Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36DDABE/5FBEE6C41EE311F198302CE2DAE4EC9C/23BDD69C27AA11F1AAEBED86DAE4EC9C.roa
File: 23BDD69C27AA11F1AAEBED86DAE4EC9C.roa (raw, json)
Hash identifier: +OC79elUss8EX+Y+ZCibofPxVDXZOBoxfjYp0g9L2wI=
Subject key identifier: 7C:FE:B9:47:B3:D6:63:4C:67:C5:1E:53:E4:CF:8D:E2:2A:6E:86:E9
Certificate issuer: /CN=F36DDABEAF/serialNumber=1E43F675C5655A48B5C1F2D1253B65BFC245BBB7
Certificate serial: 11
Authority key identifier: 1E:43:F6:75:C5:65:5A:48:B5:C1:F2:D1:25:3B:65:BF:C2:45:BB:B7
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/HkP2dcVlWki1wfLRJTtlv8JFu7c.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36DDABE/5FBEE6C41EE311F198302CE2DAE4EC9C/23BDD69C27AA11F1AAEBED86DAE4EC9C.roa
Signing time: Tue 24 Mar 2026 17:51:53 +0000
ROA not before: Tue 24 Mar 2026 17:51:48 +0000
ROA not after: Thu 23 Mar 2028 17:51:48 +0000
asID: 36877
IP address blocks: 196.47.64.0/20 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36DDABE/5FBEE6C41EE311F198302CE2DAE4EC9C/HkP2dcVlWki1wfLRJTtlv8JFu7c.crl
rsync://rpki.afrinic.net/repository/member_repository/F36DDABE/5FBEE6C41EE311F198302CE2DAE4EC9C/HkP2dcVlWki1wfLRJTtlv8JFu7c.mft
rsync://rpki.afrinic.net/repository/afrinic/HkP2dcVlWki1wfLRJTtlv8JFu7c.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 28 Mar 2026 00:07:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17 (0x11)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36DDABEAF, serialNumber=1E43F675C5655A48B5C1F2D1253B65BFC245BBB7
Validity
Not Before: Mar 24 17:51:48 2026 GMT
Not After : Mar 23 17:51:48 2028 GMT
Subject: CN=69c2cf39-9ec4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:7d:f4:18:d8:27:db:4c:ff:60:c5:08:a8:c5:
80:a1:84:3a:45:f7:8b:f2:e8:12:6a:fc:13:62:b4:
61:3f:e0:c7:b3:75:9e:fc:2f:62:00:cc:80:6b:c9:
8b:9a:5b:e7:9e:e2:f9:c8:b3:f8:ce:3b:04:1b:66:
1f:c8:e6:f1:8a:f8:34:ad:c6:35:de:8e:cf:6b:fc:
b4:4d:41:11:cb:13:62:ca:36:6a:fb:c4:47:72:d1:
72:4b:ac:48:4b:5f:14:82:c6:25:3e:76:d7:53:d7:
60:38:a6:6b:ba:cb:5b:bb:af:62:ea:82:2b:62:1d:
e2:34:98:9c:3a:24:e3:3d:c6:41:49:82:57:60:4e:
ab:27:f4:1b:ac:59:0a:6b:e5:9f:c7:68:78:6d:6d:
a5:ac:54:99:f8:3a:43:bf:20:d0:e3:73:b7:da:6d:
e7:1e:b6:a9:19:0a:5f:da:cc:39:0e:b6:2a:36:b2:
82:c1:6d:e5:a9:ef:75:77:02:75:52:9d:8f:71:98:
5a:22:23:c5:98:c8:4e:dc:ec:c0:8c:91:db:52:e4:
f6:37:fd:52:f8:1d:79:9a:f5:92:bb:0b:e3:9d:86:
df:3c:d2:0f:7b:20:6d:81:46:0c:8c:4f:24:03:2d:
8b:bb:c5:46:2e:28:8d:9a:89:0e:de:e2:f8:79:e7:
90:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:FE:B9:47:B3:D6:63:4C:67:C5:1E:53:E4:CF:8D:E2:2A:6E:86:E9
X509v3 Authority Key Identifier:
keyid:1E:43:F6:75:C5:65:5A:48:B5:C1:F2:D1:25:3B:65:BF:C2:45:BB:B7
