Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36FC328/3D9BBC70511F11ECB7D55F7DD8A014CE/667BE87C228A11F1BB1DB6B2DAE4EC9C.roa
File: 667BE87C228A11F1BB1DB6B2DAE4EC9C.roa (raw, json)
Hash identifier: diiUMYLTf7GHvC+FpTEO1MJ9Bb10GH/i96nHHlmFUAQ=
Subject key identifier: 03:BB:F6:08:EF:95:0C:4E:5E:75:3B:0C:89:95:84:1F:1E:F0:9E:E1
Certificate issuer: /CN=F36FC328AF/serialNumber=3A8F308C11DF2DBB74FEB6CC59C6640986C9CB65
Certificate serial: 064B
Authority key identifier: 3A:8F:30:8C:11:DF:2D:BB:74:FE:B6:CC:59:C6:64:09:86:C9:CB:65
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/Oo8wjBHfLbt0_rbMWcZkCYbJy2U.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36FC328/3D9BBC70511F11ECB7D55F7DD8A014CE/667BE87C228A11F1BB1DB6B2DAE4EC9C.roa
Signing time: Wed 18 Mar 2026 05:22:05 +0000
ROA not before: Wed 18 Mar 2026 05:22:00 +0000
ROA not after: Mon 20 Mar 2028 05:22:00 +0000
asID: 327960
IP address blocks: 102.219.144.0/22 maxlen: 24
2c0f:f2a8::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36FC328/3D9BBC70511F11ECB7D55F7DD8A014CE/Oo8wjBHfLbt0_rbMWcZkCYbJy2U.crl
rsync://rpki.afrinic.net/repository/member_repository/F36FC328/3D9BBC70511F11ECB7D55F7DD8A014CE/Oo8wjBHfLbt0_rbMWcZkCYbJy2U.mft
rsync://rpki.afrinic.net/repository/afrinic/Oo8wjBHfLbt0_rbMWcZkCYbJy2U.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 28 Mar 2026 00:07:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1611 (0x64b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36FC328AF, serialNumber=3A8F308C11DF2DBB74FEB6CC59C6640986C9CB65
Validity
Not Before: Mar 18 05:22:00 2026 GMT
Not After : Mar 20 05:22:00 2028 GMT
Subject: CN=69ba367d-9693
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:22:a6:11:95:8e:2a:c3:d0:69:37:95:ed:7b:
45:6d:83:2a:f5:1e:be:29:a4:e7:aa:75:3e:a9:c3:
3c:7e:5b:0c:8e:c4:34:31:7d:cc:b5:93:bb:37:fd:
b9:a2:8d:c7:2a:3d:68:dd:c3:b4:0e:df:88:bb:2f:
52:eb:28:66:c6:6f:35:22:93:e6:20:51:4c:25:f2:
3d:1c:fe:38:e9:08:61:6f:e8:ec:8e:9d:89:01:c2:
44:da:0a:57:17:48:fc:9f:cc:51:e6:66:71:1f:60:
81:a6:d7:82:99:7b:4b:66:cd:21:90:b8:a6:df:6e:
a1:03:b9:4e:8c:69:0d:f8:6c:a6:e5:e2:d2:c2:0f:
91:e0:3a:f0:09:3d:bb:1b:bf:5f:16:e0:82:22:58:
25:a5:b1:5a:b2:15:92:36:91:57:25:b9:22:64:63:
77:2e:c3:3b:11:6f:0b:b7:06:fb:5e:53:12:54:5e:
a9:72:17:63:70:b4:05:4f:34:56:71:ef:a1:ce:22:
a0:b4:43:ff:3d:0d:bf:e6:64:e1:cf:67:60:9a:34:
19:2b:93:0c:fa:92:9a:f4:57:23:5b:96:07:89:5f:
50:d6:0b:a2:43:ac:f3:5c:b4:ed:48:b9:f1:05:d5:
1b:2f:70:f7:d0:27:f5:8e:ec:4f:81:d1:26:af:94:
6e:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:BB:F6:08:EF:95:0C:4E:5E:75:3B:0C:89:95:84:1F:1E:F0:9E:E1
X509v3 Authority Key Identifier:
keyid:3A:8F:30:8C:11:DF:2D:BB:74:FE:B6:CC:59:C6:64:09:86:C9:CB:65
