Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F366F3D8/81935ACE542511F181DD8B0DCF1D38B0/61DF2B6C542611F1A73BCF11CF1D38B0.roa
File: 61DF2B6C542611F1A73BCF11CF1D38B0.roa (raw, json)
Hash identifier: PswgLu6UTQf3VhBFNJJhAa+wXPas7s5Eei+jQ1A4+iA=
Subject key identifier: 4E:3B:69:CF:65:47:33:9D:47:91:3D:FE:4E:1E:85:82:C0:9B:8D:C1
Certificate issuer: /CN=F366F3D8AF/serialNumber=10A0FC82A3A84025A0106B64C02E8DF7E81A2534
Certificate serial: 02
Authority key identifier: 10:A0:FC:82:A3:A8:40:25:A0:10:6B:64:C0:2E:8D:F7:E8:1A:25:34
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/EKD8gqOoQCWgEGtkwC6N9-gaJTQ.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F366F3D8/81935ACE542511F181DD8B0DCF1D38B0/61DF2B6C542611F1A73BCF11CF1D38B0.roa
Signing time: Wed 20 May 2026 08:32:06 +0000
ROA not before: Wed 20 May 2026 08:32:01 +0000
ROA not after: Fri 31 May 2030 08:32:01 +0000
asID: 329288
IP address blocks: 102.211.212.0/22 maxlen: 24
2c0f:4e40::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F366F3D8/81935ACE542511F181DD8B0DCF1D38B0/EKD8gqOoQCWgEGtkwC6N9-gaJTQ.crl
rsync://rpki.afrinic.net/repository/member_repository/F366F3D8/81935ACE542511F181DD8B0DCF1D38B0/EKD8gqOoQCWgEGtkwC6N9-gaJTQ.mft
rsync://rpki.afrinic.net/repository/afrinic/EKD8gqOoQCWgEGtkwC6N9-gaJTQ.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 19 Jun 2026 00:07:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F366F3D8AF, serialNumber=10A0FC82A3A84025A0106B64C02E8DF7E81A2534
Validity
Not Before: May 20 08:32:01 2026 GMT
Not After : May 31 08:32:01 2030 GMT
Subject: CN=6a0d7185-2e67
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:12:9e:05:99:03:68:02:55:d7:c3:e8:7d:2b:
12:4c:59:8d:27:e6:88:f5:c5:46:06:83:96:62:cc:
4c:25:3a:3a:58:05:f2:4c:b5:17:e0:ac:79:59:97:
dc:94:52:6f:3c:05:fb:10:c3:c4:c2:d1:74:16:72:
f8:97:59:6c:4b:90:7a:ad:41:c1:39:c8:1f:b6:ad:
25:61:ea:fc:c3:ff:1a:84:d8:55:99:73:05:1e:2d:
a0:05:ae:f8:07:7d:48:73:ad:4a:f4:fc:56:41:a1:
0e:48:9a:8a:1c:76:80:22:53:d6:9e:37:b0:14:4a:
60:63:23:43:b7:ae:fc:36:12:db:6f:7a:ab:f4:23:
3e:70:bd:4f:06:71:8a:ef:88:78:42:81:3c:1d:33:
d8:f2:d0:03:c5:89:3b:51:d0:19:d0:b7:ad:23:b6:
d1:26:79:03:b8:e3:a1:52:de:62:77:31:b5:9e:75:
50:d1:9e:5a:8d:19:f0:3a:c9:b9:1d:a9:36:1c:df:
2b:b3:1c:5f:28:4a:83:84:a2:a5:4c:87:19:05:22:
e1:c1:37:a4:c1:b7:e7:d3:72:a1:9e:08:19:69:77:
df:dd:16:6e:9b:40:2d:4f:01:ed:20:3e:df:ea:41:
4d:c4:44:d8:a6:58:5e:06:e8:bc:d3:e1:cd:b8:31:
8e:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:3B:69:CF:65:47:33:9D:47:91:3D:FE:4E:1E:85:82:C0:9B:8D:C1
X509v3 Authority Key Identifier:
keyid:10:A0:FC:82:A3:A8:40:25:A0:10:6B:64:C0:2E:8D:F7:E8:1A:25:34
