Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F361E30D/7C6DAFFA583411F1A8F5DCCDCE1D38B0/3AC37598583511F19379C6D3CE1D38B0.roa
File: 3AC37598583511F19379C6D3CE1D38B0.roa (raw, json)
Hash identifier: vJp0k0V9IDKRA1szeqOBDz33F+ZgTPzRcY0N20lDx5k=
Subject key identifier: 20:9A:A7:36:44:4D:12:09:0E:01:48:A4:67:2C:0F:00:EB:83:DB:D1
Certificate issuer: /CN=F361E30DAF/serialNumber=CDA0E0C2D92C6F1C562CCC132B28AAC210420EA3
Certificate serial: 02
Authority key identifier: CD:A0:E0:C2:D9:2C:6F:1C:56:2C:CC:13:2B:28:AA:C2:10:42:0E:A3
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/zaDgwtksbxxWLMwTKyiqwhBCDqM.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F361E30D/7C6DAFFA583411F1A8F5DCCDCE1D38B0/3AC37598583511F19379C6D3CE1D38B0.roa
Signing time: Mon 25 May 2026 12:28:27 +0000
ROA not before: Mon 25 May 2026 12:28:22 +0000
ROA not after: Thu 25 May 2028 12:28:22 +0000
asID: 329734
IP address blocks: 102.202.168.0/24 maxlen: 24
102.202.169.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F361E30D/7C6DAFFA583411F1A8F5DCCDCE1D38B0/zaDgwtksbxxWLMwTKyiqwhBCDqM.crl
rsync://rpki.afrinic.net/repository/member_repository/F361E30D/7C6DAFFA583411F1A8F5DCCDCE1D38B0/zaDgwtksbxxWLMwTKyiqwhBCDqM.mft
rsync://rpki.afrinic.net/repository/afrinic/zaDgwtksbxxWLMwTKyiqwhBCDqM.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 15 Jun 2026 00:07:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F361E30DAF, serialNumber=CDA0E0C2D92C6F1C562CCC132B28AAC210420EA3
Validity
Not Before: May 25 12:28:22 2026 GMT
Not After : May 25 12:28:22 2028 GMT
Subject: CN=6a14406b-a697
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:f1:9c:8d:69:94:ba:58:d8:64:5b:7e:8a:57:
fe:fb:61:62:00:5f:e7:a0:6f:c8:44:7d:85:e4:97:
7b:ce:67:df:da:6a:a9:fe:e5:3a:f8:ad:69:52:d4:
9b:2b:ad:38:b8:6a:1d:b7:10:58:37:49:22:59:9e:
e7:d9:2e:6e:12:b1:8a:c3:ac:e1:81:65:09:f3:31:
f9:75:d4:01:2f:54:48:50:0d:c0:16:3b:62:07:ea:
c8:c2:9e:53:c0:64:27:89:36:f4:a8:50:63:8c:44:
0c:0f:93:b4:f3:7c:2c:04:3f:da:d5:56:84:7b:16:
71:cd:81:d7:c0:51:97:9c:47:0c:54:0b:e0:36:b6:
f2:a7:3b:19:c3:de:ad:bf:14:5a:c8:8b:36:5d:e5:
72:27:5e:a0:67:c0:ff:ca:2a:58:79:db:5e:2f:15:
84:ca:e1:54:90:ad:86:d7:c1:f9:65:04:f2:9b:24:
40:dd:b0:1b:42:56:4e:fb:46:3a:a6:38:b1:7b:25:
18:31:a0:81:16:f4:23:b9:96:94:e2:0d:fa:00:cf:
e8:97:eb:05:c4:35:4c:63:da:1a:1c:92:4b:5d:af:
d1:bf:13:e7:db:13:de:23:94:fa:fc:a8:fb:97:04:
53:1e:77:de:82:04:98:35:1d:62:e7:75:da:36:9f:
7a:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:9A:A7:36:44:4D:12:09:0E:01:48:A4:67:2C:0F:00:EB:83:DB:D1
X509v3 Authority Key Identifier:
