Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36B9F4B/61A2E1A28DE011E9AC14F632F8AEA228/C55F0DA622BC11F1895F27D9DAE4EC9C.roa
File: C55F0DA622BC11F1895F27D9DAE4EC9C.roa (raw, json)
Hash identifier: TsFLHTDM0+eajUsBFwMGn8MhE/0ljqxgVXECaTCFMdw=
Subject key identifier: 8F:3A:88:B3:38:59:23:B2:D6:8D:27:7A:00:FB:E5:B3:D9:FF:4F:01
Certificate issuer: /CN=F36B9F4BAF/serialNumber=9821C87221D270B42FF9DD826048B992C0E0E3F8
Certificate serial: 0A21
Authority key identifier: 98:21:C8:72:21:D2:70:B4:2F:F9:DD:82:60:48:B9:92:C0:E0:E3:F8
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/mCHIciHScLQv-d2CYEi5ksDg4_g.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36B9F4B/61A2E1A28DE011E9AC14F632F8AEA228/C55F0DA622BC11F1895F27D9DAE4EC9C.roa
Signing time: Wed 18 Mar 2026 11:22:39 +0000
ROA not before: Wed 18 Mar 2026 11:22:34 +0000
ROA not after: Tue 18 Mar 2036 11:22:34 +0000
asID: 37501
IP address blocks: 196.21.40.0/24 maxlen: 24
2001:4200:5000::/48 maxlen: 64
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36B9F4B/61A2E1A28DE011E9AC14F632F8AEA228/mCHIciHScLQv-d2CYEi5ksDg4_g.crl
rsync://rpki.afrinic.net/repository/member_repository/F36B9F4B/61A2E1A28DE011E9AC14F632F8AEA228/mCHIciHScLQv-d2CYEi5ksDg4_g.mft
rsync://rpki.afrinic.net/repository/afrinic/mCHIciHScLQv-d2CYEi5ksDg4_g.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 28 Mar 2026 00:07:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2593 (0xa21)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36B9F4BAF, serialNumber=9821C87221D270B42FF9DD826048B992C0E0E3F8
Validity
Not Before: Mar 18 11:22:34 2026 GMT
Not After : Mar 18 11:22:34 2036 GMT
Subject: CN=69ba8aff-313e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:30:a4:d2:67:9b:9b:82:ac:2e:5b:93:fa:82:
db:2d:1e:aa:84:e1:9a:c1:65:74:0d:39:3c:98:c6:
6d:c6:39:4b:81:52:3b:39:87:c1:2b:4a:7b:63:43:
fa:a6:27:87:5e:8c:fb:2f:da:15:6b:81:3e:08:c6:
8f:b0:5e:59:82:3b:46:6c:f8:6f:a4:98:d2:26:c4:
16:36:40:c4:58:64:ef:c5:eb:0d:cd:82:03:2c:79:
5f:27:b2:3a:6d:4a:28:f5:61:44:74:d9:df:85:b0:
1a:41:44:db:a6:e9:8b:7b:7f:01:76:61:a3:a9:b9:
a8:f9:ec:84:bd:1d:f8:d4:ab:8b:4c:c3:6e:42:e3:
f3:61:eb:dd:83:d1:59:87:fa:3c:13:08:d0:15:f3:
dc:db:fb:50:d9:6e:0b:22:6e:af:80:19:9e:40:89:
b7:6f:48:e1:66:e1:a0:ef:a6:22:ff:79:b7:5a:8b:
3b:b6:58:0b:0d:22:d6:4e:9b:77:24:be:92:77:8e:
33:8e:c8:25:a5:3b:ba:54:cd:b8:28:31:95:79:23:
08:2d:74:ac:51:49:0a:fa:e9:b2:e1:8a:06:46:4c:
a2:be:85:4f:67:2f:b7:58:a6:a4:63:09:58:2d:ca:
4a:b3:32:66:88:ca:70:ea:03:bf:86:2d:25:fa:01:
d3:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:3A:88:B3:38:59:23:B2:D6:8D:27:7A:00:FB:E5:B3:D9:FF:4F:01
X509v3 Authority Key Identifier:
keyid:98:21:C8:72:21:D2:70:B4:2F:F9:DD:82:60:48:B9:92:C0:E0:E3:F8
