Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36DDABE/5FBEE6C41EE311F198302CE2DAE4EC9C/3FD7219427AA11F1AD52548ADAE4EC9C.roa
File: 3FD7219427AA11F1AD52548ADAE4EC9C.roa (raw, json)
Hash identifier: /KN2oZ97uD3QWgYAZ2RKHCFbcmh6OIwCNIajJLKsZtM=
Subject key identifier: DE:01:58:CC:C9:97:ED:B5:C2:A3:1E:57:C1:C2:63:6C:4B:63:48:DE
Certificate issuer: /CN=F36DDABEAF/serialNumber=1E43F675C5655A48B5C1F2D1253B65BFC245BBB7
Certificate serial: 13
Authority key identifier: 1E:43:F6:75:C5:65:5A:48:B5:C1:F2:D1:25:3B:65:BF:C2:45:BB:B7
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/HkP2dcVlWki1wfLRJTtlv8JFu7c.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36DDABE/5FBEE6C41EE311F198302CE2DAE4EC9C/3FD7219427AA11F1AD52548ADAE4EC9C.roa
Signing time: Tue 24 Mar 2026 17:52:40 +0000
ROA not before: Tue 24 Mar 2026 17:52:35 +0000
ROA not after: Thu 23 Mar 2028 17:52:35 +0000
asID: 36877
IP address blocks: 41.198.32.0/19 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36DDABE/5FBEE6C41EE311F198302CE2DAE4EC9C/HkP2dcVlWki1wfLRJTtlv8JFu7c.crl
rsync://rpki.afrinic.net/repository/member_repository/F36DDABE/5FBEE6C41EE311F198302CE2DAE4EC9C/HkP2dcVlWki1wfLRJTtlv8JFu7c.mft
rsync://rpki.afrinic.net/repository/afrinic/HkP2dcVlWki1wfLRJTtlv8JFu7c.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 28 Mar 2026 00:07:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 19 (0x13)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36DDABEAF, serialNumber=1E43F675C5655A48B5C1F2D1253B65BFC245BBB7
Validity
Not Before: Mar 24 17:52:35 2026 GMT
Not After : Mar 23 17:52:35 2028 GMT
Subject: CN=69c2cf68-6b3a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:11:e5:e6:84:08:9b:dd:27:7f:cd:fc:e3:d4:
cf:6b:0d:7b:5d:dd:6e:92:88:37:55:e2:ed:28:14:
e0:36:b7:21:bd:87:1f:fc:1c:6c:78:19:cd:b7:d2:
60:dc:0c:26:91:db:a6:79:2c:ae:51:92:8d:ee:67:
6e:99:68:b5:ee:e6:1a:80:63:2b:6a:50:0b:dc:3d:
37:85:22:51:61:56:b6:4b:ed:bf:45:ae:26:25:0f:
50:34:87:38:3c:2a:32:91:b1:69:48:09:de:ce:67:
6d:0b:e9:f7:2b:8c:15:07:77:85:48:31:67:54:30:
65:d2:5e:b6:72:dc:3a:42:70:de:04:71:4c:45:ad:
5e:2b:76:ba:95:cb:20:fc:73:96:51:b1:92:4d:95:
65:d7:c6:db:3b:e2:b8:6b:6a:50:2d:25:33:cc:20:
53:19:d9:70:d5:72:f2:12:89:ae:d6:07:25:d5:41:
dc:31:3b:e3:7d:c1:93:20:29:89:04:40:df:53:a6:
b8:f4:36:79:47:c6:4b:7b:65:a9:d5:0b:55:22:a7:
3e:6f:e6:d5:e9:28:0f:42:9c:96:17:ec:23:c9:1d:
52:6a:8f:fb:0d:d2:21:a0:1a:40:af:87:9e:48:bd:
51:cf:b1:9b:fa:60:b9:96:f0:67:e5:af:c3:8d:d6:
a3:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:01:58:CC:C9:97:ED:B5:C2:A3:1E:57:C1:C2:63:6C:4B:63:48:DE
X509v3 Authority Key Identifier:
keyid:1E:43:F6:75:C5:65:5A:48:B5:C1:F2:D1:25:3B:65:BF:C2:45:BB:B7
