Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36145DB/5530F6D8CA2811ED94556695F1222468/E2E0E31406A011F1B28491C7DAE4EC9C.roa
File: E2E0E31406A011F1B28491C7DAE4EC9C.roa (raw, json)
Hash identifier: zfZ7SQHe7ntDVmEKHJbxTZVYNg5h50utum1HjMBco0w=
Subject key identifier: 87:BA:4F:6D:94:59:D2:6C:28:06:51:4D:4D:19:A2:95:46:B8:49:91
Certificate issuer: /CN=F36145DBAF/serialNumber=07345B4425EAA216D03B70E8803F3CC3ABE1751C
Certificate serial: 0443
Authority key identifier: 07:34:5B:44:25:EA:A2:16:D0:3B:70:E8:80:3F:3C:C3:AB:E1:75:1C
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/BzRbRCXqohbQO3DogD88w6vhdRw.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36145DB/5530F6D8CA2811ED94556695F1222468/E2E0E31406A011F1B28491C7DAE4EC9C.roa
Signing time: Tue 10 Feb 2026 16:52:30 +0000
ROA not before: Tue 10 Feb 2026 16:52:14 +0000
ROA not after: Thu 10 Feb 2028 16:52:14 +0000
asID: 327906
IP address blocks: 102.217.144.0/22 maxlen: 24
2c0f:f008::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36145DB/5530F6D8CA2811ED94556695F1222468/BzRbRCXqohbQO3DogD88w6vhdRw.crl
rsync://rpki.afrinic.net/repository/member_repository/F36145DB/5530F6D8CA2811ED94556695F1222468/BzRbRCXqohbQO3DogD88w6vhdRw.mft
rsync://rpki.afrinic.net/repository/afrinic/BzRbRCXqohbQO3DogD88w6vhdRw.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Wed 04 Mar 2026 00:07:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1091 (0x443)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36145DBAF, serialNumber=07345B4425EAA216D03B70E8803F3CC3ABE1751C
Validity
Not Before: Feb 10 16:52:14 2026 GMT
Not After : Feb 10 16:52:14 2028 GMT
Subject: CN=698b624e-9e60
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:fa:b0:95:01:a8:98:e7:b6:a6:2e:ec:34:fc:4c:
6e:96:fd:ad:e4:85:99:a8:43:5a:f7:ee:ce:90:86:
b7:59:73:c7:62:d9:91:e9:9c:3c:d9:44:8b:5a:cf:
3d:f6:d5:90:54:20:6c:d0:20:b7:8b:91:a1:c9:a4:
66:d9:a0:8c:26:56:1a:ee:32:06:2a:38:37:c2:0a:
3b:3f:68:02:64:d9:58:99:ef:c6:de:d2:dc:4f:2a:
81:ab:5a:36:5a:f2:b6:a2:b2:dc:db:6b:fc:0d:17:
e7:1b:bd:4a:26:7c:cd:4b:84:48:00:ee:a1:73:0b:
72:69:26:90:e7:fe:c8:57:30:33:9e:30:87:bc:65:
bf:7e:c2:87:4a:25:75:68:e8:f1:d0:1c:c6:90:be:
8e:8f:80:ca:41:7c:93:8a:a2:a2:be:78:e7:93:b1:
21:b3:91:77:56:94:a0:a3:24:44:53:2a:9c:3f:33:
50:72:2f:39:c0:a8:b0:11:d0:6c:04:2d:12:8c:05:
0a:90:45:4f:a2:e0:a5:a6:96:23:8f:20:b9:e6:15:
7e:15:ef:00:e6:3c:cb:8d:5a:9f:00:4b:5e:51:fc:
88:97:20:75:39:4f:0e:cf:09:f9:14:80:db:26:88:
31:19:9f:73:43:5e:08:d2:3a:97:7b:0f:5c:17:4d:
7d:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:BA:4F:6D:94:59:D2:6C:28:06:51:4D:4D:19:A2:95:46:B8:49:91
X509v3 Authority Key Identifier:
keyid:07:34:5B:44:25:EA:A2:16:D0:3B:70:E8:80:3F:3C:C3:AB:E1:75:1C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36145DB/5530F6D8CA2811ED94556695F1222468/BzRbRCXqohbQO3DogD88w6vhdRw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/BzRbRCXqohbQO3DogD88w6vhdRw.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36145DB/5530F6D8CA2811ED94556695F1222468/E2E0E31406A011F1B28491C7DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.217.144.0/22
IPv6:
2c0f:f008::/32
Signature Algorithm: sha256WithRSAEncryption
85:b9:67:38:21:4d:30:f3:ae:eb:bf:b2:af:af:ed:cf:58:06:
a1:3a:ef:fe:58:b7:d6:3f:e9:b3:a8:b3:2f:dc:c2:57:43:3a:
01:0a:9e:1c:e2:d1:4e:4a:70:6d:3a:c6:04:59:5b:38:dc:2c:
cc:04:d1:c7:46:2e:6a:6c:7b:0e:97:6a:47:2b:da:c5:57:31:
0e:5c:46:4f:4c:6e:c1:64:08:36:9b:cd:6d:73:ee:be:0e:d7:
03:6d:c0:12:a1:74:24:ba:6b:a5:b6:81:61:4a:3d:b8:2d:59:
76:08:e7:19:6b:1c:16:72:2f:49:ca:12:08:db:46:4f:85:a1:
85:26:4a:04:ae:1a:1c:0a:d3:3d:ec:96:89:90:f2:14:0b:f2:
90:d9:db:24:b8:83:68:f3:41:2a:ec:de:ad:3e:33:e9:5b:26:
12:30:e0:04:77:1b:2a:2c:75:b9:a6:2f:39:af:e7:2b:ee:4e:
a9:44:39:2d:1e:ca:0d:f4:61:88:d7:34:c4:19:af:18:3c:38:
50:16:cb:d3:b0:4e:31:99:e5:bc:f9:7d:ca:46:f6:1f:1d:a7:
eb:31:f7:f6:ae:34:42:3d:75:ac:1b:39:52:dd:22:26:7a:2e:
40:41:1c:e1:84:c3:3c:2f:c5:68:0e:47:56:50:28:ec:1c:42:
4b:ea:01:c3
-----BEGIN CERTIFICATE-----
MIIFkjCCBHqgAwIBAgICBEMwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
MTQ1REJBRjExMC8GA1UEBRMoMDczNDVCNDQyNUVBQTIxNkQwM0I3MEU4ODAzRjND
QzNBQkUxNzUxQzAeFw0yNjAyMTAxNjUyMTRaFw0yODAyMTAxNjUyMTRaMBgxFjAU
BgNVBAMTDTY5OGI2MjRlLTllNjAwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQD6sJUBqJjntqYu7DT8TG6W/a3khZmoQ1r37s6QhrdZc8di2ZHpnDzZRIta
zz321ZBUIGzQILeLkaHJpGbZoIwmVhruMgYqODfCCjs/aAJk2ViZ78be0txPKoGr
WjZa8raistzba/wNF+cbvUomfM1LhEgA7qFzC3JpJpDn/shXMDOeMIe8Zb9+wodK
JXVo6PHQHMaQvo6PgMpBfJOKoqK+eOeTsSGzkXdWlKCjJERTKpw/M1ByLznAqLAR
0GwELRKMBQqQRU+i4KWmliOPILnmFX4V7wDmPMuNWp8AS15R/IiXIHU5Tw7PCfkU
gNsmiDEZn3NDXgjSOpd7D1wXTX2VAgMBAAGjggK0MIICsDAdBgNVHQ4EFgQUh7pP
bZRZ0mwoBlFNTRmilUa4SZEwHwYDVR0jBBgwFoAUBzRbRCXqohbQO3DogD88w6vh
dRwwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjE0NURCLzU1MzBGNkQ4Q0EyODExRUQ5NDU1NjY5NUYxMjIyNDY4L0J6UmJS
Q1hxb2hiUU8zRG9nRDg4dzZ2aGRSdy5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0J6UmJSQ1hxb2hiUU8zRG9nRDg4dzZ2aGRSdy5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjE0NURCLzU1MzBGNkQ4Q0EyODExRUQ5NDU1NjY5NUYx
MjIyNDY4L0UyRTBFMzE0MDZBMDExRjFCMjg0OTFDN0RBRTRFQzlDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwLgYIKwYBBQUHAQcBAf8EHzAdMAwEAgABMAYDBAJm2ZAwDQQCAAIwBwMFACwP
8AgwDQYJKoZIhvcNAQELBQADggEBAIW5ZzghTTDzruu/sq+v7c9YBqE67/5Yt9Y/
6bOosy/cwldDOgEKnhzi0U5KcG06xgRZWzjcLMwE0cdGLmpsew6Xakcr2sVXMQ5c
Rk9MbsFkCDabzW1z7r4O1wNtwBKhdCS6a6W2gWFKPbgtWXYI5xlrHBZyL0nKEgjb
Rk+FoYUmSgSuGhwK0z3slomQ8hQL8pDZ2yS4g2jzQSrs3q0+M+lbJhIw4AR3Gyos
dbmmLzmv5yvuTqlEOS0eyg30YYjXNMQZrxg8OFAWy9OwTjGZ5bz5fcpG9h8dp+sx
9/auNEI9dawbOVLdIiZ6LkBBHOGEwzwvxWgOR1ZQKOwcQkvqAcM=
-----END CERTIFICATE-----
Generated at Mon Mar 2 10:04:50 2026 by rpki-client