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36B9F4B/61A2E1A28DE011E9AC14F632F8AEA228/mCHIciHScLQv-d2CYEi5ksDg4_g.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/mCHIciHScLQv-d2CYEi5ksDg4_g.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36B9F4B/61A2E1A28DE011E9AC14F632F8AEA228/C55F0DA622BC11F1895F27D9DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
196.21.40.0/24
IPv6:
2001:4200:5000::/48
Signature Algorithm: sha256WithRSAEncryption
52:83:69:5d:eb:a4:a5:e5:70:7c:fe:01:5c:00:49:8b:cd:28:
42:5c:dd:34:b2:ab:23:ea:b4:a4:85:ec:2f:03:32:2e:f2:40:
68:5e:b3:35:ef:05:9d:7d:b6:56:3e:6e:97:b7:8d:8d:1b:02:
db:88:4a:66:78:6d:97:e0:9a:d8:b2:1d:58:ed:7d:bd:d2:35:
f0:2e:d9:63:81:bc:90:e7:5b:36:63:4f:e5:d7:7e:00:4a:ad:
95:df:c7:f8:9c:cd:0b:6b:7d:b3:d7:d1:0d:44:1b:be:0e:aa:
6a:8c:91:53:72:9e:83:e3:dc:f5:43:6a:1f:ea:d2:c5:33:1f:
0d:8d:22:e4:20:30:4f:5b:a6:7c:8c:5a:72:cd:34:59:58:27:
3a:9b:98:da:f3:71:1a:6d:21:95:6e:73:77:18:57:1a:6d:97:
64:74:79:51:2c:c7:66:46:00:28:2a:19:7b:b8:c7:2a:54:24:
6a:01:6c:c5:0c:7f:fc:0a:ae:0c:ab:1a:33:1f:a5:9d:f5:51:
c8:a2:e4:09:f4:b1:94:08:88:05:15:c5:a4:4a:45:c5:c2:36:
db:c7:87:d6:6d:b5:c0:c6:38:b9:65:5c:52:fc:fd:97:6f:36:
15:af:e5:b8:c7:67:e3:1f:61:83:29:06:b8:1e:fe:ee:88:31:
ef:e4:49:95
-----BEGIN CERTIFICATE-----
MIIFlDCCBHygAwIBAgICCiEwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
QjlGNEJBRjExMC8GA1UEBRMoOTgyMUM4NzIyMUQyNzBCNDJGRjlERDgyNjA0OEI5
OTJDMEUwRTNGODAeFw0yNjAzMTgxMTIyMzRaFw0zNjAzMTgxMTIyMzRaMBgxFjAU
BgNVBAMTDTY5YmE4YWZmLTMxM2UwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDFMKTSZ5ubgqwuW5P6gtstHqqE4ZrBZXQNOTyYxm3GOUuBUjs5h8ErSntj
Q/qmJ4dejPsv2hVrgT4Ixo+wXlmCO0Zs+G+kmNImxBY2QMRYZO/F6w3NggMseV8n
sjptSij1YUR02d+FsBpBRNum6Yt7fwF2YaOpuaj57IS9HfjUq4tMw25C4/Nh692D
0VmH+jwTCNAV89zb+1DZbgsibq+AGZ5AibdvSOFm4aDvpiL/ebdaizu2WAsNItZO
m3ckvpJ3jjOOyCWlO7pUzbgoMZV5IwgtdKxRSQr66bLhigZGTKK+hU9nL7dYpqRj
CVgtykqzMmaIynDqA7+GLSX6AdMxAgMBAAGjggK2MIICsjAdBgNVHQ4EFgQUjzqI
szhZI7LWjSd6APvls9n/TwEwHwYDVR0jBBgwFoAUmCHIciHScLQv+d2CYEi5ksDg
4/gwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNkI5RjRCLzYxQTJFMUEyOERFMDExRTlBQzE0RjYzMkY4QUVBMjI4L21DSElj
aUhTY0xRdi1kMkNZRWk1a3NEZzRfZy5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL21DSEljaUhTY0xRdi1kMkNZRWk1a3NEZzRfZy5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNkI5RjRCLzYxQTJFMUEyOERFMDExRTlBQzE0RjYzMkY4
QUVBMjI4L0M1NUYwREE2MjJCQzExRjE4OTVGMjdEOURBRTRFQzlDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwMAYIKwYBBQUHAQcBAf8EITAfMAwEAgABMAYDBADEFSgwDwQCAAIwCQMHACAB
QgBQADANBgkqhkiG9w0BAQsFAAOCAQEAUoNpXeukpeVwfP4BXABJi80oQlzdNLKr
I+q0pIXsLwMyLvJAaF6zNe8FnX22Vj5ul7eNjRsC24hKZnhtl+Ca2LIdWO19vdI1
8C7ZY4G8kOdbNmNP5dd+AEqtld/H+JzNC2t9s9fRDUQbvg6qaoyRU3Keg+Pc9UNq
H+rSxTMfDY0i5CAwT1umfIxacs00WVgnOpuY2vNxGm0hlW5zdxhXGm2XZHR5USzH
ZkYAKCoZe7jHKlQkagFsxQx//AquDKsaMx+lnfVRyKLkCfSxlAiIBRXFpEpFxcI2
28eH1m21wMY4uWVcUvz9l282Fa/luMdn4x9hgykGuB7+7ogx7+RJlQ==
-----END CERTIFICATE-----
Generated at Thu Mar 26 20:55:35 2026 by rpki-client