Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F369BAF0/129844362CBB11ECB2D8366ED8A014CE/29138D7028CD11F1B1DE07B0DAE4EC9C.roa
File: 29138D7028CD11F1B1DE07B0DAE4EC9C.roa (raw, json)
Hash identifier: FVha578pmV4I0yZsmrJ4PMcD94wqDJGjrVui6FDbj3U=
Subject key identifier: B9:4A:CE:F2:56:0D:2D:8C:75:A3:F5:C7:E3:31:87:D6:4B:08:42:98
Certificate issuer: /CN=F369BAF0AF/serialNumber=27319BFD9C6EC5953E5629599AFFE2D26A9404F2
Certificate serial: 0697
Authority key identifier: 27:31:9B:FD:9C:6E:C5:95:3E:56:29:59:9A:FF:E2:D2:6A:94:04:F2
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JzGb_ZxuxZU-VilZmv_i0mqUBPI.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F369BAF0/129844362CBB11ECB2D8366ED8A014CE/29138D7028CD11F1B1DE07B0DAE4EC9C.roa
Signing time: Thu 26 Mar 2026 04:35:05 +0000
ROA not before: Thu 26 Mar 2026 04:35:00 +0000
ROA not after: Wed 26 Mar 2036 04:35:00 +0000
asID: 328068
IP address blocks: 102.216.232.0/24 maxlen: 24
102.216.233.0/24 maxlen: 24
102.216.234.0/24 maxlen: 24
102.216.235.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F369BAF0/129844362CBB11ECB2D8366ED8A014CE/JzGb_ZxuxZU-VilZmv_i0mqUBPI.crl
rsync://rpki.afrinic.net/repository/member_repository/F369BAF0/129844362CBB11ECB2D8366ED8A014CE/JzGb_ZxuxZU-VilZmv_i0mqUBPI.mft
rsync://rpki.afrinic.net/repository/afrinic/JzGb_ZxuxZU-VilZmv_i0mqUBPI.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 28 Mar 2026 00:07:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1687 (0x697)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F369BAF0AF, serialNumber=27319BFD9C6EC5953E5629599AFFE2D26A9404F2
Validity
Not Before: Mar 26 04:35:00 2026 GMT
Not After : Mar 26 04:35:00 2036 GMT
Subject: CN=69c4b779-d11e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:57:e8:03:82:eb:41:ed:f1:77:da:db:58:fb:
57:c1:e8:8d:9d:11:94:ec:ee:cb:6e:23:3c:05:1e:
6a:fc:4a:76:e3:02:ef:d8:7b:0a:fb:3b:a2:9f:98:
de:fb:ee:92:08:57:f8:75:73:f4:09:df:50:77:5e:
20:13:88:86:65:3f:a8:07:89:f0:e4:06:02:23:53:
24:6f:8c:d2:1c:a1:8c:f6:95:77:2a:d9:e7:46:a1:
c5:95:5f:90:0a:54:c8:7b:32:ae:4c:52:27:f1:67:
d2:b0:03:b5:2b:da:04:21:0d:7f:cd:49:21:b9:e5:
e6:f1:20:be:ce:a3:91:73:d6:fa:4a:b7:1a:fa:13:
4b:44:02:39:4b:22:be:e6:8a:67:49:03:34:a3:f5:
e3:2a:0d:5e:57:2f:6f:15:28:a8:f7:2d:f6:97:a4:
20:9c:e8:be:c7:5d:a9:7e:fb:7c:16:87:8b:5a:98:
8e:62:a2:4d:b6:71:1b:d1:7d:01:d1:da:34:2e:5a:
9d:90:bb:4f:a9:78:1c:8a:16:ec:90:d2:7c:be:0e:
d4:77:ed:5d:29:fb:86:f7:0c:ec:7c:06:f7:ea:e4:
d2:60:0b:bc:d9:45:52:2b:a3:0e:ca:be:f6:c9:83:
46:37:58:f9:b3:03:e5:9b:d2:30:44:26:21:e2:d1:
b2:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:4A:CE:F2:56:0D:2D:8C:75:A3:F5:C7:E3:31:87:D6:4B:08:42:98
X509v3 Authority Key Identifier:
keyid:27:31:9B:FD:9C:6E:C5:95:3E:56:29:59:9A:FF:E2:D2:6A:94:04:F2
