Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36A1387/9872DBD6364811EFAFF89080762E951A/32899EC0276611F1A1AA7785DAE4EC9C.roa
File: 32899EC0276611F1A1AA7785DAE4EC9C.roa (raw, json)
Hash identifier: whA6l07HdxCOCGyCXXIQazy2QuFHnMHeyiidkxJj8+Q=
Subject key identifier: 2F:34:3D:3C:00:C9:4E:06:5D:F0:AC:5D:82:15:E3:34:FE:FC:60:89
Certificate issuer: /CN=F36A1387AF/serialNumber=A7776A1BE55AA98C5705FD779C84DD0106FEC582
Certificate serial: 028E
Authority key identifier: A7:77:6A:1B:E5:5A:A9:8C:57:05:FD:77:9C:84:DD:01:06:FE:C5:82
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/p3dqG-VaqYxXBf13nITdAQb-xYI.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36A1387/9872DBD6364811EFAFF89080762E951A/32899EC0276611F1A1AA7785DAE4EC9C.roa
Signing time: Tue 24 Mar 2026 09:45:32 +0000
ROA not before: Tue 24 Mar 2026 09:45:27 +0000
ROA not after: Thu 01 Mar 2040 09:45:27 +0000
asID: 329437
IP address blocks: 102.204.88.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36A1387/9872DBD6364811EFAFF89080762E951A/p3dqG-VaqYxXBf13nITdAQb-xYI.crl
rsync://rpki.afrinic.net/repository/member_repository/F36A1387/9872DBD6364811EFAFF89080762E951A/p3dqG-VaqYxXBf13nITdAQb-xYI.mft
rsync://rpki.afrinic.net/repository/afrinic/p3dqG-VaqYxXBf13nITdAQb-xYI.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 28 Mar 2026 00:07:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 654 (0x28e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36A1387AF, serialNumber=A7776A1BE55AA98C5705FD779C84DD0106FEC582
Validity
Not Before: Mar 24 09:45:27 2026 GMT
Not After : Mar 1 09:45:27 2040 GMT
Subject: CN=69c25d3c-bb9b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:bf:86:bb:6d:05:f1:6b:7d:d7:53:bd:dd:98:
e2:9c:a2:77:8a:26:95:9a:af:6a:46:26:85:70:bc:
1e:34:bd:07:04:5f:75:6e:6b:29:c9:f1:f2:f3:84:
49:f5:2c:91:44:8c:c6:d5:03:81:c5:2c:dc:d7:4c:
2e:89:74:b3:03:ec:ab:59:8f:2c:e9:81:b0:09:97:
bb:0e:ef:f8:24:a2:d0:c9:9c:f0:d3:6c:ed:13:47:
d0:08:04:12:d4:ce:13:81:9a:c3:ca:ab:aa:be:8a:
66:f7:36:08:24:85:90:7e:85:87:5e:e0:d9:86:cd:
d0:85:aa:76:d4:70:d7:6c:3f:38:94:e7:01:76:1b:
0e:e1:4a:35:20:e9:e9:f9:54:d5:0d:01:3c:7f:3a:
c8:53:89:c8:86:4e:6a:fa:ab:94:85:08:f6:f7:24:
7b:c1:45:2e:5b:8d:03:d1:be:22:dd:18:4e:c7:1c:
a7:7e:0f:f7:29:4c:ea:18:79:12:02:ae:d1:05:b0:
c3:bd:00:5e:96:4f:b5:16:95:84:4a:3d:f3:f5:9a:
3c:39:84:09:70:39:f6:0a:f0:ff:dd:59:bc:1e:10:
ab:3e:3f:8c:e7:e4:ec:fa:83:33:94:16:45:b9:7c:
fa:8b:23:6b:67:14:8b:c0:04:f1:3d:bf:1c:2f:f0:
a9:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:34:3D:3C:00:C9:4E:06:5D:F0:AC:5D:82:15:E3:34:FE:FC:60:89
X509v3 Authority Key Identifier:
keyid:A7:77:6A:1B:E5:5A:A9:8C:57:05:FD:77:9C:84:DD:01:06:FE:C5:82
