Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3630D7E/E06DA510797311EA82E97681F8AEA228/4C93AD482A7111F1BFB9EECADAE4EC9C.roa
File: 4C93AD482A7111F1BFB9EECADAE4EC9C.roa (raw, json)
Hash identifier: 1Oc7qz+Lk94BWa35i9DuQ6Lqo6kBFCtOUZX3ruT365o=
Subject key identifier: BA:55:95:F1:C9:C3:A9:6A:6A:AE:94:9D:2F:B2:75:FB:37:04:71:13
Certificate issuer: /CN=F3630D7EAF/serialNumber=6ECB17028AD5B7DB5C777DB1DCE09787E495B2D1
Certificate serial: 08C7
Authority key identifier: 6E:CB:17:02:8A:D5:B7:DB:5C:77:7D:B1:DC:E0:97:87:E4:95:B2:D1
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/bssXAorVt9tcd32x3OCXh-SVstE.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3630D7E/E06DA510797311EA82E97681F8AEA228/4C93AD482A7111F1BFB9EECADAE4EC9C.roa
Signing time: Sat 28 Mar 2026 06:42:33 +0000
ROA not before: Sat 28 Mar 2026 06:42:28 +0000
ROA not after: Sat 27 Mar 2032 06:42:28 +0000
asID: 328517
IP address blocks: 102.69.208.0/22 maxlen: 22
102.212.224.0/22 maxlen: 22
2c0f:7f80::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F3630D7E/E06DA510797311EA82E97681F8AEA228/bssXAorVt9tcd32x3OCXh-SVstE.crl
rsync://rpki.afrinic.net/repository/member_repository/F3630D7E/E06DA510797311EA82E97681F8AEA228/bssXAorVt9tcd32x3OCXh-SVstE.mft
rsync://rpki.afrinic.net/repository/afrinic/bssXAorVt9tcd32x3OCXh-SVstE.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 19 Apr 2026 01:43:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2247 (0x8c7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3630D7EAF, serialNumber=6ECB17028AD5B7DB5C777DB1DCE09787E495B2D1
Validity
Not Before: Mar 28 06:42:28 2026 GMT
Not After : Mar 27 06:42:28 2032 GMT
Subject: CN=69c77859-10fc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:a1:49:e8:30:5f:07:42:e4:7b:24:3f:e2:9c:
88:11:d7:47:fa:f5:81:f2:1d:e7:d3:45:6b:b3:f8:
f7:2c:e6:24:19:b7:f3:0f:9c:4e:5c:5b:2c:14:a3:
4a:35:6d:3d:ef:9f:e1:f6:1b:48:49:19:b0:e6:c5:
67:41:ee:17:24:fb:90:b6:63:83:43:1d:78:08:ba:
fe:31:bf:e8:ed:18:e8:e3:dd:8f:07:a9:73:48:81:
a7:16:62:43:0d:7b:ba:f3:d0:87:4a:77:6a:02:3b:
0b:64:89:72:a2:20:79:12:63:47:05:23:4b:6f:35:
ce:db:48:8a:c4:ee:4d:f9:b7:66:05:f9:82:ee:63:
71:5b:aa:bf:f6:8e:3e:5d:9b:f3:ec:e7:c7:d4:3e:
f1:a6:cb:d5:2e:ae:fe:bd:c6:94:fc:13:3e:2e:05:
2c:cb:03:3f:ac:8c:7d:f3:17:59:36:8d:9a:d7:7f:
48:2d:41:38:3e:5d:e6:a2:2e:ad:5c:e6:78:36:c9:
90:d5:ac:d5:da:13:c5:09:c6:c8:a7:7e:1b:4f:51:
85:77:23:f8:43:c1:a6:e5:8a:e6:e2:88:50:7d:36:
3c:2a:c1:20:b7:6a:1e:3b:e5:2b:bf:90:eb:8a:4d:
56:36:09:30:94:02:18:4b:6c:8d:ad:e8:27:bd:3f:
69:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:55:95:F1:C9:C3:A9:6A:6A:AE:94:9D:2F:B2:75:FB:37:04:71:13
X509v3 Authority Key Identifier:
keyid:6E:CB:17:02:8A:D5:B7:DB:5C:77:7D:B1:DC:E0:97:87:E4:95:B2:D1
