Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36EADB7/3C8EB292132011ED9CAE43EEF1222468/FDDEDCAC21D011F18474A17CDAE4EC9C.roa
File: FDDEDCAC21D011F18474A17CDAE4EC9C.roa (raw, json)
Hash identifier: SZFd5PkVE834obyPBshtPMz+lsFfdRXHPh1ZlI1rujI=
Subject key identifier: C2:16:A2:25:17:D7:E3:2A:56:BB:BA:22:96:0F:1E:E2:01:59:F1:42
Certificate issuer: /CN=F36EADB7AF/serialNumber=5343C38BDF2E49183139A58AC42F116FA99673CD
Certificate serial: 055C
Authority key identifier: 53:43:C3:8B:DF:2E:49:18:31:39:A5:8A:C4:2F:11:6F:A9:96:73:CD
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/U0PDi98uSRgxOaWKxC8Rb6mWc80.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36EADB7/3C8EB292132011ED9CAE43EEF1222468/FDDEDCAC21D011F18474A17CDAE4EC9C.roa
Signing time: Tue 17 Mar 2026 07:14:53 +0000
ROA not before: Tue 17 Mar 2026 07:14:35 +0000
ROA not after: Mon 17 Mar 2036 07:14:35 +0000
asID: 328257
IP address blocks: 102.22.112.0/21 maxlen: 24
2c0f:2180::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36EADB7/3C8EB292132011ED9CAE43EEF1222468/U0PDi98uSRgxOaWKxC8Rb6mWc80.crl
rsync://rpki.afrinic.net/repository/member_repository/F36EADB7/3C8EB292132011ED9CAE43EEF1222468/U0PDi98uSRgxOaWKxC8Rb6mWc80.mft
rsync://rpki.afrinic.net/repository/afrinic/U0PDi98uSRgxOaWKxC8Rb6mWc80.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 28 Mar 2026 00:07:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1372 (0x55c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36EADB7AF, serialNumber=5343C38BDF2E49183139A58AC42F116FA99673CD
Validity
Not Before: Mar 17 07:14:35 2026 GMT
Not After : Mar 17 07:14:35 2036 GMT
Subject: CN=69b8ff6c-b843
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:c3:0f:0a:d2:79:fc:18:ce:fa:6c:7b:c8:4c:
ce:46:66:5f:12:c7:b1:f1:cb:16:d6:c6:bb:39:48:
1f:cf:a8:cf:d9:e0:f7:35:ec:ff:0f:83:a3:0d:a5:
cf:c2:09:44:46:3b:bd:a4:12:95:d7:71:39:da:ae:
b5:7a:84:d5:42:23:8a:4c:63:68:1a:83:8c:1f:81:
8b:83:16:c0:3f:6d:32:2b:dd:a1:e8:35:a4:2f:39:
12:56:08:f6:65:f1:09:15:76:ad:d1:60:0f:8a:50:
86:0d:09:fa:33:10:75:27:47:ea:1e:cb:70:eb:48:
e9:5b:d0:98:ab:dd:a9:18:d2:45:6d:f6:2c:dd:f2:
b7:1f:2c:aa:0c:55:0c:06:5d:ac:17:12:97:72:e8:
47:f1:54:6c:8a:d6:e1:5d:50:a2:75:e2:59:ae:a2:
5e:c7:a1:ce:4b:ae:09:85:a4:42:2e:f8:60:33:5e:
16:32:84:08:61:62:4f:87:60:14:7a:7f:46:c8:6f:
33:78:e3:24:28:bf:a4:ff:8b:d9:1b:2b:69:26:61:
aa:29:47:76:8e:70:b6:fc:c7:8b:29:f7:db:d3:db:
92:f8:0a:10:45:8e:2d:17:c5:1d:f1:8a:cb:ec:c9:
bc:55:4c:e8:a0:f6:b4:ca:17:41:dd:0f:5a:62:e5:
ca:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:16:A2:25:17:D7:E3:2A:56:BB:BA:22:96:0F:1E:E2:01:59:F1:42
X509v3 Authority Key Identifier:
keyid:53:43:C3:8B:DF:2E:49:18:31:39:A5:8A:C4:2F:11:6F:A9:96:73:CD
