Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36ED057/3455862086BD11E98D8DE82EF8AEA228/93428F6A284C11F19A924BC2DAE4EC9C.roa
File: 93428F6A284C11F19A924BC2DAE4EC9C.roa (raw, json)
Hash identifier: Vu7xr9/kDghnQSE5Q/nqyNdfJwm1KtTB4ZA/YzFthkY=
Subject key identifier: 3E:F2:79:33:0E:9A:50:C4:56:44:78:8F:99:E8:31:66:94:1B:8B:09
Certificate issuer: /CN=F36ED057AF/serialNumber=44BE4CE57E115E0BCB34E6B9EB0C5723AEBD2274
Certificate serial: 09FE
Authority key identifier: 44:BE:4C:E5:7E:11:5E:0B:CB:34:E6:B9:EB:0C:57:23:AE:BD:22:74
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/RL5M5X4RXgvLNOa56wxXI669InQ.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36ED057/3455862086BD11E98D8DE82EF8AEA228/93428F6A284C11F19A924BC2DAE4EC9C.roa
Signing time: Wed 25 Mar 2026 13:14:38 +0000
ROA not before: Wed 25 Mar 2026 13:14:33 +0000
ROA not after: Tue 25 Mar 2036 13:14:33 +0000
asID: 328423
IP address blocks: 102.68.180.0/22 maxlen: 24
2c0f:ecb0::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36ED057/3455862086BD11E98D8DE82EF8AEA228/RL5M5X4RXgvLNOa56wxXI669InQ.crl
rsync://rpki.afrinic.net/repository/member_repository/F36ED057/3455862086BD11E98D8DE82EF8AEA228/RL5M5X4RXgvLNOa56wxXI669InQ.mft
rsync://rpki.afrinic.net/repository/afrinic/RL5M5X4RXgvLNOa56wxXI669InQ.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 28 Mar 2026 00:07:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2558 (0x9fe)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36ED057AF, serialNumber=44BE4CE57E115E0BCB34E6B9EB0C5723AEBD2274
Validity
Not Before: Mar 25 13:14:33 2026 GMT
Not After : Mar 25 13:14:33 2036 GMT
Subject: CN=69c3dfbe-81af
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:f8:0b:d9:84:5f:20:e3:21:57:40:e6:b8:dc:
77:2d:a4:70:c3:83:c2:62:35:03:47:a0:c6:7e:4b:
20:f4:b8:db:41:ca:09:26:50:3a:eb:f8:e9:e2:fc:
7a:46:80:ca:30:29:22:ea:54:66:1a:32:61:36:0e:
41:a9:59:a1:eb:19:76:55:fa:3b:af:f3:ad:12:23:
ea:94:bd:a2:89:a9:6d:54:fa:89:1e:a9:8c:44:f6:
d2:d9:d7:6f:f2:c8:1e:47:27:fb:74:15:05:bc:91:
79:f4:23:ec:09:a6:ea:be:13:1e:1a:b7:19:07:b7:
93:3f:46:37:dc:05:62:b1:2e:08:1b:4e:78:98:ea:
53:43:b2:1e:fd:5f:a8:47:a3:6e:15:c5:bc:4b:da:
49:0c:60:81:aa:b3:5e:68:9b:77:0c:ae:6a:76:b3:
c3:b5:9b:e1:91:2c:47:6f:03:37:e7:db:bd:95:bb:
0e:2d:ac:99:5f:8f:58:ef:b0:9a:90:01:83:2d:c3:
8d:2b:94:f9:c0:0c:36:22:de:bb:4d:55:a0:f5:d5:
1b:04:41:48:62:8f:50:4a:f0:cf:49:8b:a6:fe:bf:
0b:7c:97:0b:4a:8f:66:d3:db:33:a4:00:04:21:04:
5c:18:21:4e:18:00:5f:39:d7:b8:36:dd:18:e0:a3:
d9:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:F2:79:33:0E:9A:50:C4:56:44:78:8F:99:E8:31:66:94:1B:8B:09
X509v3 Authority Key Identifier:
keyid:44:BE:4C:E5:7E:11:5E:0B:CB:34:E6:B9:EB:0C:57:23:AE:BD:22:74
