Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36C67A4/AD38F85627B011F19CC9CBAEDAE4EC9C/3100489627B211F18A08A3B6DAE4EC9C.roa
File: 3100489627B211F18A08A3B6DAE4EC9C.roa (raw, json)
Hash identifier: KxXVh/K4PRDNOgb6lGt6sWf5pvipfL5DWCni74reBi0=
Subject key identifier: 7C:04:AC:74:CE:01:DD:82:96:E0:40:D7:F7:AF:22:E4:6F:C4:26:0F
Certificate issuer: /CN=F36C67A4AF/serialNumber=35F1275B287E9C0F8EA3A84B8B354AB024B76972
Certificate serial: 02
Authority key identifier: 35:F1:27:5B:28:7E:9C:0F:8E:A3:A8:4B:8B:35:4A:B0:24:B7:69:72
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/NfEnWyh-nA-Oo6hLizVKsCS3aXI.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36C67A4/AD38F85627B011F19CC9CBAEDAE4EC9C/3100489627B211F18A08A3B6DAE4EC9C.roa
Signing time: Tue 24 Mar 2026 18:49:31 +0000
ROA not before: Tue 24 Mar 2026 18:49:25 +0000
ROA not after: Wed 24 Mar 2032 18:49:25 +0000
asID: 329707
IP address blocks: 102.203.44.0/22 maxlen: 22
102.203.44.0/24 maxlen: 24
102.203.45.0/24 maxlen: 24
102.203.46.0/24 maxlen: 24
102.203.47.0/24 maxlen: 24
2c0f:720::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36C67A4/AD38F85627B011F19CC9CBAEDAE4EC9C/NfEnWyh-nA-Oo6hLizVKsCS3aXI.crl
rsync://rpki.afrinic.net/repository/member_repository/F36C67A4/AD38F85627B011F19CC9CBAEDAE4EC9C/NfEnWyh-nA-Oo6hLizVKsCS3aXI.mft
rsync://rpki.afrinic.net/repository/afrinic/NfEnWyh-nA-Oo6hLizVKsCS3aXI.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 28 Mar 2026 00:07:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36C67A4AF, serialNumber=35F1275B287E9C0F8EA3A84B8B354AB024B76972
Validity
Not Before: Mar 24 18:49:25 2026 GMT
Not After : Mar 24 18:49:25 2032 GMT
Subject: CN=69c2dcbb-36a6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:27:34:f1:a4:77:f4:f3:b4:cd:47:fc:25:5f:
71:ce:db:a4:36:d6:09:44:7c:b4:66:be:d9:3f:f7:
b2:c5:81:a4:9f:88:96:72:0a:97:29:59:17:48:a4:
e3:18:b1:4a:d5:ac:fa:14:88:7e:c9:6a:c1:b2:bd:
40:ae:2e:b5:f2:f7:5c:c3:f3:fa:e3:57:f3:c6:a4:
34:6e:b3:8f:b4:95:f4:a6:51:7c:c7:d3:46:8b:a1:
aa:03:b6:23:b8:24:e1:46:4a:c9:50:a5:c0:b9:03:
f2:7a:b0:fc:e9:b9:90:37:ff:7d:a8:cb:6e:de:81:
52:52:78:f9:e1:a3:b0:23:b6:1a:d0:70:de:8e:01:
d0:e1:4d:f1:27:7b:c5:a3:cf:d5:af:60:91:04:42:
d7:c5:b0:43:3a:88:fe:9c:05:5d:91:5e:f0:5f:5f:
1f:98:db:cc:54:2b:92:14:76:a3:a8:7c:d5:77:c1:
cc:4f:11:39:5c:e6:e2:90:d5:6e:c1:8a:a0:30:76:
db:8d:3e:3f:67:ee:f2:9c:44:79:ad:3d:d4:0d:c7:
d0:e7:1b:91:dd:e1:84:9d:34:63:f5:2c:e7:d4:0b:
46:0e:2d:ff:38:aa:2e:66:2b:9e:ab:9f:fa:d7:18:
16:59:43:32:9e:c1:53:43:bf:fa:f0:8a:de:2b:76:
e3:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:04:AC:74:CE:01:DD:82:96:E0:40:D7:F7:AF:22:E4:6F:C4:26:0F
X509v3 Authority Key Identifier:
keyid:35:F1:27:5B:28:7E:9C:0F:8E:A3:A8:4B:8B:35:4A:B0:24:B7:69:72
