcYZc9RQW6IGfR+08WIgjC1f
G2aezSYy8z6El4Dt5sRgTuPm9kkdzKEsKdDWK4F0yPowoIcqEdUt7mURW+lYcccu
3YYBiOLUE0DHdZuyNWKox9CCJDYrhO8Kin+kl2b8KQcXXRtytSukGtkSaosWcVx+
qIYCcmDpWXFEYv8uSMH4HF9zrHimLca5HAvsqzCxP+62LJoL/j/ogQjfwugYY3B3
+zmYwLcxSBpVP6YXzq9qihCD8NLyokcwfnVQ9Wt8jOQH4sic6KZjN1WQpq+yU0Aw
DCwxB04gfFkQwXzdhXrYG0YATa9HAgMBAAGjggK6MIICtjAdBgNVHQ4EFgQU8cRW
zPMNtwtqVao2pRToc6KA8Y0wHwYDVR0jBBgwFoAUC9AISPg4/ZC5ntw3aQcglV+w
CQYwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjYyMzY3L0I0NTA4Q0U4MDgyMDExRUQ4Mjg1ODhGN0YxMjIyNDY4L0M5QUlT
UGc0X1pDNW50dzNhUWNnbFYtd0NRWS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0M5QUlTUGc0X1pDNW50dzNhUWNnbFYtd0NRWS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjYyMzY3L0I0NTA4Q0U4MDgyMDExRUQ4Mjg1ODhGN0Yx
MjIyNDY4LzUzNjBEN0FFMTg5MjExRjE5QUZEMTM4Q0RBRTRFQzlDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwNAYIKwYBBQUHAQcBAf8EJTAjMBIEAgABMAwDBAJm1BADBAJm2RQwDQQCAAIw
BwMFACwP8cAwDQYJKoZIhvcNAQELBQADggEBAKhLkm0gExjkZGGhtQ36Ca1tK4c4
06VVY6HAfGXnXqUhkxV2GeZ59T1prcLokp30+moQymdOakMc1bkdABUHOUgbyZpM
FumHsY4AguI2eiNx7xKmSlR6jR6Cmas6JmGMCmCy8XDX2OfX8g8M2e7UOg8Jut5t
Rix2voZ3s3QNQ1L6WRNauvoFVGuBscMFEO5RysqC4/3scC562QQRffUrPa7uSNV+
dwuhifgAKXOJ0l6py4JaAForwlZAABg3aJG6bj4CR75LweeRoi3dO8apebCXAQ2i
ilAwhpaUcrz37FD4wqtN5EgP8N17EBEIAfU8HirwEIojvRCoAspK5Et6OTI=
-----END CERTIFICATE-----
Generated at Thu Mar 26 16:01:21 2026 by rpki-client