Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F365B85A/EEF658FE2E6F11F1B403BDCFDAE4EC9C/DEF28944333A11F1A154B6F2CE1D38B0.roa
File: DEF28944333A11F1A154B6F2CE1D38B0.roa (raw, json)
Hash identifier: /5xRJ+huSg1l6fg7ZIipNHxiqD2TnUTXK1FuRCW3nqs=
Subject key identifier: 9D:6F:5F:49:E9:C8:1A:5D:87:63:5D:BF:A6:D2:84:EC:C4:80:F5:C9
Certificate issuer: /CN=F365B85AAF/serialNumber=6D5F7C1441AC4ECDF7866E415E56386423BC5CA7
Certificate serial: 08
Authority key identifier: 6D:5F:7C:14:41:AC:4E:CD:F7:86:6E:41:5E:56:38:64:23:BC:5C:A7
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/bV98FEGsTs33hm5BXlY4ZCO8XKc.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F365B85A/EEF658FE2E6F11F1B403BDCFDAE4EC9C/DEF28944333A11F1A154B6F2CE1D38B0.roa
Signing time: Wed 08 Apr 2026 11:05:37 +0000
ROA not before: Wed 08 Apr 2026 11:05:31 +0000
ROA not after: Sat 08 Apr 2028 11:05:31 +0000
asID: 37329
IP address blocks: 41.79.28.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F365B85A/EEF658FE2E6F11F1B403BDCFDAE4EC9C/bV98FEGsTs33hm5BXlY4ZCO8XKc.crl
rsync://rpki.afrinic.net/repository/member_repository/F365B85A/EEF658FE2E6F11F1B403BDCFDAE4EC9C/bV98FEGsTs33hm5BXlY4ZCO8XKc.mft
rsync://rpki.afrinic.net/repository/afrinic/bV98FEGsTs33hm5BXlY4ZCO8XKc.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 19 Apr 2026 00:07:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 8 (0x8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F365B85AAF, serialNumber=6D5F7C1441AC4ECDF7866E415E56386423BC5CA7
Validity
Not Before: Apr 8 11:05:31 2026 GMT
Not After : Apr 8 11:05:31 2028 GMT
Subject: CN=69d63681-d514
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:51:19:ce:46:e3:a7:66:32:f5:d8:29:49:08:
b2:41:46:af:64:ff:09:ab:fa:a5:42:7b:3e:04:59:
67:f7:b7:7e:fe:e7:0d:f5:b7:aa:45:43:9d:3f:63:
14:42:04:8b:38:72:f4:4f:76:45:5e:b8:34:2d:51:
88:03:28:16:6e:6b:5d:4d:1a:96:3e:96:38:0a:60:
6d:cf:71:4d:60:89:ad:5a:93:de:31:2e:b0:cc:8a:
c6:9e:09:15:a5:6c:f1:88:05:7a:61:d9:fe:23:1a:
2a:c1:69:b8:69:7b:76:2f:ce:de:7f:42:08:23:90:
42:44:13:c8:bf:d0:68:73:67:64:44:28:36:ae:62:
ed:8f:25:2b:80:12:ac:26:ef:cc:4f:f3:23:1e:3a:
f9:5a:4e:bc:f9:1d:0e:fa:99:d2:e7:d0:2b:b7:28:
d0:e1:29:8c:39:f9:74:1a:38:83:16:9b:be:03:97:
c4:9a:dd:a4:4b:79:32:25:aa:5a:c6:f5:31:80:f4:
3b:6e:dc:db:28:18:da:e5:8b:2f:d1:6e:51:2a:42:
bd:b2:78:70:fe:7a:3f:f6:76:13:76:8b:e7:5b:e2:
81:56:45:c9:38:ce:95:e9:b6:3a:86:1b:30:a9:12:
73:68:bf:57:93:4f:2f:57:5f:be:d5:0a:c7:14:9e:
b8:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:6F:5F:49:E9:C8:1A:5D:87:63:5D:BF:A6:D2:84:EC:C4:80:F5:C9
X509v3 Authority Key Identifier:
keyid:6D:5F:7C:14:41:AC:4E:CD:F7:86:6E:41:5E:56:38:64:23:BC:5C:A7
