Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36ACCFA/E5E4BA54FE2111F0AB328B8ADAE4EC9C/BA332A4C265F11F18228BF7BDAE4EC9C.roa
File: BA332A4C265F11F18228BF7BDAE4EC9C.roa (raw, json)
Hash identifier: GBb7so6N1oVSXb19EDkrBHlkEzb4N8lRzsL+mQtgqpo=
Subject key identifier: 6E:E9:76:D9:B1:4C:7C:94:C1:0C:3D:16:14:F3:EF:65:F1:23:32:32
Certificate issuer: /CN=F36ACCFAAF/serialNumber=4DE74AAB64A8AF73D5663C44069ED929C702343D
Certificate serial: 3C
Authority key identifier: 4D:E7:4A:AB:64:A8:AF:73:D5:66:3C:44:06:9E:D9:29:C7:02:34:3D
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/TedKq2Sor3PVZjxEBp7ZKccCND0.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36ACCFA/E5E4BA54FE2111F0AB328B8ADAE4EC9C/BA332A4C265F11F18228BF7BDAE4EC9C.roa
Signing time: Mon 23 Mar 2026 02:26:42 +0000
ROA not before: Mon 23 Mar 2026 02:26:37 +0000
ROA not after: Sun 23 Mar 2036 02:26:37 +0000
asID: 329692
IP address blocks: 102.203.132.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36ACCFA/E5E4BA54FE2111F0AB328B8ADAE4EC9C/TedKq2Sor3PVZjxEBp7ZKccCND0.crl
rsync://rpki.afrinic.net/repository/member_repository/F36ACCFA/E5E4BA54FE2111F0AB328B8ADAE4EC9C/TedKq2Sor3PVZjxEBp7ZKccCND0.mft
rsync://rpki.afrinic.net/repository/afrinic/TedKq2Sor3PVZjxEBp7ZKccCND0.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 28 Mar 2026 00:07:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 60 (0x3c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36ACCFAAF, serialNumber=4DE74AAB64A8AF73D5663C44069ED929C702343D
Validity
Not Before: Mar 23 02:26:37 2026 GMT
Not After : Mar 23 02:26:37 2036 GMT
Subject: CN=69c0a4e2-53c4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:cb:8a:24:b3:5c:6d:af:66:11:a1:0f:5f:22:
ea:e5:60:37:c0:ba:6a:6e:6c:87:2b:db:29:89:20:
f4:8d:b9:17:31:79:20:04:c9:da:da:55:9e:b8:97:
c4:14:a8:66:d5:9e:8f:ad:d7:05:2f:ca:02:e9:75:
22:9e:66:50:09:e8:ef:54:07:81:0f:40:10:8d:a8:
c4:c6:b1:02:12:ce:0f:ae:84:fa:bf:5f:8c:2d:df:
a8:ea:4e:49:33:44:76:d5:74:66:44:38:d5:72:1f:
0b:f9:01:11:8b:87:33:c0:b7:d3:f6:f5:af:83:25:
b0:55:26:79:53:d4:f6:b9:71:7a:d7:01:bd:c3:f1:
d3:6a:50:11:38:e1:23:1f:22:bb:9c:89:93:f2:55:
e9:b9:2a:76:a7:10:94:01:7c:50:87:76:a6:4a:c8:
06:62:76:02:f2:4d:9a:80:81:25:26:89:e0:fc:04:
be:e0:3e:d0:38:12:51:80:96:bd:e0:c4:21:56:39:
d9:0b:c4:99:75:f0:1f:3e:20:d2:da:12:23:c9:af:
e5:3d:7a:5a:60:63:71:65:01:39:d6:10:dc:66:75:
09:53:14:f4:06:3e:e3:6a:52:5d:8f:1b:87:9f:55:
8c:f9:8e:1e:71:ad:13:69:d8:6c:93:61:ba:77:aa:
cd:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:E9:76:D9:B1:4C:7C:94:C1:0C:3D:16:14:F3:EF:65:F1:23:32:32
X509v3 Authority Key Identifier:
