Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36A9688/12072FE6FFE811EBB192FB09D8A014CE/944BDCAA1C3E11F19E04AAF5DAE4EC9C.roa
File: 944BDCAA1C3E11F19E04AAF5DAE4EC9C.roa (raw, json)
Hash identifier: /Spr3dkWLzeHjhA4/jneuEhVkXk19YABMTLgIxm7Vko=
Subject key identifier: AC:A0:C0:F0:70:03:1D:CD:54:4C:41:A5:9D:A8:7C:BB:33:67:9B:E8
Certificate issuer: /CN=F36A9688AF/serialNumber=D7AE645AF9E5B6E222AE3E19429974BBD8656941
Certificate serial: 06AE
Authority key identifier: D7:AE:64:5A:F9:E5:B6:E2:22:AE:3E:19:42:99:74:BB:D8:65:69:41
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/165kWvnltuIirj4ZQpl0u9hlaUE.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36A9688/12072FE6FFE811EBB192FB09D8A014CE/944BDCAA1C3E11F19E04AAF5DAE4EC9C.roa
Signing time: Tue 10 Mar 2026 05:04:13 +0000
ROA not before: Tue 10 Mar 2026 05:04:08 +0000
ROA not after: Mon 10 Mar 2036 05:04:08 +0000
asID: 11157
IP address blocks: 196.3.151.0/24 maxlen: 24
2001:43f8:900::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36A9688/12072FE6FFE811EBB192FB09D8A014CE/165kWvnltuIirj4ZQpl0u9hlaUE.crl
rsync://rpki.afrinic.net/repository/member_repository/F36A9688/12072FE6FFE811EBB192FB09D8A014CE/165kWvnltuIirj4ZQpl0u9hlaUE.mft
rsync://rpki.afrinic.net/repository/afrinic/165kWvnltuIirj4ZQpl0u9hlaUE.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 28 Mar 2026 00:07:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1710 (0x6ae)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36A9688AF, serialNumber=D7AE645AF9E5B6E222AE3E19429974BBD8656941
Validity
Not Before: Mar 10 05:04:08 2026 GMT
Not After : Mar 10 05:04:08 2036 GMT
Subject: CN=69afa64d-dd6b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:f1:4d:1a:a8:eb:26:51:2a:f0:9c:d3:8c:c9:
36:a0:11:ef:e5:e5:4d:3c:4f:4d:4d:9b:cd:3d:70:
dc:38:28:b7:eb:f2:47:ac:5d:12:31:af:3e:eb:db:
07:d4:e7:5f:7b:2d:51:17:2c:2f:b3:9e:8b:21:a3:
d6:85:98:59:fe:3d:24:de:c1:38:77:47:77:ec:2a:
19:76:6a:e2:f0:dc:81:08:21:e2:c0:65:e1:9b:de:
8b:5e:37:e8:2c:d0:55:a4:1e:e4:9e:32:f7:01:32:
05:b7:0a:44:72:0e:0f:ab:01:94:d1:ed:b9:29:1b:
d1:b5:b2:61:4a:05:0a:43:a3:4a:f4:2e:e0:cf:01:
80:21:a9:31:55:52:6f:61:cb:8a:47:9c:2b:41:eb:
d1:4b:d9:8d:91:af:42:ab:12:0c:51:74:65:17:13:
15:a1:fe:a7:60:a4:79:0c:db:94:04:5f:22:1b:68:
f7:e2:9f:68:53:c2:89:ee:42:29:b3:31:29:1d:6a:
81:4c:ba:9c:d0:21:c3:65:11:22:57:40:cf:e4:3e:
38:fe:66:b3:51:5d:a3:50:5d:22:ec:ce:0f:ce:23:
cc:fc:49:67:23:f8:69:b6:ab:33:5b:6a:16:45:73:
3e:88:cc:b9:6c:e1:de:e8:8f:23:cf:0b:26:30:43:
8d:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:A0:C0:F0:70:03:1D:CD:54:4C:41:A5:9D:A8:7C:BB:33:67:9B:E8
X509v3 Authority Key Identifier:
keyid:D7:AE:64:5A:F9:E5:B6:E2:22:AE:3E:19:42:99:74:BB:D8:65:69:41
