Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3679532/7DD45604C38E11F08BF6B3C7DAE4EC9C/4416D8561D5211F1B09D5DBBDAE4EC9C.roa
File: 4416D8561D5211F1B09D5DBBDAE4EC9C.roa (raw, json)
Hash identifier: bnSYCKQteOzcDcNEFoo+uV3o4TGvuGUdVsiVEGgqdbo=
Subject key identifier: DE:B1:1B:33:AE:0A:65:37:AE:E4:50:85:F2:89:32:93:5F:93:9A:A2
Certificate issuer: /CN=F3679532AF/serialNumber=CE462DB6D911EE64D9C44CB8108D13E03C5A64D5
Certificate serial: 7A
Authority key identifier: CE:46:2D:B6:D9:11:EE:64:D9:C4:4C:B8:10:8D:13:E0:3C:5A:64:D5
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/zkYtttkR7mTZxEy4EI0T4DxaZNU.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3679532/7DD45604C38E11F08BF6B3C7DAE4EC9C/4416D8561D5211F1B09D5DBBDAE4EC9C.roa
Signing time: Wed 11 Mar 2026 13:57:39 +0000
ROA not before: Wed 11 Mar 2026 13:57:35 +0000
ROA not after: Thu 11 Mar 2027 13:57:35 +0000
asID: 328479
IP address blocks: 102.69.232.0/22 maxlen: 22
102.69.232.0/24 maxlen: 24
102.69.233.0/24 maxlen: 24
102.69.234.0/24 maxlen: 24
102.69.235.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F3679532/7DD45604C38E11F08BF6B3C7DAE4EC9C/zkYtttkR7mTZxEy4EI0T4DxaZNU.crl
rsync://rpki.afrinic.net/repository/member_repository/F3679532/7DD45604C38E11F08BF6B3C7DAE4EC9C/zkYtttkR7mTZxEy4EI0T4DxaZNU.mft
rsync://rpki.afrinic.net/repository/afrinic/zkYtttkR7mTZxEy4EI0T4DxaZNU.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 28 Mar 2026 00:07:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 122 (0x7a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3679532AF, serialNumber=CE462DB6D911EE64D9C44CB8108D13E03C5A64D5
Validity
Not Before: Mar 11 13:57:35 2026 GMT
Not After : Mar 11 13:57:35 2027 GMT
Subject: CN=69b174d3-62bb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:ac:c3:89:7d:23:1e:ff:f6:b6:15:0d:69:03:
a1:08:53:bc:f4:c4:06:f4:a0:5e:21:7e:99:b7:5c:
f5:57:0f:88:b9:96:46:c8:8f:00:2e:e6:8f:e4:ce:
44:e7:5d:9b:55:82:71:1c:08:55:c5:40:0b:d0:b5:
77:b1:ee:14:b4:0f:49:55:33:f7:e7:d0:db:b3:48:
83:7d:83:a9:41:6d:ce:49:fe:9b:8c:37:5b:0b:a6:
ea:b0:e5:6e:72:18:a5:38:57:97:68:b6:0b:6f:57:
80:53:a6:74:7f:d6:1f:86:f9:17:86:f9:a0:26:3e:
db:fa:a1:4c:39:f4:c2:e3:4a:d9:82:47:ec:f8:7f:
54:46:1a:55:45:ff:55:ba:64:b8:d1:dd:3c:15:41:
88:c6:cf:5f:bf:ea:fa:8f:1f:c1:34:3f:83:bd:c1:
e0:05:27:47:10:b9:3c:f0:f4:a4:b9:2a:96:40:a5:
71:df:f7:15:3d:62:10:e2:c0:58:f5:4f:fe:e1:de:
89:bf:03:8c:0d:b0:60:5f:fc:ea:d2:39:82:c4:0c:
49:d4:15:4e:f7:20:44:ab:76:ed:b2:4d:04:a9:1f:
14:d5:4c:c3:28:a5:53:83:f8:c5:6e:d0:d4:19:d6:
9d:73:4d:16:13:7a:bd:62:3d:4d:d8:d9:55:79:8d:
2a:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:B1:1B:33:AE:0A:65:37:AE:E4:50:85:F2:89:32:93:5F:93:9A:A2
X509v3 Authority Key Identifier:
keyid:CE:46:2D:B6:D9:11:EE:64:D9:C4:4C:B8:10:8D:13:E0:3C:5A:64:D5
