Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36DDABE/5FBEE6C41EE311F198302CE2DAE4EC9C/5FA51D6E27AA11F1915A6F8ADAE4EC9C.roa
File: 5FA51D6E27AA11F1915A6F8ADAE4EC9C.roa (raw, json)
Hash identifier: ZR9t/KzjH21W2pjRCMUkUKhrvUwnWO9scLmlC3KK6tc=
Subject key identifier: 7D:70:1A:5A:B1:0B:1E:6D:D1:6F:55:5A:63:66:9D:94:0A:98:DA:22
Certificate issuer: /CN=F36DDABEAF/serialNumber=1E43F675C5655A48B5C1F2D1253B65BFC245BBB7
Certificate serial: 15
Authority key identifier: 1E:43:F6:75:C5:65:5A:48:B5:C1:F2:D1:25:3B:65:BF:C2:45:BB:B7
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/HkP2dcVlWki1wfLRJTtlv8JFu7c.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36DDABE/5FBEE6C41EE311F198302CE2DAE4EC9C/5FA51D6E27AA11F1915A6F8ADAE4EC9C.roa
Signing time: Tue 24 Mar 2026 17:53:33 +0000
ROA not before: Tue 24 Mar 2026 17:53:28 +0000
ROA not after: Thu 23 Mar 2028 17:53:28 +0000
asID: 36877
IP address blocks: 41.198.16.0/20 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36DDABE/5FBEE6C41EE311F198302CE2DAE4EC9C/HkP2dcVlWki1wfLRJTtlv8JFu7c.crl
rsync://rpki.afrinic.net/repository/member_repository/F36DDABE/5FBEE6C41EE311F198302CE2DAE4EC9C/HkP2dcVlWki1wfLRJTtlv8JFu7c.mft
rsync://rpki.afrinic.net/repository/afrinic/HkP2dcVlWki1wfLRJTtlv8JFu7c.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 28 Mar 2026 00:07:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 21 (0x15)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36DDABEAF, serialNumber=1E43F675C5655A48B5C1F2D1253B65BFC245BBB7
Validity
Not Before: Mar 24 17:53:28 2026 GMT
Not After : Mar 23 17:53:28 2028 GMT
Subject: CN=69c2cf9d-e5c4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:1d:74:2c:65:09:4e:f1:a3:8b:29:bb:68:f3:
41:f0:52:35:97:27:39:71:c7:38:19:1c:ce:0b:1a:
ce:87:9c:ab:6f:cb:76:a9:7c:ef:c2:2d:18:ea:3b:
05:1d:4a:b0:4a:93:9d:59:fc:27:da:63:ee:83:27:
d9:1d:8c:0e:85:bc:ab:ce:11:5b:5e:e4:69:59:d7:
4d:95:34:16:27:2d:a3:39:b3:85:2c:5a:95:95:74:
79:04:65:1f:59:ed:af:9c:1a:7b:fe:db:50:eb:c0:
2a:df:1e:d5:4d:48:64:f2:29:c0:cf:90:36:c0:ca:
72:99:82:68:33:bd:73:46:d1:68:77:68:9f:2d:69:
bc:fa:93:30:93:65:08:ed:f8:e7:32:42:49:eb:31:
ad:9a:52:11:a6:6b:f1:54:92:c7:a2:65:d9:bc:9b:
c0:c5:16:7a:e0:02:96:9a:50:30:dc:77:88:a2:d9:
57:f9:6d:04:90:9a:22:3d:76:d6:96:98:27:fc:5c:
a6:52:3b:7d:70:0d:a3:5c:4d:0b:db:73:a1:68:47:
41:bb:a7:13:17:e1:cc:a0:dd:5f:91:49:fd:50:5e:
2a:58:ab:2f:d8:fe:ee:f5:c2:1f:c2:80:7c:c5:f9:
f0:84:bc:e0:cb:54:ab:8c:51:ae:23:20:94:4b:65:
fc:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:70:1A:5A:B1:0B:1E:6D:D1:6F:55:5A:63:66:9D:94:0A:98:DA:22
X509v3 Authority Key Identifier:
keyid:1E:43:F6:75:C5:65:5A:48:B5:C1:F2:D1:25:3B:65:BF:C2:45:BB:B7
