Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36A6D8B/FF55D76EB3DC11F0AD0F1FDCDAE4EC9C/B23FF6B4278411F1A38689B3DAE4EC9C.roa
File: B23FF6B4278411F1A38689B3DAE4EC9C.roa (raw, json)
Hash identifier: LO47Ya7O99gQwMPITew91xxQM1GvNNiTnvhJCLpvLr0=
Subject key identifier: 04:80:D9:65:72:55:51:C9:A0:1C:F9:B5:2E:08:0B:55:55:98:10:B3
Certificate issuer: /CN=F36A6D8BAF/serialNumber=45F2E2FDF3113EFC6335757CAF8F5B5EC4ACCDB3
Certificate serial: 9B
Authority key identifier: 45:F2:E2:FD:F3:11:3E:FC:63:35:75:7C:AF:8F:5B:5E:C4:AC:CD:B3
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/RfLi_fMRPvxjNXV8r49bXsSszbM.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36A6D8B/FF55D76EB3DC11F0AD0F1FDCDAE4EC9C/B23FF6B4278411F1A38689B3DAE4EC9C.roa
Signing time: Tue 24 Mar 2026 13:23:51 +0000
ROA not before: Tue 24 Mar 2026 13:23:46 +0000
ROA not after: Tue 24 Jan 2034 13:23:46 +0000
asID: 329643
IP address blocks: 102.204.60.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36A6D8B/FF55D76EB3DC11F0AD0F1FDCDAE4EC9C/RfLi_fMRPvxjNXV8r49bXsSszbM.crl
rsync://rpki.afrinic.net/repository/member_repository/F36A6D8B/FF55D76EB3DC11F0AD0F1FDCDAE4EC9C/RfLi_fMRPvxjNXV8r49bXsSszbM.mft
rsync://rpki.afrinic.net/repository/afrinic/RfLi_fMRPvxjNXV8r49bXsSszbM.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 28 Mar 2026 00:07:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 155 (0x9b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36A6D8BAF, serialNumber=45F2E2FDF3113EFC6335757CAF8F5B5EC4ACCDB3
Validity
Not Before: Mar 24 13:23:46 2026 GMT
Not After : Jan 24 13:23:46 2034 GMT
Subject: CN=69c29067-fb97
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:c9:40:bc:ec:b0:ad:38:d9:78:59:6b:b8:23:
37:02:7a:87:7c:d6:b2:68:57:0d:7a:34:a2:7b:98:
3a:b1:62:1a:65:72:e9:5d:cf:41:5d:8c:ef:64:99:
ec:56:02:ce:13:41:7c:2a:30:44:dc:03:3c:84:f3:
47:f4:94:c0:d7:a4:47:cf:8e:7b:cd:a9:d7:e4:31:
96:00:8e:56:20:63:bb:57:2a:59:37:30:36:24:fb:
96:14:f8:93:e1:ca:07:3d:b8:cb:7b:2e:b6:65:8f:
64:3f:c1:2a:24:1e:b8:56:35:2c:09:db:9b:0d:fa:
2e:fb:aa:96:21:76:f1:d1:35:ea:9e:c2:1d:4b:73:
f4:2d:e8:c0:79:3f:8c:e9:09:49:61:84:78:c1:fe:
3e:72:23:28:df:fe:cc:68:f9:b3:4a:37:42:43:ff:
ee:b1:27:f1:5d:4d:16:02:a3:75:8e:c4:fe:6d:4a:
48:09:32:17:4e:5e:6b:18:79:3b:62:c6:1e:32:2f:
7b:14:e8:b7:ea:ac:26:16:f4:59:38:11:23:71:c8:
56:16:1d:95:9e:63:30:ee:5f:0b:3b:d2:da:04:2d:
ee:d4:6e:6c:1e:e8:28:70:05:c7:dc:03:2b:a6:c8:
c7:62:79:90:2b:36:f1:4e:90:41:83:0d:d9:08:28:
52:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:80:D9:65:72:55:51:C9:A0:1C:F9:B5:2E:08:0B:55:55:98:10:B3
X509v3 Authority Key Identifier:
