Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F369671E/B069B1587BB111E99DBED243F8AEA228/D8C79F3E1B8211F18515F8AADAE4EC9C.roa
File: D8C79F3E1B8211F18515F8AADAE4EC9C.roa (raw, json)
Hash identifier: mvotxfQuCAYVtuvZF60nRPCy3L7GuZHseVrsuaXjoeU=
Subject key identifier: E9:12:68:36:C2:C3:A5:14:50:8F:34:9B:D9:77:B1:89:26:BC:BA:2E
Certificate issuer: /CN=F369671EAF/serialNumber=23BF045F8B8E9BE838E79DD312CC95ECB8CC610B
Certificate serial: 0A19
Authority key identifier: 23:BF:04:5F:8B:8E:9B:E8:38:E7:9D:D3:12:CC:95:EC:B8:CC:61:0B
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/I78EX4uOm-g4553TEsyV7LjMYQs.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F369671E/B069B1587BB111E99DBED243F8AEA228/D8C79F3E1B8211F18515F8AADAE4EC9C.roa
Signing time: Mon 09 Mar 2026 06:40:22 +0000
ROA not before: Mon 09 Mar 2026 06:40:18 +0000
ROA not after: Fri 01 Mar 2030 06:40:18 +0000
asID: 37172
IP address blocks: 41.76.112.0/21 maxlen: 23
102.207.64.0/22 maxlen: 23
102.213.72.0/22 maxlen: 23
196.250.240.0/21 maxlen: 23
197.231.144.0/21 maxlen: 23
2c0f:ee28::/32 maxlen: 33
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F369671E/B069B1587BB111E99DBED243F8AEA228/I78EX4uOm-g4553TEsyV7LjMYQs.crl
rsync://rpki.afrinic.net/repository/member_repository/F369671E/B069B1587BB111E99DBED243F8AEA228/I78EX4uOm-g4553TEsyV7LjMYQs.mft
rsync://rpki.afrinic.net/repository/afrinic/I78EX4uOm-g4553TEsyV7LjMYQs.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 28 Mar 2026 00:07:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2585 (0xa19)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F369671EAF, serialNumber=23BF045F8B8E9BE838E79DD312CC95ECB8CC610B
Validity
Not Before: Mar 9 06:40:18 2026 GMT
Not After : Mar 1 06:40:18 2030 GMT
Subject: CN=69ae6b56-bd25
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:bd:8b:2e:61:6d:bb:b7:92:ff:19:64:44:89:
93:80:ba:b3:d3:99:d7:68:46:b2:52:0c:27:49:48:
25:fc:79:79:a0:ac:9d:9d:e8:c6:da:25:ff:04:84:
45:59:79:86:4c:69:19:68:c1:15:40:84:10:02:0c:
77:bf:7f:26:45:b5:07:d0:38:16:e8:eb:4e:56:b4:
e0:5c:9a:4b:5f:7d:80:1e:91:8a:d2:b9:5f:59:fd:
a8:6c:fd:b5:1b:63:df:99:e8:0a:aa:72:bb:f1:80:
11:1d:e5:97:09:cd:60:e8:14:22:3d:1d:38:57:54:
9e:ef:cc:9d:20:0f:a5:54:76:b7:8b:bb:f6:6e:5d:
a3:56:33:ea:13:0c:2b:97:eb:9c:32:2b:a6:2f:94:
a7:ef:cb:cc:ed:b4:d7:1e:33:b8:80:e3:9a:99:f2:
1a:89:41:22:77:a4:71:3f:e0:30:65:5f:1b:79:43:
21:eb:d0:38:09:05:98:4b:dd:8e:92:c6:11:dd:c4:
5e:4f:f4:2c:fa:6c:6b:47:90:62:64:52:76:d2:0f:
ae:49:f8:22:16:93:8a:81:98:ea:2b:85:96:d4:93:
14:6d:ab:b1:21:37:00:e0:15:69:84:8c:3b:70:81:
22:df:0d:a2:6e:b0:e8:19:ae:fd:d3:c3:1c:56:06:
e3:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E9:12:68:36:C2:C3:A5:14:50:8F:34:9B:D9:77:B1:89:26:BC:BA:2E
X509v3 Authority Key Identifier:
keyid:23:BF:04:5F:8B:8E:9B:E8:38:E7:9D:D3:12:CC:95:EC:B8:CC:61:0B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F369671E/B069B1587BB111E99DBED243F8AEA228/I78EX4uOm-g4553TEsyV7LjMYQs.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/I78EX4uOm-g4553TEsyV7LjMYQs.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F369671E/B069B1587BB111E99DBED243F8AEA228/D8C79F3E1B8211F18515F8AADAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
41.76.112.0/21
102.207.64.0/22
102.213.72.0/22
196.250.240.0/21
197.231.144.0/21
IPv6:
2c0f:ee28::/32
Signature Algorithm: sha256WithRSAEncryption
a6:7c:cd:a4:09:b0:91:80:fa:d9:f7:3b:59:5a:31:bd:34:9e:
3f:2a:f2:f9:99:6d:04:cc:d4:6f:fb:10:d6:3d:36:46:40:78:
ca:91:0b:c2:6d:55:42:f8:fd:56:fc:a0:75:f2:07:66:07:6c:
a6:55:5b:dd:8b:0c:b3:86:48:d0:6a:46:b6:85:9d:fb:09:29:
ef:17:dc:00:d2:21:ab:7c:5b:29:1a:1e:1c:13:db:46:7c:d6:
dc:9f:a9:54:4f:66:01:39:06:dc:54:51:d7:c0:6b:27:e6:2d:
cf:2c:37:b9:48:d5:7a:a8:e0:2c:b5:e1:b0:52:38:a4:68:e3:
2f:fc:02:cc:af:72:bf:a6:60:70:87:e5:4d:79:55:61:83:33:
70:0d:19:52:7f:b8:2c:a4:1c:29:9c:fc:cd:50:6f:7c:47:e6:
46:ca:98:ee:fa:ab:2e:98:47:44:33:0b:51:11:2c:3e:dc:68:
e9:d5:eb:1e:ac:7e:de:4c:65:10:e1:89:66:34:46:18:7e:e0:
94:a3:4c:d8:83:07:5e:37:63:da:41:6f:74:a5:5b:f7:8b:5f:
b2:56:f3:41:2e:ad:03:71:e0:dc:65:a8:70:ea:02:f3:3f:eb:
4d:d3:b8:08:ce:d5:68:14:c1:8f:fc:21:16:21:3f:ec:c2:5f:
1b:12:82:da
-----BEGIN CERTIFICATE-----
MIIFqjCCBJKgAwIBAgICChkwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
OTY3MUVBRjExMC8GA1UEBRMoMjNCRjA0NUY4QjhFOUJFODM4RTc5REQzMTJDQzk1
RUNCOENDNjEwQjAeFw0yNjAzMDkwNjQwMThaFw0zMDAzMDEwNjQwMThaMBgxFjAU
BgNVBAMTDTY5YWU2YjU2LWJkMjUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQCzvYsuYW27t5L/GWREiZOAurPTmddoRrJSDCdJSCX8eXmgrJ2d6MbaJf8E
hEVZeYZMaRlowRVAhBACDHe/fyZFtQfQOBbo605WtOBcmktffYAekYrSuV9Z/ahs
/bUbY9+Z6AqqcrvxgBEd5ZcJzWDoFCI9HThXVJ7vzJ0gD6VUdreLu/ZuXaNWM+oT
DCuX65wyK6YvlKfvy8zttNceM7iA45qZ8hqJQSJ3pHE/4DBlXxt5QyHr0DgJBZhL
3Y6SxhHdxF5P9Cz6bGtHkGJkUnbSD65J+CIWk4qBmOorhZbUkxRtq7EhNwDgFWmE
jDtwgSLfDaJusOgZrv3TwxxWBuNZAgMBAAGjggLMMIICyDAdBgNVHQ4EFgQU6RJo
NsLDpRRQjzSb2XexiSa8ui4wHwYDVR0jBBgwFoAUI78EX4uOm+g4553TEsyV7LjM
YQswDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjk2NzFFL0IwNjlCMTU4N0JCMTExRTk5REJFRDI0M0Y4QUVBMjI4L0k3OEVY
NHVPbS1nNDU1M1RFc3lWN0xqTVlRcy5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0k3OEVYNHVPbS1nNDU1M1RFc3lWN0xqTVlRcy5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjk2NzFFL0IwNjlCMTU4N0JCMTExRTk5REJFRDI0M0Y4
QUVBMjI4L0Q4Qzc5RjNFMUI4MjExRjE4NTE1RjhBQURBRTRFQzlDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwRgYIKwYBBQUHAQcBAf8ENzA1MCQEAgABMB4DBAMpTHADBAJmz0ADBAJm1UgD
BAPE+vADBAPF55AwDQQCAAIwBwMFACwP7igwDQYJKoZIhvcNAQELBQADggEBAKZ8
zaQJsJGA+tn3O1laMb00nj8q8vmZbQTM1G/7ENY9NkZAeMqRC8JtVUL4/Vb8oHXy
B2YHbKZVW92LDLOGSNBqRraFnfsJKe8X3ADSIat8WykaHhwT20Z81tyfqVRPZgE5
BtxUUdfAayfmLc8sN7lI1Xqo4Cy14bBSOKRo4y/8Asyvcr+mYHCH5U15VWGDM3AN
GVJ/uCykHCmc/M1Qb3xH5kbKmO76qy6YR0QzC1ERLD7caOnV6x6sft5MZRDhiWY0
Rhh+4JSjTNiDB143Y9pBb3SlW/eLX7JW80EurQNx4NxlqHDqAvM/603TuAjO1WgU
wY/8IRYhP+zCXxsSgto=
-----END CERTIFICATE-----
Generated at Thu Mar 26 19:00:46 2026 by rpki-client