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36DDABE/5FBEE6C41EE311F198302CE2DAE4EC9C/HkP2dcVlWki1wfLRJTtlv8JFu7c.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/HkP2dcVlWki1wfLRJTtlv8JFu7c.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36DDABE/5FBEE6C41EE311F198302CE2DAE4EC9C/5FA51D6E27AA11F1915A6F8ADAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
41.198.16.0/20
Signature Algorithm: sha256WithRSAEncryption
0f:71:af:30:a1:0c:47:b2:83:6c:b2:21:93:64:06:e0:aa:55:
b7:1d:e2:ee:f5:6c:7c:4c:d4:41:8b:8b:a4:1d:5a:bb:81:6b:
9c:3b:79:d9:c5:c6:b6:64:c7:79:99:9b:35:b3:f5:e4:f1:fe:
c3:1d:ec:41:80:59:68:a1:21:d0:90:8c:2f:bd:0a:66:39:3c:
b5:d3:88:09:fb:f7:14:ae:80:ec:13:ee:20:d2:3c:41:ac:a9:
c7:f8:e2:c8:ab:9f:6b:42:68:98:5c:43:45:2d:c8:c1:40:25:
15:09:07:de:63:5d:9e:33:41:1e:82:85:05:c9:39:14:c8:b8:
ae:23:27:55:69:cd:85:8d:e1:c8:93:8d:17:2a:dc:22:3e:d5:
97:c0:c6:de:75:b8:e5:31:e9:43:c3:6f:71:39:8d:af:c2:56:
89:4c:90:21:d4:49:d0:60:5e:e2:ce:5a:73:11:be:ae:77:9d:
8a:cb:32:4b:54:d6:b3:95:28:06:6e:e0:ae:aa:7a:fb:2e:62:
91:ae:4f:59:0a:05:7a:64:c7:2d:8b:52:14:0c:f1:1d:fe:f8:
8f:a6:67:d6:92:b4:68:a3:6d:6a:a9:67:52:a4:8c:dd:38:44:
82:92:32:90:7d:e3:30:a2:21:2e:c8:03:bd:eb:61:b4:93:89:
eb:83:a7:e2
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgIBFTANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzZE
REFCRUFGMTEwLwYDVQQFEygxRTQzRjY3NUM1NjU1QTQ4QjVDMUYyRDEyNTNCNjVC
RkMyNDVCQkI3MB4XDTI2MDMyNDE3NTMyOFoXDTI4MDMyMzE3NTMyOFowGDEWMBQG
A1UEAxMNNjljMmNmOWQtZTVjNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMkddCxlCU7xo4spu2jzQfBSNZcnOXHHOBkczgsazoecq2/Ldql878ItGOo7
BR1KsEqTnVn8J9pj7oMn2R2MDoW8q84RW17kaVnXTZU0FictozmzhSxalZV0eQRl
H1ntr5wae/7bUOvAKt8e1U1IZPIpwM+QNsDKcpmCaDO9c0bRaHdony1pvPqTMJNl
CO345zJCSesxrZpSEaZr8VSSx6Jl2bybwMUWeuAClppQMNx3iKLZV/ltBJCaIj12
1paYJ/xcplI7fXANo1xNC9tzoWhHQbunExfhzKDdX5FJ/VBeKlirL9j+7vXCH8KA
fMX58IS84MtUq4xRriMglEtl/DMCAwEAAaOCAqUwggKhMB0GA1UdDgQWBBR9cBpa
sQsebdFvVVpjZp2UCpjaIjAfBgNVHSMEGDAWgBQeQ/Z1xWVaSLXB8tElO2W/wkW7
tzAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2RERBQkUvNUZCRUU2QzQxRUUzMTFGMTk4MzAyQ0UyREFFNEVDOUMvSGtQMmRj
VmxXa2kxd2ZMUkpUdGx2OEpGdTdjLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvSGtQMmRjVmxXa2kxd2ZMUkpUdGx2OEpGdTdjLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2RERBQkUvNUZCRUU2QzQxRUUzMTFGMTk4MzAyQ0UyREFF
NEVDOUMvNUZBNTFENkUyN0FBMTFGMTkxNUE2RjhBREFFNEVDOUMucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBCnGEDANBgkqhkiG9w0BAQsF
AAOCAQEAD3GvMKEMR7KDbLIhk2QG4KpVtx3i7vVsfEzUQYuLpB1au4FrnDt52cXG
tmTHeZmbNbP15PH+wx3sQYBZaKEh0JCML70KZjk8tdOICfv3FK6A7BPuINI8Qayp
x/jiyKufa0JomFxDRS3IwUAlFQkH3mNdnjNBHoKFBck5FMi4riMnVWnNhY3hyJON
FyrcIj7Vl8DG3nW45THpQ8NvcTmNr8JWiUyQIdRJ0GBe4s5acxG+rnedissyS1TW
s5UoBm7grqp6+y5ika5PWQoFemTHLYtSFAzxHf74j6Zn1pK0aKNtaqlnUqSM3ThE
gpIykH3jMKIhLsgDvethtJOJ64On4g==
-----END CERTIFICATE-----
Generated at Thu Mar 26 23:34:00 2026 by rpki-client