Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36311EE/397BAD0A8BA811EF8A740842762E951A/D68C44B2F05E11F0846B179FDAE4EC9C.roa
File: D68C44B2F05E11F0846B179FDAE4EC9C.roa (raw, json)
Hash identifier: TrqSBaxJElKc/hSKe+Zh7/G30rWHm9fndO+IuS2cnPI=
Subject key identifier: F4:C2:09:32:0D:44:6B:55:65:01:3F:B4:23:93:FD:C5:F5:AB:6D:4C
Certificate issuer: /CN=F36311EEAF/serialNumber=BEE8C3B4C535C3AFA0F6E6C4F69C68959045F916
Certificate serial: 01E8
Authority key identifier: BE:E8:C3:B4:C5:35:C3:AF:A0:F6:E6:C4:F6:9C:68:95:90:45:F9:16
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/vujDtMU1w6-g9ubE9pxolZBF-RY.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36311EE/397BAD0A8BA811EF8A740842762E951A/D68C44B2F05E11F0846B179FDAE4EC9C.roa
Signing time: Tue 13 Jan 2026 09:04:17 +0000
ROA not before: Tue 13 Jan 2026 09:04:12 +0000
ROA not after: Thu 13 Jan 2028 09:04:12 +0000
asID: 37368
IP address blocks: 41.79.104.0/22 maxlen: 22
2c0f:f080::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36311EE/397BAD0A8BA811EF8A740842762E951A/vujDtMU1w6-g9ubE9pxolZBF-RY.crl
rsync://rpki.afrinic.net/repository/member_repository/F36311EE/397BAD0A8BA811EF8A740842762E951A/vujDtMU1w6-g9ubE9pxolZBF-RY.mft
rsync://rpki.afrinic.net/repository/afrinic/vujDtMU1w6-g9ubE9pxolZBF-RY.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Wed 04 Mar 2026 00:07:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 488 (0x1e8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36311EEAF, serialNumber=BEE8C3B4C535C3AFA0F6E6C4F69C68959045F916
Validity
Not Before: Jan 13 09:04:12 2026 GMT
Not After : Jan 13 09:04:12 2028 GMT
Subject: CN=69660a91-5ffa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:69:2a:f7:86:95:b5:bc:49:10:00:e9:88:84:
11:06:61:44:73:88:be:24:51:50:e0:37:e5:03:aa:
62:a2:18:0f:12:0c:3b:7a:41:eb:96:c3:8e:de:3a:
57:39:b2:37:e9:80:a9:1d:b9:fb:26:55:90:e3:22:
9e:c2:08:55:ba:d4:a8:52:d9:4b:b5:59:02:ac:be:
db:4a:0f:03:26:a3:9b:02:6e:7a:55:a9:56:2e:e7:
b1:fe:45:22:c8:cc:19:0b:91:eb:79:60:57:d2:f9:
50:dd:dd:b2:d9:1a:ae:8a:3b:65:54:1b:99:c3:87:
42:98:c8:a7:a1:9c:b7:6f:57:b4:d2:30:d7:f7:a6:
17:a0:ec:8f:01:af:88:a5:25:91:3a:79:48:c1:85:
7e:b3:74:c5:df:76:67:8d:47:f1:92:ab:83:e3:4d:
88:8b:ac:93:cd:86:6e:18:a4:3a:8f:5f:4c:bb:39:
4d:23:85:e4:73:8a:ce:d1:16:b1:f2:92:f8:ca:50:
f5:a1:7d:2c:7f:8b:b9:bb:bb:fd:da:f2:b8:50:1c:
7d:48:28:b9:10:f1:e6:7d:0c:34:c1:87:2a:c0:9d:
61:0c:24:8d:96:c5:c4:e7:73:13:c6:e8:9b:de:ef:
8f:b3:e6:02:e0:20:0f:60:43:f9:f9:52:20:eb:09:
b8:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:C2:09:32:0D:44:6B:55:65:01:3F:B4:23:93:FD:C5:F5:AB:6D:4C
X509v3 Authority Key Identifier:
keyid:BE:E8:C3:B4:C5:35:C3:AF:A0:F6:E6:C4:F6:9C:68:95:90:45:F9:16
