Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36249B8/64D505C84E9311F1A781C1AFCE1D38B0/BE8E74DC4E9311F1816085B4CE1D38B0.roa
File: BE8E74DC4E9311F1816085B4CE1D38B0.roa (raw, json)
Hash identifier: yILuaWmfHZ6Y0d1s3fQXxZd5ADoRVAe8qr0pj9yPTu8=
Subject key identifier: 1A:66:81:E1:69:DD:F4:C6:A9:06:95:59:0F:FE:FB:A6:28:08:84:71
Certificate issuer: /CN=F36249B8AF/serialNumber=F5FF58E13D22573875D09C416229C813A2A8A191
Certificate serial: 02
Authority key identifier: F5:FF:58:E1:3D:22:57:38:75:D0:9C:41:62:29:C8:13:A2:A8:A1:91
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/9f9Y4T0iVzh10JxBYinIE6KooZE.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36249B8/64D505C84E9311F1A781C1AFCE1D38B0/BE8E74DC4E9311F1816085B4CE1D38B0.roa
Signing time: Wed 13 May 2026 06:19:50 +0000
ROA not before: Wed 13 May 2026 06:19:44 +0000
ROA not after: Mon 12 May 2036 06:19:44 +0000
asID: 329668
IP address blocks: 102.206.24.0/22 maxlen: 24
2c0f:220::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36249B8/64D505C84E9311F1A781C1AFCE1D38B0/9f9Y4T0iVzh10JxBYinIE6KooZE.crl
rsync://rpki.afrinic.net/repository/member_repository/F36249B8/64D505C84E9311F1A781C1AFCE1D38B0/9f9Y4T0iVzh10JxBYinIE6KooZE.mft
rsync://rpki.afrinic.net/repository/afrinic/9f9Y4T0iVzh10JxBYinIE6KooZE.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 15 Jun 2026 05:37:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36249B8AF, serialNumber=F5FF58E13D22573875D09C416229C813A2A8A191
Validity
Not Before: May 13 06:19:44 2026 GMT
Not After : May 12 06:19:44 2036 GMT
Subject: CN=6a041806-2b98
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:dc:63:3b:1c:e0:2c:61:47:7a:ac:a9:83:f6:
24:42:2a:3a:5f:99:d5:80:d1:21:3b:9e:39:63:11:
a3:3e:ec:1e:85:d0:87:5e:e4:d9:ba:93:c8:81:00:
91:8b:ea:2f:a5:ac:dd:c7:a7:0a:39:d4:02:a3:e0:
a9:8d:ba:63:e7:95:1b:95:a9:23:64:2f:80:00:2e:
92:ca:64:ca:9c:e2:b3:7f:c6:30:d5:e1:23:65:92:
f9:2c:3b:5b:1d:a7:dc:06:49:98:4f:88:d6:a5:01:
34:3d:91:29:1a:d2:c1:f1:11:8d:39:f0:b1:19:7c:
c4:5c:7f:f9:39:0a:b7:a2:31:be:b4:6d:df:dc:b1:
05:4e:4d:e6:e4:81:6b:d9:8a:a6:d4:92:6c:fe:c1:
4c:35:4e:0c:83:36:78:7c:8c:36:6f:d3:21:82:f5:
0b:67:d3:d5:a0:c7:f4:3a:ac:4f:9a:c0:35:cd:1d:
10:3d:9b:72:ed:50:cc:fd:9a:a1:fb:be:9b:ee:1a:
24:75:48:22:ab:bc:10:7d:98:5d:eb:85:28:d8:7f:
38:e3:54:a9:a2:a1:93:b2:91:c5:8f:9b:c8:b5:e1:
f2:20:05:94:77:83:b0:ed:87:4d:8d:27:80:58:32:
82:8c:14:28:20:e2:69:20:e0:8b:0c:19:2c:fd:0c:
25:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:66:81:E1:69:DD:F4:C6:A9:06:95:59:0F:FE:FB:A6:28:08:84:71
X509v3 Authority Key Identifier:
keyid:F5:FF:58:E1:3D:22:57:38:75:D0:9C:41:62:29:C8:13:A2:A8:A1:91