keyid:45:F2:E2:FD:F3:11:3E:FC:63:35:75:7C:AF:8F:5B:5E:C4:AC:CD:B3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36A6D8B/FF55D76EB3DC11F0AD0F1FDCDAE4EC9C/RfLi_fMRPvxjNXV8r49bXsSszbM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/RfLi_fMRPvxjNXV8r49bXsSszbM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36A6D8B/FF55D76EB3DC11F0AD0F1FDCDAE4EC9C/B23FF6B4278411F1A38689B3DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.204.60.0/22
Signature Algorithm: sha256WithRSAEncryption
04:38:dc:59:d7:52:b2:d9:14:b3:2b:00:42:53:d9:78:16:df:
bc:7a:e4:16:ef:b8:60:95:b1:85:3c:9f:0b:ec:c1:46:ef:81:
40:d5:28:bd:b2:9b:3d:a7:26:62:e1:b7:83:5a:39:36:39:70:
49:b5:e5:29:06:37:d0:3e:d5:a7:44:97:b2:60:0f:b7:83:a9:
e9:59:93:d6:7d:42:5b:15:45:9d:3b:15:58:98:6e:61:2b:ca:
12:c2:f8:ea:7f:61:22:16:80:d0:68:54:1c:1c:06:2d:00:fa:
ef:2e:e9:0d:c6:93:43:ac:33:97:d9:70:c2:2e:b3:14:62:df:
63:a8:10:10:1f:63:94:ed:dd:70:5f:f1:32:ef:63:7c:ea:61:
9f:c6:0b:0f:ac:4c:40:dc:a7:1f:69:8f:cf:7d:08:23:f1:6a:
8e:f7:1e:d5:67:70:d7:d3:53:93:45:1e:0d:c3:88:0c:08:b4:
ab:05:50:01:cb:a4:83:90:a6:05:f3:85:94:d7:a7:ad:74:b9:
c1:5a:c6:a9:23:13:aa:af:9d:a3:c1:22:d9:f7:6d:28:ef:38:
70:d8:76:e0:2f:a8:bc:8c:5b:3e:8e:94:6f:28:f5:3c:b8:a1:
12:f0:a5:d0:0e:bb:1e:09:7c:e2:2f:b6:2a:98:9b:f6:a3:9d:
ae:c8:82:03
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICAJswDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
QTZEOEJBRjExMC8GA1UEBRMoNDVGMkUyRkRGMzExM0VGQzYzMzU3NTdDQUY4RjVC
NUVDNEFDQ0RCMzAeFw0yNjAzMjQxMzIzNDZaFw0zNDAxMjQxMzIzNDZaMBgxFjAU
BgNVBAMTDTY5YzI5MDY3LWZiOTcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDnyUC87LCtONl4WWu4IzcCeod81rJoVw16NKJ7mDqxYhplculdz0FdjO9k
mexWAs4TQXwqMETcAzyE80f0lMDXpEfPjnvNqdfkMZYAjlYgY7tXKlk3MDYk+5YU
+JPhygc9uMt7LrZlj2Q/wSokHrhWNSwJ25sN+i77qpYhdvHRNeqewh1Lc/Qt6MB5
P4zpCUlhhHjB/j5yIyjf/sxo+bNKN0JD/+6xJ/FdTRYCo3WOxP5tSkgJMhdOXmsY
eTtixh4yL3sU6LfqrCYW9Fk4ESNxyFYWHZWeYzDuXws70toELe7Ubmwe6ChwBcfc
AyumyMdieZArNvFOkEGDDdkIKFJ1AgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUBIDZ
ZXJVUcmgHPm1LggLVVWYELMwHwYDVR0jBBgwFoAURfLi/fMRPvxjNXV8r49bXsSs
zbMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNkE2RDhCL0ZGNTVENzZFQjNEQzExRjBBRDBGMUZEQ0RBRTRFQzlDL1JmTGlf
Zk1SUHZ4ak5YVjhyNDliWHNTc3piTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL1JmTGlfZk1SUHZ4ak5YVjhyNDliWHNTc3piTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNkE2RDhCL0ZGNTVENzZFQjNEQzExRjBBRDBGMUZEQ0RB
RTRFQzlDL0IyM0ZGNkI0Mjc4NDExRjFBMzg2ODlCM0RBRTRFQzlDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAJmzDwwDQYJKoZIhvcNAQEL
BQADggEBAAQ43FnXUrLZFLMrAEJT2XgW37x65BbvuGCVsYU8nwvswUbvgUDVKL2y
mz2nJmLht4NaOTY5cEm15SkGN9A+1adEl7JgD7eDqelZk9Z9QlsVRZ07FViYbmEr
yhLC+Op/YSIWgNBoVBwcBi0A+u8u6Q3Gk0OsM5fZcMIusxRi32OoEBAfY5Tt3XBf
8TLvY3zqYZ/GCw+sTEDcpx9pj899CCPxao73HtVncNfTU5NFHg3DiAwItKsFUAHL
pIOQpgXzhZTXp610ucFaxqkjE6qvnaPBItn3bSjvOHDYduAvqLyMWz6OlG8o9Ty4
oRLwpdAOux4JfOIvtiqYm/ajna7IggM=
-----END CERTIFICATE-----
Generated at Thu Mar 26 20:07:01 2026 by rpki-client