keyid:4D:E7:4A:AB:64:A8:AF:73:D5:66:3C:44:06:9E:D9:29:C7:02:34:3D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36ACCFA/E5E4BA54FE2111F0AB328B8ADAE4EC9C/TedKq2Sor3PVZjxEBp7ZKccCND0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/TedKq2Sor3PVZjxEBp7ZKccCND0.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36ACCFA/E5E4BA54FE2111F0AB328B8ADAE4EC9C/BA332A4C265F11F18228BF7BDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.203.132.0/22
Signature Algorithm: sha256WithRSAEncryption
32:db:f0:f0:a0:7d:71:ab:3c:4d:72:55:0e:a2:fb:c4:2d:e9:
4b:90:97:ea:09:08:da:32:22:ef:99:92:e9:83:3c:12:e2:b8:
11:2d:09:8a:df:92:89:7e:bb:43:be:d4:ec:c5:ff:99:ac:81:
80:f4:fa:1a:62:d3:3c:59:fc:0a:9a:d4:d9:50:ed:cd:dd:26:
7b:bb:93:ba:7e:c2:ec:a8:3a:0e:36:e3:ef:05:fa:1b:4d:21:
90:6e:32:27:81:a2:a7:ad:6d:11:50:5f:66:b5:dd:bd:b8:9d:
e6:8a:c0:68:3d:ec:33:cb:f7:d3:d6:0a:6b:5c:5c:09:4e:9e:
82:6b:6e:0c:79:05:c6:a5:81:d2:d7:eb:2e:4f:73:be:c0:0f:
63:13:96:c2:89:24:f8:24:7f:c8:a3:f5:fa:b0:df:d9:09:a8:
1c:8f:4a:83:32:1e:ea:cb:01:5c:f7:76:88:8c:48:3b:76:76:
c1:a5:ce:90:68:2f:a6:80:0b:aa:79:32:44:20:cf:d9:25:bd:
52:54:d5:01:95:65:08:18:02:9c:5f:8a:d0:25:8c:61:2c:7d:
06:3f:14:25:19:39:5f:41:36:20:52:29:ff:de:05:e7:9c:80:
96:f1:c5:85:5a:e7:a2:e5:df:60:e0:7e:ae:71:41:8c:8d:f3:
74:d9:ee:e0
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgIBPDANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzZB
Q0NGQUFGMTEwLwYDVQQFEyg0REU3NEFBQjY0QThBRjczRDU2NjNDNDQwNjlFRDky
OUM3MDIzNDNEMB4XDTI2MDMyMzAyMjYzN1oXDTM2MDMyMzAyMjYzN1owGDEWMBQG
A1UEAxMNNjljMGE0ZTItNTNjNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKbLiiSzXG2vZhGhD18i6uVgN8C6am5shyvbKYkg9I25FzF5IATJ2tpVnriX
xBSoZtWej63XBS/KAul1Ip5mUAno71QHgQ9AEI2oxMaxAhLOD66E+r9fjC3fqOpO
STNEdtV0ZkQ41XIfC/kBEYuHM8C30/b1r4MlsFUmeVPU9rlxetcBvcPx02pQETjh
Ix8iu5yJk/JV6bkqdqcQlAF8UId2pkrIBmJ2AvJNmoCBJSaJ4PwEvuA+0DgSUYCW
veDEIVY52QvEmXXwHz4g0toSI8mv5T16WmBjcWUBOdYQ3GZ1CVMU9AY+42pSXY8b
h59VjPmOHnGtE2nYbJNhuneqzVUCAwEAAaOCAqUwggKhMB0GA1UdDgQWBBRu6XbZ
sUx8lMEMPRYU8+9l8SMyMjAfBgNVHSMEGDAWgBRN50qrZKivc9VmPEQGntkpxwI0
PTAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2QUNDRkEvRTVFNEJBNTRGRTIxMTFGMEFCMzI4QjhBREFFNEVDOUMvVGVkS3Ey
U29yM1BWWmp4RUJwN1pLY2NDTkQwLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvVGVkS3EyU29yM1BWWmp4RUJwN1pLY2NDTkQwLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2QUNDRkEvRTVFNEJBNTRGRTIxMTFGMEFCMzI4QjhBREFF
NEVDOUMvQkEzMzJBNEMyNjVGMTFGMTgyMjhCRjdCREFFNEVDOUMucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAmbLhDANBgkqhkiG9w0BAQsF
AAOCAQEAMtvw8KB9cas8TXJVDqL7xC3pS5CX6gkI2jIi75mS6YM8EuK4ES0Jit+S
iX67Q77U7MX/mayBgPT6GmLTPFn8CprU2VDtzd0me7uTun7C7Kg6Djbj7wX6G00h
kG4yJ4Gip61tEVBfZrXdvbid5orAaD3sM8v309YKa1xcCU6egmtuDHkFxqWB0tfr
Lk9zvsAPYxOWwokk+CR/yKP1+rDf2QmoHI9KgzIe6ssBXPd2iIxIO3Z2waXOkGgv
poALqnkyRCDP2SW9UlTVAZVlCBgCnF+K0CWMYSx9Bj8UJRk5X0E2IFIp/94F55yA
lvHFhVrnouXfYOB+rnFBjI3zdNnu4A==
-----END CERTIFICATE-----
Generated at Thu Mar 26 13:43:51 2026 by rpki-client