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F365B85A/EEF658FE2E6F11F1B403BDCFDAE4EC9C/bV98FEGsTs33hm5BXlY4ZCO8XKc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/bV98FEGsTs33hm5BXlY4ZCO8XKc.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F365B85A/EEF658FE2E6F11F1B403BDCFDAE4EC9C/DEF28944333A11F1A154B6F2CE1D38B0.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
41.79.28.0/22
Signature Algorithm: sha256WithRSAEncryption
cb:99:3a:23:cc:f0:a8:69:47:92:4e:11:d6:45:85:46:94:dc:
92:e4:58:42:47:00:f6:dd:df:6a:63:5e:66:a8:36:c0:c7:39:
cf:77:ec:d3:4c:30:12:59:57:53:67:f0:cf:29:47:e3:a4:4b:
db:b2:22:6a:94:db:eb:fb:62:fc:19:63:54:06:48:9e:dd:e5:
ba:97:17:53:ca:20:8c:72:89:ae:ba:b1:9f:40:bd:48:25:19:
6e:11:91:2f:66:dd:f1:dd:f9:da:ac:06:58:f5:7b:84:7d:dd:
c0:7b:78:60:ac:ed:af:df:be:21:7a:9b:48:c5:db:86:45:70:
3d:85:9e:fd:31:8f:50:21:de:c2:6a:29:69:6f:b1:e7:81:2d:
1f:af:c8:d2:5a:a4:e9:fe:be:67:ca:5a:9b:72:34:ee:d7:8e:
59:23:9b:6d:37:d0:45:7f:eb:58:25:1b:12:9f:2a:2f:be:18:
7d:88:99:3c:cb:9a:79:d1:b2:bb:12:0f:d8:df:f9:04:ef:e4:
b6:e0:eb:32:ee:82:68:17:d0:a9:2a:e4:96:1b:f3:ca:54:6a:
1e:53:cd:d3:e6:ee:bb:29:d7:2a:92:8e:5b:bb:bc:e9:d4:e0:
ab:95:5c:4e:e5:3d:3a:e4:32:57:e4:25:36:13:a0:77:db:7e:
cb:d6:f1:07
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgIBCDANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzY1
Qjg1QUFGMTEwLwYDVQQFEyg2RDVGN0MxNDQxQUM0RUNERjc4NjZFNDE1RTU2Mzg2
NDIzQkM1Q0E3MB4XDTI2MDQwODExMDUzMVoXDTI4MDQwODExMDUzMVowGDEWMBQG
A1UEAxMNNjlkNjM2ODEtZDUxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJZRGc5G46dmMvXYKUkIskFGr2T/Cav6pUJ7PgRZZ/e3fv7nDfW3qkVDnT9j
FEIEizhy9E92RV64NC1RiAMoFm5rXU0alj6WOApgbc9xTWCJrVqT3jEusMyKxp4J
FaVs8YgFemHZ/iMaKsFpuGl7di/O3n9CCCOQQkQTyL/QaHNnZEQoNq5i7Y8lK4AS
rCbvzE/zIx46+VpOvPkdDvqZ0ufQK7co0OEpjDn5dBo4gxabvgOXxJrdpEt5MiWq
Wsb1MYD0O27c2ygY2uWLL9FuUSpCvbJ4cP56P/Z2E3aL51vigVZFyTjOlem2OoYb
MKkSc2i/V5NPL1dfvtUKxxSeuGkCAwEAAaOCAqUwggKhMB0GA1UdDgQWBBSdb19J
6cgaXYdjXb+m0oTsxID1yTAfBgNVHSMEGDAWgBRtX3wUQaxOzfeGbkFeVjhkI7xc
pzAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2NUI4NUEvRUVGNjU4RkUyRTZGMTFGMUI0MDNCRENGREFFNEVDOUMvYlY5OEZF
R3NUczMzaG01QlhsWTRaQ084WEtjLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvYlY5OEZFR3NUczMzaG01QlhsWTRaQ084WEtjLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2NUI4NUEvRUVGNjU4RkUyRTZGMTFGMUI0MDNCRENGREFF
NEVDOUMvREVGMjg5NDQzMzNBMTFGMUExNTRCNkYyQ0UxRDM4QjAucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAilPHDANBgkqhkiG9w0BAQsF
AAOCAQEAy5k6I8zwqGlHkk4R1kWFRpTckuRYQkcA9t3famNeZqg2wMc5z3fs00ww
EllXU2fwzylH46RL27IiapTb6/ti/BljVAZInt3lupcXU8ogjHKJrrqxn0C9SCUZ
bhGRL2bd8d352qwGWPV7hH3dwHt4YKztr9++IXqbSMXbhkVwPYWe/TGPUCHewmop
aW+x54EtH6/I0lqk6f6+Z8pam3I07teOWSObbTfQRX/rWCUbEp8qL74YfYiZPMua
edGyuxIP2N/5BO/ktuDrMu6CaBfQqSrklhvzylRqHlPN0+buuynXKpKOW7u86dTg
q5VcTuU9OuQyV+QlNhOgd9t+y9bxBw==
-----END CERTIFICATE-----
Generated at Fri Apr 17 13:28:55 2026 by rpki-client