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36FC328/3D9BBC70511F11ECB7D55F7DD8A014CE/Oo8wjBHfLbt0_rbMWcZkCYbJy2U.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/Oo8wjBHfLbt0_rbMWcZkCYbJy2U.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36FC328/3D9BBC70511F11ECB7D55F7DD8A014CE/667BE87C228A11F1BB1DB6B2DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.219.144.0/22
IPv6:
2c0f:f2a8::/32
Signature Algorithm: sha256WithRSAEncryption
61:60:7a:4c:24:27:a9:c0:74:76:71:fd:5a:a2:76:4a:ed:04:
8c:d3:53:6f:19:26:e2:58:e3:c5:50:31:94:15:9b:a2:e0:8d:
e4:ff:9d:5e:b1:14:58:3f:34:58:e7:0a:07:df:9a:16:de:1b:
be:42:bc:60:ef:64:ca:7f:d3:88:a1:e6:d6:82:e4:7d:2c:9c:
f4:31:72:6f:0a:5c:b3:a2:da:00:32:52:2b:e5:eb:a0:e4:fc:
a4:db:7f:7f:b7:e3:d2:03:1d:ca:f4:2e:cd:47:0c:4d:10:1a:
b9:bc:5a:a7:23:59:76:23:0a:94:57:70:c7:0f:62:36:98:50:
e2:88:d0:df:48:0a:99:af:af:5c:e5:1e:25:09:84:e7:25:94:
b6:22:01:eb:ff:4f:d4:bf:04:f9:c7:72:88:01:67:7e:2a:1c:
25:15:23:67:44:21:db:8b:7d:12:a2:22:02:c6:dc:59:31:c6:
f8:20:76:c3:04:2d:d4:ce:b4:6a:28:f6:c7:79:81:0c:37:e1:
76:de:bb:3f:33:11:f7:8c:7a:bb:06:6b:3f:29:3a:53:27:77:
70:62:0d:04:0d:c6:a6:69:48:a0:8d:ad:dd:ff:13:f1:bb:4d:
f8:14:24:10:fc:2d:e2:b2:94:5c:2d:e0:57:7d:df:b1:e8:12:
47:3c:96:fe
-----BEGIN CERTIFICATE-----
MIIFkjCCBHqgAwIBAgICBkswDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
RkMzMjhBRjExMC8GA1UEBRMoM0E4RjMwOEMxMURGMkRCQjc0RkVCNkNDNTlDNjY0
MDk4NkM5Q0I2NTAeFw0yNjAzMTgwNTIyMDBaFw0yODAzMjAwNTIyMDBaMBgxFjAU
BgNVBAMTDTY5YmEzNjdkLTk2OTMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDQIqYRlY4qw9BpN5Xte0Vtgyr1Hr4ppOeqdT6pwzx+WwyOxDQxfcy1k7s3
/bmijccqPWjdw7QO34i7L1LrKGbGbzUik+YgUUwl8j0c/jjpCGFv6OyOnYkBwkTa
ClcXSPyfzFHmZnEfYIGm14KZe0tmzSGQuKbfbqEDuU6MaQ34bKbl4tLCD5HgOvAJ
Pbsbv18W4IIiWCWlsVqyFZI2kVcluSJkY3cuwzsRbwu3BvteUxJUXqlyF2NwtAVP
NFZx76HOIqC0Q/89Db/mZOHPZ2CaNBkrkwz6kpr0VyNblgeJX1DWC6JDrPNctO1I
ufEF1RsvcPfQJ/WO7E+B0SavlG5LAgMBAAGjggK0MIICsDAdBgNVHQ4EFgQUA7v2
CO+VDE5edTsMiZWEHx7wnuEwHwYDVR0jBBgwFoAUOo8wjBHfLbt0/rbMWcZkCYbJ
y2UwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNkZDMzI4LzNEOUJCQzcwNTExRjExRUNCN0Q1NUY3REQ4QTAxNENFL09vOHdq
QkhmTGJ0MF9yYk1XY1prQ1liSnkyVS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL09vOHdqQkhmTGJ0MF9yYk1XY1prQ1liSnkyVS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNkZDMzI4LzNEOUJCQzcwNTExRjExRUNCN0Q1NUY3REQ4
QTAxNENFLzY2N0JFODdDMjI4QTExRjFCQjFEQjZCMkRBRTRFQzlDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwLgYIKwYBBQUHAQcBAf8EHzAdMAwEAgABMAYDBAJm25AwDQQCAAIwBwMFACwP
8qgwDQYJKoZIhvcNAQELBQADggEBAGFgekwkJ6nAdHZx/VqidkrtBIzTU28ZJuJY
48VQMZQVm6LgjeT/nV6xFFg/NFjnCgffmhbeG75CvGDvZMp/04ih5taC5H0snPQx
cm8KXLOi2gAyUivl66Dk/KTbf3+349IDHcr0Ls1HDE0QGrm8WqcjWXYjCpRXcMcP
YjaYUOKI0N9ICpmvr1zlHiUJhOcllLYiAev/T9S/BPnHcogBZ34qHCUVI2dEIduL
fRKiIgLG3FkxxvggdsMELdTOtGoo9sd5gQw34Xbeuz8zEfeMersGaz8pOlMnd3Bi
DQQNxqZpSKCNrd3/E/G7TfgUJBD8LeKylFwt4Fd937HoEkc8lv4=
-----END CERTIFICATE-----
Generated at Thu Mar 26 19:06:14 2026 by rpki-client