Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3633DE5/FCF32D62108111F1BB49558FDAE4EC9C/4185E648108411F1867ED09BDAE4EC9C.roa
File: 4185E648108411F1867ED09BDAE4EC9C.roa (raw, json)
Hash identifier: 8tCHwzjQzCwuuRhirUfAdz84/IN9nQDGqOxj48hw9Qk=
Subject key identifier: BF:D2:1F:A3:7D:47:01:7B:23:0A:24:0A:05:9C:B5:B3:FC:C8:23:17
Certificate issuer: /CN=F3633DE5AF/serialNumber=5B44F82434AA717A05F645279483D6986F76BAD4
Certificate serial: 02
Authority key identifier: 5B:44:F8:24:34:AA:71:7A:05:F6:45:27:94:83:D6:98:6F:76:BA:D4
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/W0T4JDSqcXoF9kUnlIPWmG92utQ.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3633DE5/FCF32D62108111F1BB49558FDAE4EC9C/4185E648108411F1867ED09BDAE4EC9C.roa
Signing time: Mon 23 Feb 2026 06:52:45 +0000
ROA not before: Mon 23 Feb 2026 06:52:41 +0000
ROA not after: Mon 01 Mar 2027 06:52:41 +0000
asID: 328555
IP address blocks: 102.211.40.0/24 maxlen: 24
102.211.41.0/24 maxlen: 24
102.211.42.0/24 maxlen: 24
102.211.43.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F3633DE5/FCF32D62108111F1BB49558FDAE4EC9C/W0T4JDSqcXoF9kUnlIPWmG92utQ.crl
rsync://rpki.afrinic.net/repository/member_repository/F3633DE5/FCF32D62108111F1BB49558FDAE4EC9C/W0T4JDSqcXoF9kUnlIPWmG92utQ.mft
rsync://rpki.afrinic.net/repository/afrinic/W0T4JDSqcXoF9kUnlIPWmG92utQ.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 03 Mar 2026 03:42:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3633DE5AF, serialNumber=5B44F82434AA717A05F645279483D6986F76BAD4
Validity
Not Before: Feb 23 06:52:41 2026 GMT
Not After : Mar 1 06:52:41 2027 GMT
Subject: CN=699bf93d-6c81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:37:85:1c:cc:ed:61:8e:da:59:cd:15:9e:0c:
2c:db:4c:e6:44:98:94:0d:2e:02:0a:d3:da:e3:04:
6a:f2:9b:b6:1d:85:c5:36:d6:55:b7:16:83:bf:9b:
54:e7:01:59:1e:cc:37:74:ea:a2:26:d5:66:8c:23:
41:14:39:ff:ea:77:d0:99:21:42:f7:13:7c:e8:3c:
36:f2:20:57:f6:5f:d9:f2:03:c1:35:8d:07:18:16:
28:68:dc:30:75:cb:1c:53:1d:7d:15:a5:5a:89:d1:
0f:53:2a:f3:54:a5:ac:b0:a3:60:27:f7:1b:81:f1:
6c:fe:f4:3a:43:ec:79:16:7a:2f:88:ce:cc:be:54:
19:62:f8:83:c5:a2:5f:58:0c:e9:25:e8:f9:5f:16:
09:c0:65:ba:4e:20:ed:45:56:c7:26:51:16:ec:5f:
54:b9:9e:20:3c:08:5d:45:72:2c:57:ba:97:dd:25:
6a:24:b7:de:8f:4f:7c:a5:fc:15:6c:9c:77:5f:80:
24:70:24:ff:dd:bf:02:4f:f3:3e:b2:dd:d7:59:4b:
56:84:e7:5a:c7:d6:ca:1d:c1:0d:ad:de:03:1a:85:
b9:a0:fc:fa:8d:c3:c2:e1:18:0f:f9:24:7c:87:52:
38:11:44:a6:b5:dc:c1:ea:b7:8e:0c:bb:b4:0b:3c:
70:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:D2:1F:A3:7D:47:01:7B:23:0A:24:0A:05:9C:B5:B3:FC:C8:23:17
X509v3 Authority Key Identifier:
keyid:5B:44:F8:24:34:AA:71:7A:05:F6:45:27:94:83:D6:98:6F:76:BA:D4