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36A1387/9872DBD6364811EFAFF89080762E951A/p3dqG-VaqYxXBf13nITdAQb-xYI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/p3dqG-VaqYxXBf13nITdAQb-xYI.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36A1387/9872DBD6364811EFAFF89080762E951A/32899EC0276611F1A1AA7785DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.204.88.0/24
Signature Algorithm: sha256WithRSAEncryption
04:c2:7f:98:b6:c2:ba:96:f1:bd:8f:c4:60:a6:8f:d9:8e:dc:
f2:c5:9c:7b:f4:4a:cb:79:12:6b:8d:34:00:03:6d:40:81:bd:
7d:71:82:b5:62:63:9c:8f:4a:f0:25:f3:46:a6:95:8a:54:d5:
ea:05:4b:7a:62:14:bb:a3:80:2d:fc:93:80:94:1d:aa:ab:a5:
18:74:6c:26:24:61:c3:1d:b4:49:7e:86:46:b4:23:58:5c:11:
65:5d:ce:f8:af:4e:a3:a8:06:f2:e1:62:6f:fc:cc:83:e3:16:
96:cf:4a:d8:2d:c3:d9:de:27:99:5e:4b:e8:e6:20:78:4e:a8:
89:06:8d:8b:8d:38:e5:85:81:ba:1d:64:5d:5d:44:4e:c7:8e:
b4:9e:da:d6:e7:05:7e:6a:91:1e:e7:3a:a5:2e:01:2e:e9:fe:
a1:2b:0d:60:ab:6e:6d:df:26:33:88:13:76:1a:9c:c6:79:57:
c9:48:25:87:b2:01:52:ba:95:4c:6e:22:d3:52:fa:af:b7:39:
c1:bc:c7:b2:69:5c:94:b2:b2:26:b8:73:63:b2:fe:72:01:a4:
35:8c:74:20:03:81:f0:c6:aa:b8:6b:4e:a8:07:d5:07:45:52:
d1:b0:c5:05:8c:1c:7b:89:3a:13:a9:d1:f7:d9:6f:66:b6:e7:
e7:be:9d:ca
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICAo4wDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
QTEzODdBRjExMC8GA1UEBRMoQTc3NzZBMUJFNTVBQTk4QzU3MDVGRDc3OUM4NERE
MDEwNkZFQzU4MjAeFw0yNjAzMjQwOTQ1MjdaFw00MDAzMDEwOTQ1MjdaMBgxFjAU
BgNVBAMTDTY5YzI1ZDNjLWJiOWIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDFv4a7bQXxa33XU73dmOKconeKJpWar2pGJoVwvB40vQcEX3VuaynJ8fLz
hEn1LJFEjMbVA4HFLNzXTC6JdLMD7KtZjyzpgbAJl7sO7/gkotDJnPDTbO0TR9AI
BBLUzhOBmsPKq6q+imb3NggkhZB+hYde4NmGzdCFqnbUcNdsPziU5wF2Gw7hSjUg
6en5VNUNATx/OshTiciGTmr6q5SFCPb3JHvBRS5bjQPRviLdGE7HHKd+D/cpTOoY
eRICrtEFsMO9AF6WT7UWlYRKPfP1mjw5hAlwOfYK8P/dWbweEKs+P4zn5Oz6gzOU
FkW5fPqLI2tnFIvABPE9vxwv8KnfAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQULzQ9
PADJTgZd8KxdghXjNP78YIkwHwYDVR0jBBgwFoAUp3dqG+VaqYxXBf13nITdAQb+
xYIwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNkExMzg3Lzk4NzJEQkQ2MzY0ODExRUZBRkY4OTA4MDc2MkU5NTFBL3AzZHFH
LVZhcVl4WEJmMTNuSVRkQVFiLXhZSS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL3AzZHFHLVZhcVl4WEJmMTNuSVRkQVFiLXhZSS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNkExMzg3Lzk4NzJEQkQ2MzY0ODExRUZBRkY4OTA4MDc2
MkU5NTFBLzMyODk5RUMwMjc2NjExRjFBMUFBNzc4NURBRTRFQzlDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABmzFgwDQYJKoZIhvcNAQEL
BQADggEBAATCf5i2wrqW8b2PxGCmj9mO3PLFnHv0Sst5EmuNNAADbUCBvX1xgrVi
Y5yPSvAl80amlYpU1eoFS3piFLujgC38k4CUHaqrpRh0bCYkYcMdtEl+hka0I1hc
EWVdzvivTqOoBvLhYm/8zIPjFpbPStgtw9neJ5leS+jmIHhOqIkGjYuNOOWFgbod
ZF1dRE7HjrSe2tbnBX5qkR7nOqUuAS7p/qErDWCrbm3fJjOIE3YanMZ5V8lIJYey
AVK6lUxuItNS+q+3OcG8x7JpXJSysia4c2Oy/nIBpDWMdCADgfDGqrhrTqgH1QdF
UtGwxQWMHHuJOhOp0ffZb2a25+e+nco=
-----END CERTIFICATE-----
Generated at Thu Mar 26 22:53:12 2026 by rpki-client