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36DDABE/5FBEE6C41EE311F198302CE2DAE4EC9C/HkP2dcVlWki1wfLRJTtlv8JFu7c.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/HkP2dcVlWki1wfLRJTtlv8JFu7c.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36DDABE/5FBEE6C41EE311F198302CE2DAE4EC9C/3FD7219427AA11F1AD52548ADAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
41.198.32.0/19
Signature Algorithm: sha256WithRSAEncryption
23:ee:77:c5:2f:6c:94:d8:73:8a:05:fd:54:8f:60:33:e5:d2:
89:25:81:19:8c:1f:97:d0:be:af:56:4c:16:1f:55:58:23:d3:
05:03:3e:52:d8:83:df:08:23:3d:69:b1:ce:d2:f0:3a:c3:40:
4c:69:83:07:14:9f:75:8e:11:6f:32:42:fe:72:1c:74:58:ce:
0d:96:20:f8:4d:07:9d:35:cc:b1:54:44:e5:d8:b4:99:39:ac:
93:b5:2a:f3:d1:82:11:7c:7e:d2:03:6c:0f:c5:88:ef:73:c5:
3a:82:74:c3:59:dc:06:10:87:c8:92:0e:52:19:b7:d0:86:4a:
f6:03:d2:71:93:ae:11:4d:18:5a:db:49:82:53:f0:6c:42:28:
9b:4c:28:6c:3a:ff:50:68:21:e0:0a:e8:77:7a:17:58:00:90:
13:2d:17:1c:5a:94:16:9f:59:e7:89:1b:0c:36:1b:24:24:23:
d6:d6:41:3f:8e:b1:da:fa:e7:19:28:da:17:5e:02:e3:37:6e:
fc:fc:bc:7a:da:09:fd:8f:3b:3f:a2:03:00:3d:d1:42:d5:ce:
97:9c:15:0e:a6:77:04:db:19:5b:05:4f:2c:03:60:d6:5b:91:
18:4f:58:64:74:40:0a:19:28:2c:12:c6:be:c5:bc:8f:06:37:
87:0f:f0:fd
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgIBEzANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzZE
REFCRUFGMTEwLwYDVQQFEygxRTQzRjY3NUM1NjU1QTQ4QjVDMUYyRDEyNTNCNjVC
RkMyNDVCQkI3MB4XDTI2MDMyNDE3NTIzNVoXDTI4MDMyMzE3NTIzNVowGDEWMBQG
A1UEAxMNNjljMmNmNjgtNmIzYTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKUR5eaECJvdJ3/N/OPUz2sNe13dbpKIN1Xi7SgU4Da3Ib2HH/wcbHgZzbfS
YNwMJpHbpnksrlGSje5nbplote7mGoBjK2pQC9w9N4UiUWFWtkvtv0WuJiUPUDSH
ODwqMpGxaUgJ3s5nbQvp9yuMFQd3hUgxZ1QwZdJetnLcOkJw3gRxTEWtXit2upXL
IPxzllGxkk2VZdfG2zviuGtqUC0lM8wgUxnZcNVy8hKJrtYHJdVB3DE7433BkyAp
iQRA31OmuPQ2eUfGS3tlqdULVSKnPm/m1ekoD0KclhfsI8kdUmqP+w3SIaAaQK+H
nki9Uc+xm/pguZbwZ+Wvw43Wo10CAwEAAaOCAqUwggKhMB0GA1UdDgQWBBTeAVjM
yZfttcKjHlfBwmNsS2NI3jAfBgNVHSMEGDAWgBQeQ/Z1xWVaSLXB8tElO2W/wkW7
tzAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2RERBQkUvNUZCRUU2QzQxRUUzMTFGMTk4MzAyQ0UyREFFNEVDOUMvSGtQMmRj
VmxXa2kxd2ZMUkpUdGx2OEpGdTdjLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvSGtQMmRjVmxXa2kxd2ZMUkpUdGx2OEpGdTdjLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2RERBQkUvNUZCRUU2QzQxRUUzMTFGMTk4MzAyQ0UyREFF
NEVDOUMvM0ZENzIxOTQyN0FBMTFGMUFENTI1NDhBREFFNEVDOUMucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBSnGIDANBgkqhkiG9w0BAQsF
AAOCAQEAI+53xS9slNhzigX9VI9gM+XSiSWBGYwfl9C+r1ZMFh9VWCPTBQM+UtiD
3wgjPWmxztLwOsNATGmDBxSfdY4RbzJC/nIcdFjODZYg+E0HnTXMsVRE5di0mTms
k7Uq89GCEXx+0gNsD8WI73PFOoJ0w1ncBhCHyJIOUhm30IZK9gPScZOuEU0YWttJ
glPwbEIom0wobDr/UGgh4Arod3oXWACQEy0XHFqUFp9Z54kbDDYbJCQj1tZBP46x
2vrnGSjaF14C4zdu/Py8etoJ/Y87P6IDAD3RQtXOl5wVDqZ3BNsZWwVPLANg1luR
GE9YZHRAChkoLBLGvsW8jwY3hw/w/Q==
-----END CERTIFICATE-----
Generated at Thu Mar 26 23:34:05 2026 by rpki-client