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3630D7E/E06DA510797311EA82E97681F8AEA228/bssXAorVt9tcd32x3OCXh-SVstE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/bssXAorVt9tcd32x3OCXh-SVstE.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3630D7E/E06DA510797311EA82E97681F8AEA228/4C93AD482A7111F1BFB9EECADAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.69.208.0/22
102.212.224.0/22
IPv6:
2c0f:7f80::/32
Signature Algorithm: sha256WithRSAEncryption
4a:98:8e:c6:90:5b:21:81:ef:09:a2:af:4e:cd:1f:00:34:e4:
48:f0:e4:ca:1f:36:09:2c:88:39:b3:48:f8:ff:a1:65:7c:aa:
55:27:46:cf:26:c9:f3:cd:a8:9f:8b:10:d7:b5:06:78:f5:31:
e0:6d:b6:da:ef:d5:2a:9b:0a:a0:3a:bb:32:86:7a:47:d5:50:
40:31:39:c2:8d:52:bd:7a:ae:f8:9e:61:d3:7b:06:71:4f:77:
e1:cb:ab:de:bb:8c:41:fa:fd:0b:db:06:25:d1:0b:e9:1f:c3:
83:3c:73:e7:0e:e7:90:c9:0a:0b:c5:8c:44:90:5c:18:d8:22:
15:46:a8:8b:21:4f:83:d6:d9:70:f7:b1:8a:72:f4:42:76:1e:
bb:d7:44:97:68:9c:c5:fc:8c:73:0d:58:7d:1f:5c:93:1f:36:
2a:ae:50:58:33:c1:e6:ee:04:a2:89:45:db:32:50:2a:2c:26:
6d:a8:0a:22:23:e3:94:ea:a1:1d:84:a9:1c:02:e7:d6:5c:2c:
b7:f8:88:70:b2:b0:c3:42:81:46:e9:c5:a4:5c:d3:82:da:c9:
5c:ea:3d:7a:28:ae:6a:5c:11:f9:d6:81:69:b8:36:79:7d:1d:
0b:8f:0e:ea:5b:34:fa:7b:d7:7f:da:d6:78:7f:ef:3c:2e:ab:
df:e5:a7:6c
-----BEGIN CERTIFICATE-----
MIIFmDCCBICgAwIBAgICCMcwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
MzBEN0VBRjExMC8GA1UEBRMoNkVDQjE3MDI4QUQ1QjdEQjVDNzc3REIxRENFMDk3
ODdFNDk1QjJEMTAeFw0yNjAzMjgwNjQyMjhaFw0zMjAzMjcwNjQyMjhaMBgxFjAU
BgNVBAMTDTY5Yzc3ODU5LTEwZmMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQCzoUnoMF8HQuR7JD/inIgR10f69YHyHefTRWuz+Pcs5iQZt/MPnE5cWywU
o0o1bT3vn+H2G0hJGbDmxWdB7hck+5C2Y4NDHXgIuv4xv+jtGOjj3Y8HqXNIgacW
YkMNe7rz0IdKd2oCOwtkiXKiIHkSY0cFI0tvNc7bSIrE7k35t2YF+YLuY3Fbqr/2
jj5dm/Ps58fUPvGmy9Uurv69xpT8Ez4uBSzLAz+sjH3zF1k2jZrXf0gtQTg+Xeai
Lq1c5ng2yZDVrNXaE8UJxsinfhtPUYV3I/hDwabliubiiFB9NjwqwSC3ah475Su/
kOuKTVY2CTCUAhhLbI2t6Ce9P2mTAgMBAAGjggK6MIICtjAdBgNVHQ4EFgQUulWV
8cnDqWpqrpSdL7J1+zcEcRMwHwYDVR0jBBgwFoAUbssXAorVt9tcd32x3OCXh+SV
stEwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjMwRDdFL0UwNkRBNTEwNzk3MzExRUE4MkU5NzY4MUY4QUVBMjI4L2Jzc1hB
b3JWdDl0Y2QzMngzT0NYaC1TVnN0RS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL2Jzc1hBb3JWdDl0Y2QzMngzT0NYaC1TVnN0RS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjMwRDdFL0UwNkRBNTEwNzk3MzExRUE4MkU5NzY4MUY4
QUVBMjI4LzRDOTNBRDQ4MkE3MTExRjFCRkI5RUVDQURBRTRFQzlDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwNAYIKwYBBQUHAQcBAf8EJTAjMBIEAgABMAwDBAJmRdADBAJm1OAwDQQCAAIw
BwMFACwPf4AwDQYJKoZIhvcNAQELBQADggEBAEqYjsaQWyGB7wmir07NHwA05Ejw
5MofNgksiDmzSPj/oWV8qlUnRs8myfPNqJ+LENe1Bnj1MeBtttrv1SqbCqA6uzKG
ekfVUEAxOcKNUr16rvieYdN7BnFPd+HLq967jEH6/QvbBiXRC+kfw4M8c+cO55DJ
CgvFjESQXBjYIhVGqIshT4PW2XD3sYpy9EJ2HrvXRJdonMX8jHMNWH0fXJMfNiqu
UFgzwebuBKKJRdsyUCosJm2oCiIj45TqoR2EqRwC59ZcLLf4iHCysMNCgUbpxaRc
04LayVzqPXoormpcEfnWgWm4Nnl9HQuPDupbNPp713/a1nh/7zwuq9/lp2w=
-----END CERTIFICATE-----
Generated at Fri Apr 17 23:54:24 2026 by rpki-client