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F366F3D8/81935ACE542511F181DD8B0DCF1D38B0/EKD8gqOoQCWgEGtkwC6N9-gaJTQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/EKD8gqOoQCWgEGtkwC6N9-gaJTQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F366F3D8/81935ACE542511F181DD8B0DCF1D38B0/61DF2B6C542611F1A73BCF11CF1D38B0.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.211.212.0/22
IPv6:
2c0f:4e40::/32
Signature Algorithm: sha256WithRSAEncryption
d8:97:68:42:5c:f8:62:f1:9a:ff:07:26:30:1e:5b:17:5f:f3:
34:e9:8d:c2:3e:88:a3:8d:b8:04:b4:dd:8c:2c:48:a4:37:99:
6c:48:d4:ec:7f:78:0c:d5:15:0c:8c:b1:68:e9:13:46:2c:a5:
eb:c5:5d:27:e6:f1:60:50:59:f5:92:77:ac:38:6e:8c:2e:a5:
46:5e:43:5e:ef:da:15:23:13:8e:62:dd:c5:9e:33:14:59:20:
f5:77:2b:c0:d9:e8:cd:f7:ed:85:c3:a2:58:db:e4:bd:3f:35:
21:a6:2a:08:7d:4f:71:36:a8:5e:fb:f6:c6:12:83:ce:7d:34:
4a:f7:2d:d6:f7:64:87:1d:80:50:93:08:05:dd:83:0d:3d:7b:
24:a2:e0:1e:98:23:d6:ba:04:df:86:bc:89:d8:7b:31:73:a7:
17:fb:a0:ae:b1:63:e9:62:a3:10:1e:e0:bd:19:4f:90:1e:97:
cb:32:0a:67:65:53:af:2c:3d:2b:1f:bd:34:fd:e6:69:c4:0b:
3a:74:a7:5b:cf:f6:5d:d5:58:6d:ce:a6:24:d6:22:fc:d4:ec:
dc:f4:2f:70:fa:11:8e:f3:33:c3:6d:cb:bc:3f:2b:b0:87:23:
05:97:b7:52:87:2c:82:48:31:aa:9d:01:d4:6e:d0:ff:72:e7:
d5:7a:c4:8e
-----BEGIN CERTIFICATE-----
MIIFkTCCBHmgAwIBAgIBAjANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzY2
RjNEOEFGMTEwLwYDVQQFEygxMEEwRkM4MkEzQTg0MDI1QTAxMDZCNjRDMDJFOERG
N0U4MUEyNTM0MB4XDTI2MDUyMDA4MzIwMVoXDTMwMDUzMTA4MzIwMVowGDEWMBQG
A1UEAxMNNmEwZDcxODUtMmU2NzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALgSngWZA2gCVdfD6H0rEkxZjSfmiPXFRgaDlmLMTCU6OlgF8ky1F+CseVmX
3JRSbzwF+xDDxMLRdBZy+JdZbEuQeq1BwTnIH7atJWHq/MP/GoTYVZlzBR4toAWu
+Ad9SHOtSvT8VkGhDkiaihx2gCJT1p43sBRKYGMjQ7eu/DYS2296q/QjPnC9TwZx
iu+IeEKBPB0z2PLQA8WJO1HQGdC3rSO20SZ5A7jjoVLeYncxtZ51UNGeWo0Z8DrJ
uR2pNhzfK7McXyhKg4SipUyHGQUi4cE3pMG359NyoZ4IGWl3390WbptALU8B7SA+
3+pBTcRE2KZYXgbovNPhzbgxjvECAwEAAaOCArQwggKwMB0GA1UdDgQWBBROO2nP
ZUcznUeRPf5OHoWCwJuNwTAfBgNVHSMEGDAWgBQQoPyCo6hAJaAQa2TALo336Bol
NDAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2NkYzRDgvODE5MzVBQ0U1NDI1MTFGMTgxREQ4QjBEQ0YxRDM4QjAvRUtEOGdx
T29RQ1dnRUd0a3dDNk45LWdhSlRRLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvRUtEOGdxT29RQ1dnRUd0a3dDNk45LWdhSlRRLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2NkYzRDgvODE5MzVBQ0U1NDI1MTFGMTgxREQ4QjBEQ0Yx
RDM4QjAvNjFERjJCNkM1NDI2MTFGMUE3M0JDRjExQ0YxRDM4QjAucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAuBggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEAmbT1DANBAIAAjAHAwUALA9O
QDANBgkqhkiG9w0BAQsFAAOCAQEA2JdoQlz4YvGa/wcmMB5bF1/zNOmNwj6Io424
BLTdjCxIpDeZbEjU7H94DNUVDIyxaOkTRiyl68VdJ+bxYFBZ9ZJ3rDhujC6lRl5D
Xu/aFSMTjmLdxZ4zFFkg9XcrwNnozffthcOiWNvkvT81IaYqCH1PcTaoXvv2xhKD
zn00Svct1vdkhx2AUJMIBd2DDT17JKLgHpgj1roE34a8idh7MXOnF/ugrrFj6WKj
EB7gvRlPkB6XyzIKZ2VTryw9Kx+9NP3macQLOnSnW8/2XdVYbc6mJNYi/NTs3PQv
cPoRjvMzw23LvD8rsIcjBZe3Uocsgkgxqp0B1G7Q/3Ln1XrEjg==
-----END CERTIFICATE-----
Generated at Wed Jun 17 09:27:40 2026 by rpki-client