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36249B8/64D505C84E9311F1A781C1AFCE1D38B0/9f9Y4T0iVzh10JxBYinIE6KooZE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/9f9Y4T0iVzh10JxBYinIE6KooZE.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36249B8/64D505C84E9311F1A781C1AFCE1D38B0/BE8E74DC4E9311F1816085B4CE1D38B0.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.206.24.0/22
IPv6:
2c0f:220::/32
Signature Algorithm: sha256WithRSAEncryption
6f:ed:e8:b2:55:7e:ad:fd:12:94:2c:79:dc:18:6f:3d:31:06:
63:b3:1b:f3:0c:25:c9:6c:c2:8b:87:5b:22:96:bd:68:c8:91:
7c:c7:44:d8:f9:a9:56:6b:73:51:21:60:17:a3:88:f6:81:af:
bd:36:b2:bf:70:ca:0c:ed:68:62:d1:a8:55:bc:a1:c0:af:03:
b9:1c:63:73:6f:d3:ea:52:45:9c:f1:9d:02:35:de:23:d1:96:
20:4b:56:f4:b1:40:39:fe:0a:14:a8:16:1f:4f:b5:a3:aa:8d:
d7:55:e3:a1:62:5d:e6:1f:dd:45:57:18:4d:d4:76:4d:ff:46:
97:12:68:3c:8d:ae:7a:42:17:31:4a:80:d0:9f:a7:e8:36:b1:
e0:4b:1a:09:dc:83:c9:06:05:fa:5c:f2:f8:7c:ce:f2:9f:9b:
09:0a:c3:dd:7c:06:40:bb:6d:e1:a8:8b:c5:83:17:65:f9:ad:
52:d8:7c:f2:01:7f:11:88:a5:22:1f:e6:3a:87:eb:68:aa:ae:
02:c9:f8:ad:30:e8:11:d9:64:92:c9:30:de:98:09:6b:89:1d:
d5:8a:2f:3b:4b:fa:b6:8f:a2:16:d3:d4:3f:45:ec:f6:75:b9:
0e:04:69:ac:bb:10:f7:d0:2f:06:07:1e:2a:ea:ea:7b:2b:ba:
d6:18:f9:18
-----BEGIN CERTIFICATE-----
MIIFkTCCBHmgAwIBAgIBAjANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzYy
NDlCOEFGMTEwLwYDVQQFEyhGNUZGNThFMTNEMjI1NzM4NzVEMDlDNDE2MjI5Qzgx
M0EyQThBMTkxMB4XDTI2MDUxMzA2MTk0NFoXDTM2MDUxMjA2MTk0NFowGDEWMBQG
A1UEAxMNNmEwNDE4MDYtMmI5ODCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMrcYzsc4CxhR3qsqYP2JEIqOl+Z1YDRITueOWMRoz7sHoXQh17k2bqTyIEA
kYvqL6Ws3cenCjnUAqPgqY26Y+eVG5WpI2QvgAAukspkypzis3/GMNXhI2WS+Sw7
Wx2n3AZJmE+I1qUBND2RKRrSwfERjTnwsRl8xFx/+TkKt6IxvrRt39yxBU5N5uSB
a9mKptSSbP7BTDVODIM2eHyMNm/TIYL1C2fT1aDH9DqsT5rANc0dED2bcu1QzP2a
ofu+m+4aJHVIIqu8EH2YXeuFKNh/OONUqaKhk7KRxY+byLXh8iAFlHeDsO2HTY0n
gFgygowUKCDiaSDgiwwZLP0MJcECAwEAAaOCArQwggKwMB0GA1UdDgQWBBQaZoHh
ad30xqkGlVkP/vumKAiEcTAfBgNVHSMEGDAWgBT1/1jhPSJXOHXQnEFiKcgToqih
kTAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2MjQ5QjgvNjRENTA1Qzg0RTkzMTFGMUE3ODFDMUFGQ0UxRDM4QjAvOWY5WTRU
MGlWemgxMEp4QllpbklFNktvb1pFLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvOWY5WTRUMGlWemgxMEp4QllpbklFNktvb1pFLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2MjQ5QjgvNjRENTA1Qzg0RTkzMTFGMUE3ODFDMUFGQ0Ux
RDM4QjAvQkU4RTc0REM0RTkzMTFGMTgxNjA4NUI0Q0UxRDM4QjAucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAuBggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEAmbOGDANBAIAAjAHAwUALA8C
IDANBgkqhkiG9w0BAQsFAAOCAQEAb+3oslV+rf0SlCx53BhvPTEGY7Mb8wwlyWzC
i4dbIpa9aMiRfMdE2PmpVmtzUSFgF6OI9oGvvTayv3DKDO1oYtGoVbyhwK8DuRxj
c2/T6lJFnPGdAjXeI9GWIEtW9LFAOf4KFKgWH0+1o6qN11XjoWJd5h/dRVcYTdR2
Tf9GlxJoPI2uekIXMUqA0J+n6Dax4EsaCdyDyQYF+lzy+HzO8p+bCQrD3XwGQLtt
4aiLxYMXZfmtUth88gF/EYilIh/mOofraKquAsn4rTDoEdlkkskw3pgJa4kd1Yov
O0v6to+iFtPUP0Xs9nW5DgRprLsQ99AvBgceKurqeyu61hj5GA==
-----END CERTIFICATE-----
Generated at Sun Jun 14 03:35:09 2026 by rpki-client