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36311EE/397BAD0A8BA811EF8A740842762E951A/vujDtMU1w6-g9ubE9pxolZBF-RY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/vujDtMU1w6-g9ubE9pxolZBF-RY.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36311EE/397BAD0A8BA811EF8A740842762E951A/D68C44B2F05E11F0846B179FDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
41.79.104.0/22
IPv6:
2c0f:f080::/32
Signature Algorithm: sha256WithRSAEncryption
2b:7f:20:b9:64:97:58:2a:e1:b2:8e:6f:c0:a9:dd:9a:1e:5a:
39:e3:40:36:df:10:e0:d4:23:70:2d:8b:7c:94:79:51:15:52:
5a:95:fb:ff:c9:79:4f:1e:06:cc:76:1d:f4:1c:78:d7:ec:da:
bf:16:49:73:ad:c1:b0:cc:1e:46:e2:5f:60:de:c1:a2:ec:9c:
de:50:c1:7a:32:b8:60:83:5a:ab:cd:b3:4c:d3:ba:d8:e5:83:
8d:19:f9:89:53:9b:47:8d:95:05:1d:ec:68:e1:2e:3c:16:2d:
9b:ba:a9:91:6d:45:6c:16:51:1c:5c:dc:d9:76:e2:60:e1:f5:
65:93:0f:3d:b4:28:4c:92:01:44:6d:73:86:49:51:57:32:8a:
ce:89:f2:68:6c:b4:d1:77:6b:f4:1c:ae:92:75:fc:03:e7:ee:
61:88:ed:41:99:95:9e:61:2e:36:02:61:58:dd:6a:6a:79:70:
1a:08:ae:48:8f:51:3c:2f:9f:21:1e:8e:2e:28:51:b6:34:46:
4f:38:de:83:8d:69:f5:9b:b5:6f:96:72:e8:38:61:79:10:82:
26:a3:ff:65:bc:83:fb:35:3f:4a:cc:9c:52:af:50:a8:37:9d:
d0:88:f5:bb:63:2b:d5:e8:c2:fa:b6:48:d8:ae:a2:b6:2f:c1:
43:76:78:cc
-----BEGIN CERTIFICATE-----
MIIFkjCCBHqgAwIBAgICAegwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
MzExRUVBRjExMC8GA1UEBRMoQkVFOEMzQjRDNTM1QzNBRkEwRjZFNkM0RjY5QzY4
OTU5MDQ1RjkxNjAeFw0yNjAxMTMwOTA0MTJaFw0yODAxMTMwOTA0MTJaMBgxFjAU
BgNVBAMTDTY5NjYwYTkxLTVmZmEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDHaSr3hpW1vEkQAOmIhBEGYURziL4kUVDgN+UDqmKiGA8SDDt6QeuWw47e
Olc5sjfpgKkdufsmVZDjIp7CCFW61KhS2Uu1WQKsvttKDwMmo5sCbnpVqVYu57H+
RSLIzBkLket5YFfS+VDd3bLZGq6KO2VUG5nDh0KYyKehnLdvV7TSMNf3pheg7I8B
r4ilJZE6eUjBhX6zdMXfdmeNR/GSq4PjTYiLrJPNhm4YpDqPX0y7OU0jheRzis7R
FrHykvjKUPWhfSx/i7m7u/3a8rhQHH1IKLkQ8eZ9DDTBhyrAnWEMJI2WxcTncxPG
6Jve74+z5gLgIA9gQ/n5UiDrCbjpAgMBAAGjggK0MIICsDAdBgNVHQ4EFgQU9MIJ
Mg1Ea1VlAT+0I5P9xfWrbUwwHwYDVR0jBBgwFoAUvujDtMU1w6+g9ubE9pxolZBF
+RYwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjMxMUVFLzM5N0JBRDBBOEJBODExRUY4QTc0MDg0Mjc2MkU5NTFBL3Z1akR0
TVUxdzYtZzl1YkU5cHhvbFpCRi1SWS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL3Z1akR0TVUxdzYtZzl1YkU5cHhvbFpCRi1SWS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjMxMUVFLzM5N0JBRDBBOEJBODExRUY4QTc0MDg0Mjc2
MkU5NTFBL0Q2OEM0NEIyRjA1RTExRjA4NDZCMTc5RkRBRTRFQzlDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwLgYIKwYBBQUHAQcBAf8EHzAdMAwEAgABMAYDBAIpT2gwDQQCAAIwBwMFACwP
8IAwDQYJKoZIhvcNAQELBQADggEBACt/ILlkl1gq4bKOb8Cp3ZoeWjnjQDbfEODU
I3Ati3yUeVEVUlqV+//JeU8eBsx2HfQceNfs2r8WSXOtwbDMHkbiX2DewaLsnN5Q
wXoyuGCDWqvNs0zTutjlg40Z+YlTm0eNlQUd7GjhLjwWLZu6qZFtRWwWURxc3Nl2
4mDh9WWTDz20KEySAURtc4ZJUVcyis6J8mhstNF3a/QcrpJ1/APn7mGI7UGZlZ5h
LjYCYVjdamp5cBoIrkiPUTwvnyEeji4oUbY0Rk843oONafWbtW+Wcug4YXkQgiaj
/2W8g/s1P0rMnFKvUKg3ndCI9btjK9Xowvq2SNiuorYvwUN2eMw=
-----END CERTIFICATE-----
Generated at Mon Mar 2 16:01:39 2026 by rpki-client