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36EADB7/3C8EB292132011ED9CAE43EEF1222468/U0PDi98uSRgxOaWKxC8Rb6mWc80.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/U0PDi98uSRgxOaWKxC8Rb6mWc80.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36EADB7/3C8EB292132011ED9CAE43EEF1222468/FDDEDCAC21D011F18474A17CDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.22.112.0/21
IPv6:
2c0f:2180::/32
Signature Algorithm: sha256WithRSAEncryption
8c:5b:21:09:31:9a:a0:1e:4a:2d:9f:7c:56:0d:56:d0:4f:38:
df:a3:19:2b:db:1c:56:1d:62:48:95:ff:e7:6e:0c:ef:ac:46:
e4:ac:71:d7:82:d1:cc:8d:b7:eb:0e:70:8a:e5:df:f3:8c:24:
64:c0:89:29:f3:bc:a7:51:f2:4c:9d:0b:6b:b8:4a:e8:30:fc:
e2:7a:08:ef:68:e8:19:d2:d6:16:eb:ef:ab:a5:8e:e7:11:4d:
f3:36:2d:7e:09:0d:de:e5:59:b8:1c:c3:a3:22:c8:6b:b3:52:
a2:da:85:2e:b6:17:f0:b4:92:c6:ee:c9:6f:ff:bc:6a:a0:b8:
b8:8c:35:68:97:0d:d5:eb:56:10:35:83:90:f3:ab:a6:62:f0:
52:f9:cb:9e:c0:dc:1f:b6:01:5e:1a:ac:ab:8d:c2:40:95:96:
37:f0:08:39:3f:96:a5:2c:4f:14:9e:e4:1b:e4:a0:b6:5f:d8:
a5:da:b9:3d:3d:60:56:03:c1:8c:0e:d7:f2:fc:b2:b5:44:1f:
fa:99:67:6e:99:62:15:83:b1:c9:7f:fc:44:6d:54:15:96:5c:
b0:a1:98:79:e7:09:92:a9:f1:ea:f1:d9:9d:9c:3c:b3:e9:90:
29:fc:c7:a4:db:38:d8:79:3b:26:bf:9a:0e:43:1b:48:f3:fa:
ab:37:d8:cd
-----BEGIN CERTIFICATE-----
MIIFkjCCBHqgAwIBAgICBVwwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
RUFEQjdBRjExMC8GA1UEBRMoNTM0M0MzOEJERjJFNDkxODMxMzlBNThBQzQyRjEx
NkZBOTk2NzNDRDAeFw0yNjAzMTcwNzE0MzVaFw0zNjAzMTcwNzE0MzVaMBgxFjAU
BgNVBAMTDTY5YjhmZjZjLWI4NDMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQC7ww8K0nn8GM76bHvITM5GZl8Sx7HxyxbWxrs5SB/PqM/Z4Pc17P8Pg6MN
pc/CCURGO72kEpXXcTnarrV6hNVCI4pMY2gag4wfgYuDFsA/bTIr3aHoNaQvORJW
CPZl8QkVdq3RYA+KUIYNCfozEHUnR+oey3DrSOlb0Jir3akY0kVt9izd8rcfLKoM
VQwGXawXEpdy6EfxVGyK1uFdUKJ14lmuol7Hoc5LrgmFpEIu+GAzXhYyhAhhYk+H
YBR6f0bIbzN44yQov6T/i9kbK2kmYaopR3aOcLb8x4sp99vT25L4ChBFji0XxR3x
isvsybxVTOig9rTKF0HdD1pi5cpdAgMBAAGjggK0MIICsDAdBgNVHQ4EFgQUwhai
JRfX4ypWu7oilg8e4gFZ8UIwHwYDVR0jBBgwFoAUU0PDi98uSRgxOaWKxC8Rb6mW
c80wDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNkVBREI3LzNDOEVCMjkyMTMyMDExRUQ5Q0FFNDNFRUYxMjIyNDY4L1UwUERp
OTh1U1JneE9hV0t4QzhSYjZtV2M4MC5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL1UwUERpOTh1U1JneE9hV0t4QzhSYjZtV2M4MC5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNkVBREI3LzNDOEVCMjkyMTMyMDExRUQ5Q0FFNDNFRUYx
MjIyNDY4L0ZEREVEQ0FDMjFEMDExRjE4NDc0QTE3Q0RBRTRFQzlDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwLgYIKwYBBQUHAQcBAf8EHzAdMAwEAgABMAYDBANmFnAwDQQCAAIwBwMFACwP
IYAwDQYJKoZIhvcNAQELBQADggEBAIxbIQkxmqAeSi2ffFYNVtBPON+jGSvbHFYd
YkiV/+duDO+sRuSscdeC0cyNt+sOcIrl3/OMJGTAiSnzvKdR8kydC2u4Sugw/OJ6
CO9o6BnS1hbr76uljucRTfM2LX4JDd7lWbgcw6MiyGuzUqLahS62F/C0ksbuyW//
vGqguLiMNWiXDdXrVhA1g5Dzq6Zi8FL5y57A3B+2AV4arKuNwkCVljfwCDk/lqUs
TxSe5BvkoLZf2KXauT09YFYDwYwO1/L8srVEH/qZZ26ZYhWDscl//ERtVBWWXLCh
mHnnCZKp8erx2Z2cPLPpkCn8x6TbONh5Oya/mg5DG0jz+qs32M0=
-----END CERTIFICATE-----
Generated at Thu Mar 26 16:41:44 2026 by rpki-client