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36A9688/12072FE6FFE811EBB192FB09D8A014CE/165kWvnltuIirj4ZQpl0u9hlaUE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/165kWvnltuIirj4ZQpl0u9hlaUE.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36A9688/12072FE6FFE811EBB192FB09D8A014CE/944BDCAA1C3E11F19E04AAF5DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
196.3.151.0/24
IPv6:
2001:43f8:900::/48
Signature Algorithm: sha256WithRSAEncryption
5b:e4:21:63:6b:6b:dc:58:a3:c1:a0:8e:f2:4b:3c:e7:72:55:
5f:9c:46:ed:b5:48:bc:c4:57:32:1b:21:99:3d:42:f1:a0:51:
00:20:f2:74:f9:7e:6c:45:a9:70:15:8c:71:f8:bd:f2:85:16:
b2:90:92:30:de:46:92:d8:2f:b6:9f:9a:72:76:21:3d:c6:bf:
7a:00:d8:41:a5:9e:33:08:33:8c:da:d1:a2:9c:76:ee:b3:55:
e0:ae:ca:d8:3e:b1:1b:7f:e6:b4:87:bb:a1:a8:02:f8:d1:93:
e2:3b:31:b2:43:b1:c8:44:d9:47:d6:23:bc:ac:8a:23:c9:94:
1f:96:bb:5a:fc:42:9f:68:14:6c:87:9c:dd:87:1d:d0:92:1b:
d2:7c:18:c5:73:7c:ee:3c:64:ad:e0:6c:8e:db:9d:4b:bd:97:
7c:fc:82:da:b1:72:de:72:80:76:e9:f7:84:e1:b8:a2:4b:d7:
24:3b:11:37:31:6d:98:db:7f:60:50:74:c6:06:4e:c6:c1:a4:
6f:75:d8:45:5b:8d:21:06:10:c7:e8:8b:0d:b6:94:72:f5:75:
dd:50:47:8a:72:3e:11:27:ca:d9:8a:5b:8f:33:da:c6:b5:2a:
36:96:c2:01:a1:ba:16:21:1f:4d:3a:a0:47:49:2a:d0:c6:3d:
25:ee:4e:18
-----BEGIN CERTIFICATE-----
MIIFlDCCBHygAwIBAgICBq4wDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
QTk2ODhBRjExMC8GA1UEBRMoRDdBRTY0NUFGOUU1QjZFMjIyQUUzRTE5NDI5OTc0
QkJEODY1Njk0MTAeFw0yNjAzMTAwNTA0MDhaFw0zNjAzMTAwNTA0MDhaMBgxFjAU
BgNVBAMTDTY5YWZhNjRkLWRkNmIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQCr8U0aqOsmUSrwnNOMyTagEe/l5U08T01Nm809cNw4KLfr8kesXRIxrz7r
2wfU5197LVEXLC+znosho9aFmFn+PSTewTh3R3fsKhl2auLw3IEIIeLAZeGb3ote
N+gs0FWkHuSeMvcBMgW3CkRyDg+rAZTR7bkpG9G1smFKBQpDo0r0LuDPAYAhqTFV
Um9hy4pHnCtB69FL2Y2Rr0KrEgxRdGUXExWh/qdgpHkM25QEXyIbaPfin2hTwonu
QimzMSkdaoFMupzQIcNlESJXQM/kPjj+ZrNRXaNQXSLszg/OI8z8SWcj+Gm2qzNb
ahZFcz6IzLls4d7ojyPPCyYwQ41dAgMBAAGjggK2MIICsjAdBgNVHQ4EFgQUrKDA
8HADHc1UTEGlnah8uzNnm+gwHwYDVR0jBBgwFoAU165kWvnltuIirj4ZQpl0u9hl
aUEwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNkE5Njg4LzEyMDcyRkU2RkZFODExRUJCMTkyRkIwOUQ4QTAxNENFLzE2NWtX
dm5sdHVJaXJqNFpRcGwwdTlobGFVRS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljLzE2NWtXdm5sdHVJaXJqNFpRcGwwdTlobGFVRS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNkE5Njg4LzEyMDcyRkU2RkZFODExRUJCMTkyRkIwOUQ4
QTAxNENFLzk0NEJEQ0FBMUMzRTExRjE5RTA0QUFGNURBRTRFQzlDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwMAYIKwYBBQUHAQcBAf8EITAfMAwEAgABMAYDBADEA5cwDwQCAAIwCQMHACAB
Q/gJADANBgkqhkiG9w0BAQsFAAOCAQEAW+QhY2tr3FijwaCO8ks853JVX5xG7bVI
vMRXMhshmT1C8aBRACDydPl+bEWpcBWMcfi98oUWspCSMN5Gktgvtp+acnYhPca/
egDYQaWeMwgzjNrRopx27rNV4K7K2D6xG3/mtIe7oagC+NGT4jsxskOxyETZR9Yj
vKyKI8mUH5a7WvxCn2gUbIec3Ycd0JIb0nwYxXN87jxkreBsjtudS72XfPyC2rFy
3nKAdun3hOG4okvXJDsRNzFtmNt/YFB0xgZOxsGkb3XYRVuNIQYQx+iLDbaUcvV1
3VBHinI+ESfK2YpbjzPaxrUqNpbCAaG6FiEfTTqgR0kq0MY9Je5OGA==
-----END CERTIFICATE-----
Generated at Thu Mar 26 23:33:52 2026 by rpki-client