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36ED057/3455862086BD11E98D8DE82EF8AEA228/RL5M5X4RXgvLNOa56wxXI669InQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/RL5M5X4RXgvLNOa56wxXI669InQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36ED057/3455862086BD11E98D8DE82EF8AEA228/93428F6A284C11F19A924BC2DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.68.180.0/22
IPv6:
2c0f:ecb0::/32
Signature Algorithm: sha256WithRSAEncryption
be:fc:27:eb:6e:2e:c2:e2:6f:61:f9:9b:9f:0d:d5:34:26:27:
31:22:d1:78:26:b6:72:14:2f:f7:d0:a8:eb:85:80:f7:55:87:
26:f0:c3:9d:19:cd:68:5e:60:53:4f:36:83:9f:43:0c:c1:6c:
f6:90:9f:7b:35:e5:11:29:21:69:46:66:a0:4d:f1:dc:2c:bb:
ce:f7:bd:1d:e7:09:92:69:ab:58:c7:19:7f:66:0c:50:49:01:
78:eb:42:8d:c7:ac:ca:2e:45:7e:76:4b:ac:66:79:01:5a:49:
17:6d:76:5f:9c:99:a0:a7:f4:49:8a:2f:f1:b4:d6:b9:78:62:
18:fc:e0:00:b1:9c:f2:7b:37:ed:1e:71:9b:53:f9:3d:fd:74:
c4:20:9f:59:70:09:c3:4c:e4:3d:f3:fa:50:e7:d4:24:24:3c:
b8:6f:86:b4:38:6e:6f:68:81:9e:99:fe:d1:01:c4:11:e6:69:
14:67:88:52:14:ed:5b:74:83:03:f8:87:8f:0a:51:9c:94:37:
23:6f:14:bf:2e:bc:a7:cb:2e:1f:fe:f9:70:71:e3:5a:96:c1:
64:3b:c5:2b:43:c7:ed:d9:02:79:0a:55:4f:dd:5d:8a:c3:de:
04:4e:3b:15:2c:62:5b:b0:dc:89:8f:15:b0:ef:c3:e1:49:d1:
d4:42:c6:81
-----BEGIN CERTIFICATE-----
MIIFkjCCBHqgAwIBAgICCf4wDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
RUQwNTdBRjExMC8GA1UEBRMoNDRCRTRDRTU3RTExNUUwQkNCMzRFNkI5RUIwQzU3
MjNBRUJEMjI3NDAeFw0yNjAzMjUxMzE0MzNaFw0zNjAzMjUxMzE0MzNaMBgxFjAU
BgNVBAMTDTY5YzNkZmJlLTgxYWYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQC/+AvZhF8g4yFXQOa43HctpHDDg8JiNQNHoMZ+SyD0uNtBygkmUDrr+Oni
/HpGgMowKSLqVGYaMmE2DkGpWaHrGXZV+juv860SI+qUvaKJqW1U+okeqYxE9tLZ
12/yyB5HJ/t0FQW8kXn0I+wJpuq+Ex4atxkHt5M/RjfcBWKxLggbTniY6lNDsh79
X6hHo24VxbxL2kkMYIGqs15om3cMrmp2s8O1m+GRLEdvAzfn272Vuw4trJlfj1jv
sJqQAYMtw40rlPnADDYi3rtNVaD11RsEQUhij1BK8M9Ji6b+vwt8lwtKj2bT2zOk
AAQhBFwYIU4YAF8517g23Rjgo9lJAgMBAAGjggK0MIICsDAdBgNVHQ4EFgQUPvJ5
Mw6aUMRWRHiPmegxZpQbiwkwHwYDVR0jBBgwFoAURL5M5X4RXgvLNOa56wxXI669
InQwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNkVEMDU3LzM0NTU4NjIwODZCRDExRTk4RDhERTgyRUY4QUVBMjI4L1JMNU01
WDRSWGd2TE5PYTU2d3hYSTY2OUluUS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL1JMNU01WDRSWGd2TE5PYTU2d3hYSTY2OUluUS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNkVEMDU3LzM0NTU4NjIwODZCRDExRTk4RDhERTgyRUY4
QUVBMjI4LzkzNDI4RjZBMjg0QzExRjE5QTkyNEJDMkRBRTRFQzlDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwLgYIKwYBBQUHAQcBAf8EHzAdMAwEAgABMAYDBAJmRLQwDQQCAAIwBwMFACwP
7LAwDQYJKoZIhvcNAQELBQADggEBAL78J+tuLsLib2H5m58N1TQmJzEi0XgmtnIU
L/fQqOuFgPdVhybww50ZzWheYFNPNoOfQwzBbPaQn3s15REpIWlGZqBN8dwsu873
vR3nCZJpq1jHGX9mDFBJAXjrQo3HrMouRX52S6xmeQFaSRdtdl+cmaCn9EmKL/G0
1rl4Yhj84ACxnPJ7N+0ecZtT+T39dMQgn1lwCcNM5D3z+lDn1CQkPLhvhrQ4bm9o
gZ6Z/tEBxBHmaRRniFIU7Vt0gwP4h48KUZyUNyNvFL8uvKfLLh/++XBx41qWwWQ7
xStDx+3ZAnkKVU/dXYrD3gROOxUsYluw3ImPFbDvw+FJ0dRCxoE=
-----END CERTIFICATE-----
Generated at Thu Mar 26 22:07:36 2026 by rpki-client