Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36EF7D0/36E40A16F2FB11ED821B9D804AD9E6FC/5A86EC0A1EDA11F18DFE34AEDAE4EC9C.roa
File: 5A86EC0A1EDA11F18DFE34AEDAE4EC9C.roa (raw, json)
Hash identifier: PImR2CbgLNIrA4V+PLm0kbfXEPNlCfNyVbzpz9YIgCs=
Subject key identifier: 5C:66:14:18:97:6D:AC:06:DD:3D:41:93:20:1B:1E:EB:49:38:2E:A9
Certificate issuer: /CN=F36EF7D0AF/serialNumber=3A553B6EF80BF922312F96B8DDC1F219A8C4121B
Certificate serial: 04BB
Authority key identifier: 3A:55:3B:6E:F8:0B:F9:22:31:2F:96:B8:DD:C1:F2:19:A8:C4:12:1B
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/OlU7bvgL-SIxL5a43cHyGajEEhs.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36EF7D0/36E40A16F2FB11ED821B9D804AD9E6FC/5A86EC0A1EDA11F18DFE34AEDAE4EC9C.roa
Signing time: Fri 13 Mar 2026 12:44:20 +0000
ROA not before: Fri 13 Mar 2026 12:44:14 +0000
ROA not after: Wed 13 Mar 2030 12:44:14 +0000
asID: 328769
IP address blocks: 102.211.232.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36EF7D0/36E40A16F2FB11ED821B9D804AD9E6FC/OlU7bvgL-SIxL5a43cHyGajEEhs.crl
rsync://rpki.afrinic.net/repository/member_repository/F36EF7D0/36E40A16F2FB11ED821B9D804AD9E6FC/OlU7bvgL-SIxL5a43cHyGajEEhs.mft
rsync://rpki.afrinic.net/repository/afrinic/OlU7bvgL-SIxL5a43cHyGajEEhs.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 28 Mar 2026 00:07:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1211 (0x4bb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36EF7D0AF, serialNumber=3A553B6EF80BF922312F96B8DDC1F219A8C4121B
Validity
Not Before: Mar 13 12:44:14 2026 GMT
Not After : Mar 13 12:44:14 2030 GMT
Subject: CN=69b406a4-b801
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:d8:a9:78:0e:c1:e4:8a:20:92:cc:64:b9:ea:
7a:5d:6e:f8:4d:df:ab:de:14:34:98:99:59:00:b6:
ed:d3:e5:c3:b5:a9:91:80:89:ac:b8:0b:f4:30:e9:
13:39:45:c4:57:17:52:4f:d8:13:56:03:0b:f1:d6:
ac:99:ea:d4:57:dd:43:c1:18:b0:8e:b7:f1:85:59:
62:ff:de:83:9f:a4:ae:47:58:e0:3a:d5:c8:17:6a:
56:63:25:79:35:48:17:73:a7:83:36:bb:93:18:f7:
6f:60:b2:6e:7d:c1:1d:df:be:e9:48:05:25:f7:00:
c8:da:8c:f2:ba:be:30:20:cc:fb:89:16:6f:37:52:
fd:80:17:38:c9:c3:2f:eb:7a:46:75:88:ce:38:5a:
e9:e5:2c:6f:03:60:9d:b8:62:06:22:15:6c:3b:b2:
ec:5e:ef:be:45:92:57:b9:f9:63:8b:fe:e9:89:f7:
3f:0b:03:3e:d0:dc:a3:7e:ac:da:d5:ee:4b:b5:55:
18:3f:1c:a7:82:c4:3b:d9:e8:e7:d1:b9:d9:18:f2:
fd:e7:19:bf:b3:ae:19:9d:2d:14:e5:61:0d:30:18:
b8:4c:1f:98:ed:f6:05:d1:da:fa:4a:63:e2:da:85:
56:b6:a6:0b:fa:4c:0e:f4:7a:73:85:7f:93:cf:0a:
63:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:66:14:18:97:6D:AC:06:DD:3D:41:93:20:1B:1E:EB:49:38:2E:A9
X509v3 Authority Key Identifier:
keyid:3A:55:3B:6E:F8:0B:F9:22:31:2F:96:B8:DD:C1:F2:19:A8:C4:12:1B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36EF7D0/36E40A16F2FB11ED821B9D804AD9E6FC/OlU7bvgL-SIxL5a43cHyGajEEhs.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/OlU7bvgL-SIxL5a43cHyGajEEhs.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36EF7D0/36E40A16F2FB11ED821B9D804AD9E6FC/5A86EC0A1EDA11F18DFE34AEDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.211.232.0/24
Signature Algorithm: sha256WithRSAEncryption
84:1c:e8:fa:f4:b3:57:23:8c:38:2e:56:55:3a:f4:48:ca:33:
23:fa:59:a4:cc:77:15:dc:28:77:fc:a0:1b:47:9e:0b:71:92:
61:47:51:53:ce:a6:17:cc:44:fb:1f:c6:92:6b:4a:da:e0:28:
28:72:2e:95:6c:ac:bb:fa:bc:6d:f5:b8:cc:92:80:1f:7d:f3:
4e:07:a2:a6:7d:b3:25:91:b1:43:57:0c:5a:3e:b4:94:b7:9a:
2f:6a:23:c6:a3:b9:b6:46:8b:5d:49:ff:3c:68:0d:ef:9c:53:
2f:db:c6:f0:ea:e6:95:c4:e6:32:e8:0f:65:e1:23:e3:95:ec:
49:c6:d3:58:d0:ab:23:99:bf:2c:e0:7b:42:db:1e:20:d4:c9:
b8:b4:80:76:64:1f:6b:01:e9:bb:f0:76:d1:dd:26:8f:2a:94:
b5:d3:ab:8c:a0:a1:8e:9e:cd:49:b9:67:d0:c2:1a:ab:02:9e:
28:89:95:f7:10:c9:cb:81:be:2e:4a:c3:38:21:24:15:15:75:
b6:57:36:fd:b4:d8:a3:90:24:e3:05:c2:fc:01:a4:17:57:2e:
0e:11:4d:d1:f7:22:ab:7e:42:f4:96:e3:76:1b:0c:eb:5f:cd:
f1:ef:3d:db:ec:2e:b4:6f:94:e2:2c:a7:80:44:44:24:84:dd:
57:6a:d8:44
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICBLswDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
RUY3RDBBRjExMC8GA1UEBRMoM0E1NTNCNkVGODBCRjkyMjMxMkY5NkI4RERDMUYy
MTlBOEM0MTIxQjAeFw0yNjAzMTMxMjQ0MTRaFw0zMDAzMTMxMjQ0MTRaMBgxFjAU
BgNVBAMTDTY5YjQwNmE0LWI4MDEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDF2Kl4DsHkiiCSzGS56npdbvhN36veFDSYmVkAtu3T5cO1qZGAiay4C/Qw
6RM5RcRXF1JP2BNWAwvx1qyZ6tRX3UPBGLCOt/GFWWL/3oOfpK5HWOA61cgXalZj
JXk1SBdzp4M2u5MY929gsm59wR3fvulIBSX3AMjajPK6vjAgzPuJFm83Uv2AFzjJ
wy/rekZ1iM44WunlLG8DYJ24YgYiFWw7suxe775Fkle5+WOL/umJ9z8LAz7Q3KN+
rNrV7ku1VRg/HKeCxDvZ6OfRudkY8v3nGb+zrhmdLRTlYQ0wGLhMH5jt9gXR2vpK
Y+LahVa2pgv6TA70enOFf5PPCmMTAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUXGYU
GJdtrAbdPUGTIBse60k4LqkwHwYDVR0jBBgwFoAUOlU7bvgL+SIxL5a43cHyGajE
EhswDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNkVGN0QwLzM2RTQwQTE2RjJGQjExRUQ4MjFCOUQ4MDRBRDlFNkZDL09sVTdi
dmdMLVNJeEw1YTQzY0h5R2FqRUVocy5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL09sVTdidmdMLVNJeEw1YTQzY0h5R2FqRUVocy5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNkVGN0QwLzM2RTQwQTE2RjJGQjExRUQ4MjFCOUQ4MDRB
RDlFNkZDLzVBODZFQzBBMUVEQTExRjE4REZFMzRBRURBRTRFQzlDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABm0+gwDQYJKoZIhvcNAQEL
BQADggEBAIQc6Pr0s1cjjDguVlU69EjKMyP6WaTMdxXcKHf8oBtHngtxkmFHUVPO
phfMRPsfxpJrStrgKChyLpVsrLv6vG31uMySgB99804HoqZ9syWRsUNXDFo+tJS3
mi9qI8ajubZGi11J/zxoDe+cUy/bxvDq5pXE5jLoD2XhI+OV7EnG01jQqyOZvyzg
e0LbHiDUybi0gHZkH2sB6bvwdtHdJo8qlLXTq4ygoY6ezUm5Z9DCGqsCniiJlfcQ
ycuBvi5KwzghJBUVdbZXNv202KOQJOMFwvwBpBdXLg4RTdH3Iqt+QvSW43YbDOtf
zfHvPdvsLrRvlOIsp4BERCSE3Vdq2EQ=
-----END CERTIFICATE-----
Generated at Thu Mar 26 22:53:17 2026 by rpki-client