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36C67A4/AD38F85627B011F19CC9CBAEDAE4EC9C/NfEnWyh-nA-Oo6hLizVKsCS3aXI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/NfEnWyh-nA-Oo6hLizVKsCS3aXI.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36C67A4/AD38F85627B011F19CC9CBAEDAE4EC9C/3100489627B211F18A08A3B6DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.203.44.0/22
IPv6:
2c0f:720::/32
Signature Algorithm: sha256WithRSAEncryption
21:59:17:32:21:e5:e9:ec:f5:c0:9c:d1:6d:61:ec:97:e9:e4:
63:e5:61:a4:e4:e3:f1:8c:a4:b0:a2:7d:ef:5f:58:f0:a2:bd:
c3:dc:82:84:e0:02:b8:36:10:bc:e3:12:8d:2d:bf:cc:75:ff:
b7:4e:9a:68:ea:3a:ac:f5:5d:b3:81:65:a1:c7:54:7c:de:64:
08:73:6e:f5:58:b4:4b:3c:00:ee:09:3a:5a:00:6e:b5:e1:95:
62:b8:03:db:9b:b8:95:96:77:e1:c0:43:f7:47:2d:9a:97:a0:
2d:89:73:07:63:25:04:5d:a6:b5:0e:b5:76:e4:96:80:a9:e4:
3e:ea:fe:65:ad:77:61:7e:a5:73:38:e6:49:39:6a:24:0d:04:
5b:ad:66:7b:d5:9c:46:c9:9d:be:b0:20:72:a4:e0:3f:7f:a2:
69:3b:7d:fc:e8:16:6a:09:94:7e:49:96:b6:2d:29:99:57:37:
23:3f:2f:ef:fe:b4:a9:e4:ae:61:f8:d9:3b:81:60:80:5e:3b:
9e:94:7d:c6:c7:77:be:fa:f0:bf:85:23:88:e0:f1:f2:88:25:
6b:6c:15:77:a4:cf:b8:96:e6:d1:40:99:c9:64:84:2f:c7:1f:
ed:26:2a:44:a5:43:66:bb:ba:de:de:d7:b0:27:35:c8:15:83:
2d:2a:c2:14
-----BEGIN CERTIFICATE-----
MIIFkTCCBHmgAwIBAgIBAjANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzZD
NjdBNEFGMTEwLwYDVQQFEygzNUYxMjc1QjI4N0U5QzBGOEVBM0E4NEI4QjM1NEFC
MDI0Qjc2OTcyMB4XDTI2MDMyNDE4NDkyNVoXDTMyMDMyNDE4NDkyNVowGDEWMBQG
A1UEAxMNNjljMmRjYmItMzZhNjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAM4nNPGkd/TztM1H/CVfcc7bpDbWCUR8tGa+2T/3ssWBpJ+IlnIKlylZF0ik
4xixStWs+hSIfslqwbK9QK4utfL3XMPz+uNX88akNG6zj7SV9KZRfMfTRouhqgO2
I7gk4UZKyVClwLkD8nqw/Om5kDf/fajLbt6BUlJ4+eGjsCO2GtBw3o4B0OFN8Sd7
xaPP1a9gkQRC18WwQzqI/pwFXZFe8F9fH5jbzFQrkhR2o6h81XfBzE8ROVzm4pDV
bsGKoDB2240+P2fu8pxEea091A3H0Ocbkd3hhJ00Y/Us59QLRg4t/ziqLmYrnquf
+tcYFllDMp7BU0O/+vCK3it243kCAwEAAaOCArQwggKwMB0GA1UdDgQWBBR8BKx0
zgHdgpbgQNf3ryLkb8QmDzAfBgNVHSMEGDAWgBQ18SdbKH6cD46jqEuLNUqwJLdp
cjAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2QzY3QTQvQUQzOEY4NTYyN0IwMTFGMTlDQzlDQkFFREFFNEVDOUMvTmZFbld5
aC1uQS1PbzZoTGl6VktzQ1MzYVhJLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvTmZFbld5aC1uQS1PbzZoTGl6VktzQ1MzYVhJLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2QzY3QTQvQUQzOEY4NTYyN0IwMTFGMTlDQzlDQkFFREFF
NEVDOUMvMzEwMDQ4OTYyN0IyMTFGMThBMDhBM0I2REFFNEVDOUMucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAuBggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEAmbLLDANBAIAAjAHAwUALA8H
IDANBgkqhkiG9w0BAQsFAAOCAQEAIVkXMiHl6ez1wJzRbWHsl+nkY+VhpOTj8Yyk
sKJ9719Y8KK9w9yChOACuDYQvOMSjS2/zHX/t06aaOo6rPVds4FlocdUfN5kCHNu
9Vi0SzwA7gk6WgButeGVYrgD25u4lZZ34cBD90ctmpegLYlzB2MlBF2mtQ61duSW
gKnkPur+Za13YX6lczjmSTlqJA0EW61me9WcRsmdvrAgcqTgP3+iaTt9/OgWagmU
fkmWti0pmVc3Iz8v7/60qeSuYfjZO4FggF47npR9xsd3vvrwv4UjiODx8ogla2wV
d6TPuJbm0UCZyWSEL8cf7SYqRKVDZru63t7XsCc1yBWDLSrCFA==
-----END CERTIFICATE-----
Generated at Thu Mar 26 13:43:51 2026 by rpki-client