Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3683A54/5C3677F21F7811EC9A12311AD8A014CE/8B40C2F2243A11F1A0BEB48ADAE4EC9C.roa
File: 8B40C2F2243A11F1A0BEB48ADAE4EC9C.roa (raw, json)
Hash identifier: 3620Wsxd/t0/oMKvGDVNw2kGd63Qxyzn+iydXrHbac4=
Subject key identifier: 3E:47:7B:65:75:38:7B:EB:78:9B:3B:96:DE:E1:0A:21:E8:58:D8:88
Certificate issuer: /CN=F3683A54AF/serialNumber=91733293FC6350AEDFBA75A916FFF41B515ECF4C
Certificate serial: 0696
Authority key identifier: 91:73:32:93:FC:63:50:AE:DF:BA:75:A9:16:FF:F4:1B:51:5E:CF:4C
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/kXMyk_xjUK7funWpFv_0G1Fez0w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3683A54/5C3677F21F7811EC9A12311AD8A014CE/8B40C2F2243A11F1A0BEB48ADAE4EC9C.roa
Signing time: Fri 20 Mar 2026 08:55:29 +0000
ROA not before: Fri 20 Mar 2026 08:55:24 +0000
ROA not after: Wed 19 Mar 2036 08:55:24 +0000
asID: 36924
IP address blocks: 102.203.8.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F3683A54/5C3677F21F7811EC9A12311AD8A014CE/kXMyk_xjUK7funWpFv_0G1Fez0w.crl
rsync://rpki.afrinic.net/repository/member_repository/F3683A54/5C3677F21F7811EC9A12311AD8A014CE/kXMyk_xjUK7funWpFv_0G1Fez0w.mft
rsync://rpki.afrinic.net/repository/afrinic/kXMyk_xjUK7funWpFv_0G1Fez0w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 28 Mar 2026 00:07:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1686 (0x696)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3683A54AF, serialNumber=91733293FC6350AEDFBA75A916FFF41B515ECF4C
Validity
Not Before: Mar 20 08:55:24 2026 GMT
Not After : Mar 19 08:55:24 2036 GMT
Subject: CN=69bd0b81-0397
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f1:00:68:58:6e:36:78:18:79:70:8e:19:c2:e6:
32:c1:f3:09:d6:3b:34:8e:c9:7c:c6:29:a2:d3:fb:
37:06:d1:12:ef:70:d4:d1:c5:9c:91:64:7e:ae:16:
1f:0a:aa:c2:61:34:20:80:bf:5e:ba:0c:ca:d7:fe:
7e:1b:d0:8f:58:be:f4:93:d1:95:b8:66:d5:7c:22:
c3:0b:62:c9:91:70:dc:fe:e4:d3:7e:d0:27:fd:ae:
fc:ac:7c:e4:92:3b:67:6e:7c:9f:d8:d2:77:eb:45:
87:bd:db:07:9a:ea:f7:60:9c:1a:e5:c0:14:22:b7:
b9:6d:8f:14:8d:01:ff:c0:ae:14:44:34:ff:13:5c:
a7:7c:11:03:73:1d:39:7b:15:c1:79:06:66:53:56:
39:93:fa:b1:47:2d:f2:6d:e2:80:48:d5:09:78:9a:
83:d2:04:31:75:f7:a6:af:ef:98:13:7c:c1:6b:1d:
0d:f6:3e:58:47:1b:2a:19:d8:db:a6:c8:ca:85:bc:
5f:bc:6e:c2:96:bf:a7:a5:90:97:ca:79:28:e3:49:
34:53:a3:1f:15:33:9a:9f:4b:04:13:30:92:d9:66:
d2:ff:9b:85:83:cb:85:cf:63:ed:0c:b7:e4:2b:07:
39:f9:e2:49:fd:5e:bf:dc:ce:f9:1d:ed:8d:9a:94:
57:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:47:7B:65:75:38:7B:EB:78:9B:3B:96:DE:E1:0A:21:E8:58:D8:88
X509v3 Authority Key Identifier:
keyid:91:73:32:93:FC:63:50:AE:DF:BA:75:A9:16:FF:F4:1B:51:5E:CF:4C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3683A54/5C3677F21F7811EC9A12311AD8A014CE/kXMyk_xjUK7funWpFv_0G1Fez0w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/kXMyk_xjUK7funWpFv_0G1Fez0w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3683A54/5C3677F21F7811EC9A12311AD8A014CE/8B40C2F2243A11F1A0BEB48ADAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.203.8.0/22
Signature Algorithm: sha256WithRSAEncryption
26:47:3a:27:20:ad:33:7a:97:b8:d2:d1:92:88:42:f6:73:a4:
6a:a5:cc:10:58:43:f6:93:a6:35:50:7e:12:df:70:bd:de:ce:
72:51:bf:f3:63:1f:f8:78:f2:01:03:2b:90:43:d1:a6:d7:1d:
a0:67:31:35:ac:c8:d6:be:0a:cd:2d:93:85:cb:d9:d7:c8:9f:
b9:9b:aa:a4:3d:29:87:1c:85:91:eb:73:b7:c2:5b:69:33:1d:
1a:da:db:a2:94:44:7f:ee:4c:4f:57:35:16:73:92:87:9b:dd:
91:a9:bd:f7:68:67:98:88:77:14:a9:59:be:e1:65:e6:17:c8:
7d:a3:cf:f0:21:b6:1e:e0:bc:e8:34:98:ce:f8:53:48:c0:3c:
8e:3e:0f:31:33:af:e0:e0:8f:b3:6f:08:23:7b:64:56:c4:1c:
7b:c3:93:7a:f2:02:b9:eb:f4:47:e6:88:d1:14:02:7a:cb:62:
d8:05:61:c8:2b:46:a7:5f:9e:92:28:a1:65:02:5c:70:f2:09:
f9:3f:26:59:43:a2:16:09:75:9f:05:f7:a6:4b:d2:78:8c:b5:
56:23:d8:b3:32:56:eb:4f:34:40:ca:6b:e9:f7:4d:40:d0:40:
f7:7d:4e:31:13:be:b6:21:75:62:02:bc:72:4c:00:2a:b1:38:
c0:d8:bd:4c
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICBpYwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
ODNBNTRBRjExMC8GA1UEBRMoOTE3MzMyOTNGQzYzNTBBRURGQkE3NUE5MTZGRkY0
MUI1MTVFQ0Y0QzAeFw0yNjAzMjAwODU1MjRaFw0zNjAzMTkwODU1MjRaMBgxFjAU
BgNVBAMTDTY5YmQwYjgxLTAzOTcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDxAGhYbjZ4GHlwjhnC5jLB8wnWOzSOyXzGKaLT+zcG0RLvcNTRxZyRZH6u
Fh8KqsJhNCCAv166DMrX/n4b0I9YvvST0ZW4ZtV8IsMLYsmRcNz+5NN+0Cf9rvys
fOSSO2dufJ/Y0nfrRYe92wea6vdgnBrlwBQit7ltjxSNAf/ArhRENP8TXKd8EQNz
HTl7FcF5BmZTVjmT+rFHLfJt4oBI1Ql4moPSBDF196av75gTfMFrHQ32PlhHGyoZ
2NumyMqFvF+8bsKWv6elkJfKeSjjSTRTox8VM5qfSwQTMJLZZtL/m4WDy4XPY+0M
t+QrBzn54kn9Xr/czvkd7Y2alFchAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUPkd7
ZXU4e+t4mzuW3uEKIehY2IgwHwYDVR0jBBgwFoAUkXMyk/xjUK7funWpFv/0G1Fe
z0wwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjgzQTU0LzVDMzY3N0YyMUY3ODExRUM5QTEyMzExQUQ4QTAxNENFL2tYTXlr
X3hqVUs3ZnVuV3BGdl8wRzFGZXowdy5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL2tYTXlrX3hqVUs3ZnVuV3BGdl8wRzFGZXowdy5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjgzQTU0LzVDMzY3N0YyMUY3ODExRUM5QTEyMzExQUQ4
QTAxNENFLzhCNDBDMkYyMjQzQTExRjFBMEJFQjQ4QURBRTRFQzlDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAJmywgwDQYJKoZIhvcNAQEL
BQADggEBACZHOicgrTN6l7jS0ZKIQvZzpGqlzBBYQ/aTpjVQfhLfcL3eznJRv/Nj
H/h48gEDK5BD0abXHaBnMTWsyNa+Cs0tk4XL2dfIn7mbqqQ9KYcchZHrc7fCW2kz
HRra26KURH/uTE9XNRZzkoeb3ZGpvfdoZ5iIdxSpWb7hZeYXyH2jz/Ahth7gvOg0
mM74U0jAPI4+DzEzr+Dgj7NvCCN7ZFbEHHvDk3ryArnr9EfmiNEUAnrLYtgFYcgr
RqdfnpIooWUCXHDyCfk/JllDohYJdZ8F96ZL0niMtVYj2LMyVutPNEDKa+n3TUDQ
QPd9TjETvrYhdWICvHJMACqxOMDYvUw=
-----END CERTIFICATE-----
Generated at Thu Mar 26 18:41:29 2026 by rpki-client