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F369BAF0/129844362CBB11ECB2D8366ED8A014CE/JzGb_ZxuxZU-VilZmv_i0mqUBPI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JzGb_ZxuxZU-VilZmv_i0mqUBPI.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F369BAF0/129844362CBB11ECB2D8366ED8A014CE/29138D7028CD11F1B1DE07B0DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.216.232.0/22
Signature Algorithm: sha256WithRSAEncryption
59:d0:3a:52:ce:2f:27:5a:e6:df:ab:2a:26:99:d7:fd:cd:9b:
02:54:76:f9:13:5d:14:3b:24:56:97:09:a0:fa:43:d6:00:ae:
e2:35:ad:be:db:8c:79:0e:2c:c8:d1:cb:8c:4a:d4:75:13:b6:
37:20:8d:40:5b:9f:1d:03:17:56:4d:92:f3:f3:a9:2d:20:61:
cb:55:45:a5:dc:0b:ec:83:90:33:85:3f:c7:28:6a:99:b7:fc:
b0:6c:7a:f4:4a:f4:2b:da:73:30:5e:67:81:76:ec:ac:51:6c:
ad:45:4b:cb:26:59:1d:25:66:10:ae:bc:22:aa:ff:b3:9d:86:
8e:0b:46:da:03:25:74:db:8d:9d:b4:54:db:ad:18:95:88:c6:
f6:51:30:94:d1:fc:2a:34:e0:4e:8d:6e:2e:19:a0:3f:79:35:
ca:7d:ad:bc:1d:86:8f:34:c2:40:e2:cf:3d:bc:23:5f:de:b7:
64:fd:4c:f0:74:9b:86:54:1f:ee:72:95:69:30:87:e8:cb:e7:
ad:8d:58:59:fa:00:eb:03:00:09:d7:34:ee:3b:c2:9c:10:5e:
39:27:01:1e:0a:40:f5:0e:ee:91:e5:ce:86:3d:91:4d:c5:1a:
50:65:59:ab:6c:82:64:5f:f7:32:eb:4f:09:64:09:fc:5e:d7:
c2:1f:73:be
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICBpcwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
OUJBRjBBRjExMC8GA1UEBRMoMjczMTlCRkQ5QzZFQzU5NTNFNTYyOTU5OUFGRkUy
RDI2QTk0MDRGMjAeFw0yNjAzMjYwNDM1MDBaFw0zNjAzMjYwNDM1MDBaMBgxFjAU
BgNVBAMTDTY5YzRiNzc5LWQxMWUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDjV+gDgutB7fF32ttY+1fB6I2dEZTs7stuIzwFHmr8SnbjAu/Yewr7O6Kf
mN777pIIV/h1c/QJ31B3XiATiIZlP6gHifDkBgIjUyRvjNIcoYz2lXcq2edGocWV
X5AKVMh7Mq5MUifxZ9KwA7Ur2gQhDX/NSSG55ebxIL7Oo5Fz1vpKtxr6E0tEAjlL
Ir7mimdJAzSj9eMqDV5XL28VKKj3LfaXpCCc6L7HXal++3wWh4tamI5iok22cRvR
fQHR2jQuWp2Qu0+peByKFuyQ0ny+DtR37V0p+4b3DOx8Bvfq5NJgC7zZRVIrow7K
vvbJg0Y3WPmzA+Wb0jBEJiHi0bKjAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUuUrO
8lYNLYx1o/XH4zGH1ksIQpgwHwYDVR0jBBgwFoAUJzGb/ZxuxZU+VilZmv/i0mqU
BPIwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjlCQUYwLzEyOTg0NDM2MkNCQjExRUNCMkQ4MzY2RUQ4QTAxNENFL0p6R2Jf
Wnh1eFpVLVZpbFptdl9pMG1xVUJQSS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0p6R2JfWnh1eFpVLVZpbFptdl9pMG1xVUJQSS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjlCQUYwLzEyOTg0NDM2MkNCQjExRUNCMkQ4MzY2RUQ4
QTAxNENFLzI5MTM4RDcwMjhDRDExRjFCMURFMDdCMERBRTRFQzlDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAJm2OgwDQYJKoZIhvcNAQEL
BQADggEBAFnQOlLOLyda5t+rKiaZ1/3NmwJUdvkTXRQ7JFaXCaD6Q9YAruI1rb7b
jHkOLMjRy4xK1HUTtjcgjUBbnx0DF1ZNkvPzqS0gYctVRaXcC+yDkDOFP8coapm3
/LBsevRK9CvaczBeZ4F27KxRbK1FS8smWR0lZhCuvCKq/7Odho4LRtoDJXTbjZ20
VNutGJWIxvZRMJTR/Co04E6Nbi4ZoD95Ncp9rbwdho80wkDizz28I1/et2T9TPB0
m4ZUH+5ylWkwh+jL562NWFn6AOsDAAnXNO47wpwQXjknAR4KQPUO7pHlzoY9kU3F
GlBlWatsgmRf9zLrTwlkCfxe18Ifc74=
-----END CERTIFICATE-----
Generated at Thu Mar 26 21:32:09 2026 by rpki-client