keyid:CD:A0:E0:C2:D9:2C:6F:1C:56:2C:CC:13:2B:28:AA:C2:10:42:0E:A3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F361E30D/7C6DAFFA583411F1A8F5DCCDCE1D38B0/zaDgwtksbxxWLMwTKyiqwhBCDqM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/zaDgwtksbxxWLMwTKyiqwhBCDqM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F361E30D/7C6DAFFA583411F1A8F5DCCDCE1D38B0/3AC37598583511F19379C6D3CE1D38B0.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.202.168.0/23
Signature Algorithm: sha256WithRSAEncryption
a0:57:ea:5b:35:26:ff:52:ef:b3:86:c4:75:53:64:cc:a5:ef:
4e:b4:33:51:64:2e:ab:11:a7:20:3c:ad:f9:8e:72:a9:c4:bd:
65:7a:e9:8c:ad:82:7c:ea:de:db:88:ac:d1:d7:ec:76:24:5d:
3f:a9:8d:6e:b2:64:8a:67:b0:75:ef:12:82:a9:69:a8:9b:5a:
af:7d:f8:ec:f5:0b:a5:67:66:17:d0:fe:d3:eb:9c:ee:7b:13:
45:30:7a:77:51:af:df:7d:02:d9:32:97:6e:b1:75:63:3e:22:
8a:68:21:76:6b:c0:52:f5:6d:f8:31:ce:6e:f1:e7:c8:cd:81:
04:d1:94:b0:98:04:30:85:92:e2:bd:b8:c2:ff:61:7b:6d:68:
b8:a2:72:48:43:f0:bd:88:bc:08:b8:47:2c:60:a8:bd:94:6f:
c4:c8:84:73:2b:d3:d6:2e:63:ad:70:9b:42:b1:77:9a:fc:b1:
ab:fb:2a:24:70:7f:43:ea:fd:51:dc:58:1d:35:69:35:ed:6c:
f1:85:f0:3f:e5:29:e5:de:70:1c:7f:99:41:88:6f:3d:16:c8:
26:ca:0f:c3:f1:af:b9:a9:27:8f:4d:88:9f:38:7f:4f:27:23:
39:b3:3a:87:51:f0:38:54:5a:33:f5:09:2b:b0:36:e2:9c:1c:
87:e0:4e:10
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgIBAjANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzYx
RTMwREFGMTEwLwYDVQQFEyhDREEwRTBDMkQ5MkM2RjFDNTYyQ0NDMTMyQjI4QUFD
MjEwNDIwRUEzMB4XDTI2MDUyNTEyMjgyMloXDTI4MDUyNTEyMjgyMlowGDEWMBQG
A1UEAxMNNmExNDQwNmItYTY5NzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMHxnI1plLpY2GRbfopX/vthYgBf56BvyER9heSXe85n39pqqf7lOvitaVLU
myutOLhqHbcQWDdJIlme59kubhKxisOs4YFlCfMx+XXUAS9USFANwBY7YgfqyMKe
U8BkJ4k29KhQY4xEDA+TtPN8LAQ/2tVWhHsWcc2B18BRl5xHDFQL4Da28qc7GcPe
rb8UWsiLNl3lcideoGfA/8oqWHnbXi8VhMrhVJCthtfB+WUE8pskQN2wG0JWTvtG
OqY4sXslGDGggRb0I7mWlOIN+gDP6JfrBcQ1TGPaGhySS12v0b8T59sT3iOU+vyo
+5cEUx533oIEmDUdYud12jafejECAwEAAaOCAqUwggKhMB0GA1UdDgQWBBQgmqc2
RE0SCQ4BSKRnLA8A64Pb0TAfBgNVHSMEGDAWgBTNoODC2SxvHFYszBMrKKrCEEIO
ozAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2MUUzMEQvN0M2REFGRkE1ODM0MTFGMUE4RjVEQ0NEQ0UxRDM4QjAvemFEZ3d0
a3NieHhXTE13VEt5aXF3aEJDRHFNLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvemFEZ3d0a3NieHhXTE13VEt5aXF3aEJDRHFNLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2MUUzMEQvN0M2REFGRkE1ODM0MTFGMUE4RjVEQ0NEQ0Ux
RDM4QjAvM0FDMzc1OTg1ODM1MTFGMTkzNzlDNkQzQ0UxRDM4QjAucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAWbKqDANBgkqhkiG9w0BAQsF
AAOCAQEAoFfqWzUm/1Lvs4bEdVNkzKXvTrQzUWQuqxGnIDyt+Y5yqcS9ZXrpjK2C
fOre24is0dfsdiRdP6mNbrJkimewde8SgqlpqJtar3347PULpWdmF9D+0+uc7nsT
RTB6d1Gv330C2TKXbrF1Yz4iimghdmvAUvVt+DHObvHnyM2BBNGUsJgEMIWS4r24
wv9he21ouKJySEPwvYi8CLhHLGCovZRvxMiEcyvT1i5jrXCbQrF3mvyxq/sqJHB/
Q+r9UdxYHTVpNe1s8YXwP+Up5d5wHH+ZQYhvPRbIJsoPw/Gvuaknj02Inzh/Tycj
ObM6h1HwOFRaM/UJK7A24pwch+BOEA==
-----END CERTIFICATE-----
Generated at Sun Jun 14 00:01:51 2026 by rpki-client