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3633DE5/FCF32D62108111F1BB49558FDAE4EC9C/W0T4JDSqcXoF9kUnlIPWmG92utQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/W0T4JDSqcXoF9kUnlIPWmG92utQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3633DE5/FCF32D62108111F1BB49558FDAE4EC9C/4185E648108411F1867ED09BDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.211.40.0/22
Signature Algorithm: sha256WithRSAEncryption
76:65:43:5a:e2:13:9f:c3:90:14:ba:70:71:d0:d9:f5:ec:a7:
d5:ca:64:4e:01:49:15:11:fc:71:e3:d8:2c:ed:bc:b4:0b:9d:
bf:27:2a:d2:9e:f4:f9:2a:7a:7b:a8:7f:97:f8:4d:0c:a5:21:
4d:4a:e4:5b:d0:64:d1:18:11:0c:2f:06:53:71:e7:0b:49:80:
28:aa:eb:64:1d:5a:3f:07:76:30:8a:5f:c0:85:50:fc:6d:7b:
a3:a9:a2:f6:d6:27:a5:f2:a4:7e:cd:6c:26:4b:95:a5:b4:cb:
13:61:54:cb:16:a3:7e:84:4b:3e:32:50:fb:f4:6e:2e:f8:e8:
9a:ef:da:26:3a:58:14:97:92:6c:4e:69:52:df:5f:01:48:aa:
3c:69:77:49:e7:3d:bc:ed:64:b8:db:c4:1c:93:5f:ac:8e:66:
ae:05:46:11:27:3c:7d:b7:09:b5:bf:ed:69:53:f6:3d:50:b1:
06:5a:78:7e:07:c8:48:46:82:c1:37:37:e0:4b:a0:57:15:72:
b8:55:83:a0:83:61:7d:5b:42:d7:d4:03:16:45:cf:90:2c:26:
0a:ae:25:0c:bf:d6:de:a6:c1:ae:b8:18:3d:28:26:52:ee:8c:
e6:43:23:61:f1:16:7a:65:42:a9:08:e4:37:0f:bc:f9:e7:bc:
91:1d:af:86
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgIBAjANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzYz
M0RFNUFGMTEwLwYDVQQFEyg1QjQ0RjgyNDM0QUE3MTdBMDVGNjQ1Mjc5NDgzRDY5
ODZGNzZCQUQ0MB4XDTI2MDIyMzA2NTI0MVoXDTI3MDMwMTA2NTI0MVowGDEWMBQG
A1UEAxMNNjk5YmY5M2QtNmM4MTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANw3hRzM7WGO2lnNFZ4MLNtM5kSYlA0uAgrT2uMEavKbth2FxTbWVbcWg7+b
VOcBWR7MN3TqoibVZowjQRQ5/+p30JkhQvcTfOg8NvIgV/Zf2fIDwTWNBxgWKGjc
MHXLHFMdfRWlWonRD1Mq81SlrLCjYCf3G4HxbP70OkPseRZ6L4jOzL5UGWL4g8Wi
X1gM6SXo+V8WCcBluk4g7UVWxyZRFuxfVLmeIDwIXUVyLFe6l90laiS33o9PfKX8
FWycd1+AJHAk/92/Ak/zPrLd11lLVoTnWsfWyh3BDa3eAxqFuaD8+o3DwuEYD/kk
fIdSOBFEprXcweq3jgy7tAs8cB8CAwEAAaOCAqUwggKhMB0GA1UdDgQWBBS/0h+j
fUcBeyMKJAoFnLWz/MgjFzAfBgNVHSMEGDAWgBRbRPgkNKpxegX2RSeUg9aYb3a6
1DAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2MzNERTUvRkNGMzJENjIxMDgxMTFGMUJCNDk1NThGREFFNEVDOUMvVzBUNEpE
U3FjWG9GOWtVbmxJUFdtRzkydXRRLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvVzBUNEpEU3FjWG9GOWtVbmxJUFdtRzkydXRRLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2MzNERTUvRkNGMzJENjIxMDgxMTFGMUJCNDk1NThGREFF
NEVDOUMvNDE4NUU2NDgxMDg0MTFGMTg2N0VEMDlCREFFNEVDOUMucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAmbTKDANBgkqhkiG9w0BAQsF
AAOCAQEAdmVDWuITn8OQFLpwcdDZ9eyn1cpkTgFJFRH8cePYLO28tAudvycq0p70
+Sp6e6h/l/hNDKUhTUrkW9Bk0RgRDC8GU3HnC0mAKKrrZB1aPwd2MIpfwIVQ/G17
o6mi9tYnpfKkfs1sJkuVpbTLE2FUyxajfoRLPjJQ+/RuLvjomu/aJjpYFJeSbE5p
Ut9fAUiqPGl3Sec9vO1kuNvEHJNfrI5mrgVGESc8fbcJtb/taVP2PVCxBlp4fgfI
SEaCwTc34EugVxVyuFWDoINhfVtC19QDFkXPkCwmCq4lDL/W3qbBrrgYPSgmUu6M
5kMjYfEWemVCqQjkNw+8+ee8kR2vhg==
-----END CERTIFICATE-----
Generated at Mon Mar 2 06:09:23 2026 by rpki-client