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36DDABE/5FBEE6C41EE311F198302CE2DAE4EC9C/HkP2dcVlWki1wfLRJTtlv8JFu7c.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/HkP2dcVlWki1wfLRJTtlv8JFu7c.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36DDABE/5FBEE6C41EE311F198302CE2DAE4EC9C/23BDD69C27AA11F1AAEBED86DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
196.47.64.0/20
Signature Algorithm: sha256WithRSAEncryption
47:63:59:3b:86:f7:c3:a2:4b:44:67:e6:fa:6f:c2:93:c9:33:
be:c8:40:10:0b:78:c6:5b:7a:ed:30:cb:04:8f:1c:58:52:d8:
22:00:cc:9d:a9:33:8d:14:5c:3b:b3:8a:8b:b3:64:3c:8b:4b:
f2:11:65:ef:ec:4f:6f:98:7c:4a:46:34:47:d5:73:e1:10:16:
a6:70:ef:ee:7e:18:27:d1:ae:2e:e8:59:2c:1b:fe:8b:69:a2:
b4:cb:8a:d3:f3:3c:31:f0:e4:85:69:6f:2e:e9:40:63:f7:07:
9d:ca:5b:aa:8d:b1:91:03:fc:73:67:6e:7b:e7:e8:17:99:4c:
f6:32:b9:c0:e4:f8:8b:1c:29:91:64:22:13:5e:71:31:9f:e9:
59:7c:94:12:a9:85:0d:a8:cf:77:59:61:75:06:b5:32:75:62:
3f:e6:41:21:13:36:f9:70:af:47:8e:c7:2e:72:19:f7:55:80:
28:03:dc:3e:b4:f2:91:c7:4b:08:23:10:75:31:4c:f1:d2:a5:
e5:70:3c:b9:52:86:8e:97:5e:5f:90:36:c1:ef:54:dd:c6:ec:
94:59:88:23:38:f0:32:29:ca:76:ff:bf:0f:af:b6:cd:32:3c:
de:a0:9b:bc:68:95:d7:b5:6d:b5:54:e2:93:94:75:30:44:a4:
b6:37:9c:e9
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgIBETANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzZE
REFCRUFGMTEwLwYDVQQFEygxRTQzRjY3NUM1NjU1QTQ4QjVDMUYyRDEyNTNCNjVC
RkMyNDVCQkI3MB4XDTI2MDMyNDE3NTE0OFoXDTI4MDMyMzE3NTE0OFowGDEWMBQG
A1UEAxMNNjljMmNmMzktOWVjNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANV99BjYJ9tM/2DFCKjFgKGEOkX3i/LoEmr8E2K0YT/gx7N1nvwvYgDMgGvJ
i5pb557i+ciz+M47BBtmH8jm8Yr4NK3GNd6Oz2v8tE1BEcsTYso2avvER3LRckus
SEtfFILGJT5211PXYDima7rLW7uvYuqCK2Id4jSYnDok4z3GQUmCV2BOqyf0G6xZ
Cmvln8doeG1tpaxUmfg6Q78g0ONzt9pt5x62qRkKX9rMOQ62KjaygsFt5anvdXcC
dVKdj3GYWiIjxZjITtzswIyR21Lk9jf9UvgdeZr1krsL452G3zzSD3sgbYFGDIxP
JAMti7vFRi4ojZqJDt7i+HnnkDkCAwEAAaOCAqUwggKhMB0GA1UdDgQWBBR8/rlH
s9ZjTGfFHlPkz43iKm6G6TAfBgNVHSMEGDAWgBQeQ/Z1xWVaSLXB8tElO2W/wkW7
tzAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2RERBQkUvNUZCRUU2QzQxRUUzMTFGMTk4MzAyQ0UyREFFNEVDOUMvSGtQMmRj
VmxXa2kxd2ZMUkpUdGx2OEpGdTdjLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvSGtQMmRjVmxXa2kxd2ZMUkpUdGx2OEpGdTdjLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2RERBQkUvNUZCRUU2QzQxRUUzMTFGMTk4MzAyQ0UyREFF
NEVDOUMvMjNCREQ2OUMyN0FBMTFGMUFBRUJFRDg2REFFNEVDOUMucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBMQvQDANBgkqhkiG9w0BAQsF
AAOCAQEAR2NZO4b3w6JLRGfm+m/Ck8kzvshAEAt4xlt67TDLBI8cWFLYIgDMnakz
jRRcO7OKi7NkPItL8hFl7+xPb5h8SkY0R9Vz4RAWpnDv7n4YJ9GuLuhZLBv+i2mi
tMuK0/M8MfDkhWlvLulAY/cHncpbqo2xkQP8c2due+foF5lM9jK5wOT4ixwpkWQi
E15xMZ/pWXyUEqmFDajPd1lhdQa1MnViP+ZBIRM2+XCvR47HLnIZ91WAKAPcPrTy
kcdLCCMQdTFM8dKl5XA8uVKGjpdeX5A2we9U3cbslFmIIzjwMinKdv+/D6+2zTI8
3qCbvGiV17VttVTik5R1MESktjec6Q==
-----END CERTIFICATE-----
Generated at Thu Mar 26 23:34:04 2026 by rpki-client