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3679532/7DD45604C38E11F08BF6B3C7DAE4EC9C/zkYtttkR7mTZxEy4EI0T4DxaZNU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/zkYtttkR7mTZxEy4EI0T4DxaZNU.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3679532/7DD45604C38E11F08BF6B3C7DAE4EC9C/4416D8561D5211F1B09D5DBBDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.69.232.0/22
Signature Algorithm: sha256WithRSAEncryption
6a:7d:57:c6:3c:39:4c:43:3b:1e:9f:15:f6:f9:0a:d8:08:3a:
0a:11:87:37:f1:01:ee:9a:8f:6e:7f:b3:7b:47:78:0f:c0:5e:
a8:e5:77:d7:ea:19:8c:d7:80:32:f2:4c:55:04:c2:12:ae:d5:
cb:b4:7e:0b:4a:6b:38:e1:3e:ce:aa:cf:d4:7d:88:0a:99:14:
38:39:fd:6b:76:d0:37:2f:53:e5:6f:ad:07:04:d5:c2:40:78:
b8:4d:7e:5c:46:f3:2a:96:6c:36:c3:5d:32:fc:7c:c5:4b:09:
2e:07:6d:cd:05:b2:cd:a4:71:ba:02:b0:36:ba:96:bb:f6:f6:
6a:39:84:aa:0e:03:e9:e7:9c:59:2f:d4:c6:8e:ed:20:84:71:
6b:c7:4f:20:1c:16:8e:b8:68:94:b8:c1:7a:cd:a1:84:f0:96:
10:b6:9b:45:09:2d:09:1c:19:10:8c:e0:c7:0f:df:c2:02:dc:
0b:d9:80:fb:4e:26:6f:cb:64:95:1d:ae:0d:1f:22:77:60:fc:
b1:c8:ae:3b:54:13:38:b3:4f:ee:96:89:80:a9:3f:c7:dc:1f:
42:a3:8a:85:a8:46:89:e7:86:e5:f7:32:26:5e:80:93:77:50:
08:43:da:bf:08:ef:56:d6:d8:a0:b7:2b:a6:19:57:97:b6:5c:
9f:11:bf:a8
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgIBejANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzY3
OTUzMkFGMTEwLwYDVQQFEyhDRTQ2MkRCNkQ5MTFFRTY0RDlDNDRDQjgxMDhEMTNF
MDNDNUE2NEQ1MB4XDTI2MDMxMTEzNTczNVoXDTI3MDMxMTEzNTczNVowGDEWMBQG
A1UEAxMNNjliMTc0ZDMtNjJiYjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKesw4l9Ix7/9rYVDWkDoQhTvPTEBvSgXiF+mbdc9VcPiLmWRsiPAC7mj+TO
ROddm1WCcRwIVcVAC9C1d7HuFLQPSVUz9+fQ27NIg32DqUFtzkn+m4w3Wwum6rDl
bnIYpThXl2i2C29XgFOmdH/WH4b5F4b5oCY+2/qhTDn0wuNK2YJH7Ph/VEYaVUX/
VbpkuNHdPBVBiMbPX7/q+o8fwTQ/g73B4AUnRxC5PPD0pLkqlkClcd/3FT1iEOLA
WPVP/uHeib8DjA2wYF/86tI5gsQMSdQVTvcgRKt27bJNBKkfFNVMwyilU4P4xW7Q
1BnWnXNNFhN6vWI9TdjZVXmNKmcCAwEAAaOCAqUwggKhMB0GA1UdDgQWBBTesRsz
rgplN67kUIXyiTKTX5OaojAfBgNVHSMEGDAWgBTORi222RHuZNnETLgQjRPgPFpk
1TAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2Nzk1MzIvN0RENDU2MDRDMzhFMTFGMDhCRjZCM0M3REFFNEVDOUMvemtZdHR0
a1I3bVRaeEV5NEVJMFQ0RHhhWk5VLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvemtZdHR0a1I3bVRaeEV5NEVJMFQ0RHhhWk5VLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2Nzk1MzIvN0RENDU2MDRDMzhFMTFGMDhCRjZCM0M3REFF
NEVDOUMvNDQxNkQ4NTYxRDUyMTFGMUIwOUQ1REJCREFFNEVDOUMucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAmZF6DANBgkqhkiG9w0BAQsF
AAOCAQEAan1Xxjw5TEM7Hp8V9vkK2Ag6ChGHN/EB7pqPbn+ze0d4D8BeqOV31+oZ
jNeAMvJMVQTCEq7Vy7R+C0prOOE+zqrP1H2ICpkUODn9a3bQNy9T5W+tBwTVwkB4
uE1+XEbzKpZsNsNdMvx8xUsJLgdtzQWyzaRxugKwNrqWu/b2ajmEqg4D6eecWS/U
xo7tIIRxa8dPIBwWjrholLjBes2hhPCWELabRQktCRwZEIzgxw/fwgLcC9mA+04m
b8tklR2uDR8id2D8sciuO1QTOLNP7paJgKk/x9wfQqOKhahGieeG5fcyJl6Ak3dQ
CEPavwjvVtbYoLcrphlXl7ZcnxG/qA==
-----END CERTIFICATE-----
Generated at Fri Mar 27 00:06:37 2026 by rpki-client