Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3678B2C/903267CE08C511F1BD6ADA7BDAE4EC9C/FE138FA208C511F1827C647CDAE4EC9C.roa
File: FE138FA208C511F1827C647CDAE4EC9C.roa (raw, json)
Hash identifier: VfBb7QRNJ+0kJ0a9czJU7oLPc0BoZ7T1d1tl93Q0e1I=
Subject key identifier: 31:86:22:91:A4:C8:69:B8:CB:F0:62:97:4D:79:27:B9:41:F6:C3:45
Certificate issuer: /CN=F3678B2CAF/serialNumber=FE93AF4F428797BC23077C6E2BA5E43517D4E2FB
Certificate serial: 02
Authority key identifier: FE:93:AF:4F:42:87:97:BC:23:07:7C:6E:2B:A5:E4:35:17:D4:E2:FB
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/_pOvT0KHl7wjB3xuK6XkNRfU4vs.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3678B2C/903267CE08C511F1BD6ADA7BDAE4EC9C/FE138FA208C511F1827C647CDAE4EC9C.roa
Signing time: Fri 13 Feb 2026 10:23:09 +0000
ROA not before: Fri 13 Feb 2026 10:23:02 +0000
ROA not after: Wed 13 Feb 2036 10:23:02 +0000
asID: 329582
IP address blocks: 102.205.84.0/22 maxlen: 24
2c0f:69c0::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F3678B2C/903267CE08C511F1BD6ADA7BDAE4EC9C/_pOvT0KHl7wjB3xuK6XkNRfU4vs.crl
rsync://rpki.afrinic.net/repository/member_repository/F3678B2C/903267CE08C511F1BD6ADA7BDAE4EC9C/_pOvT0KHl7wjB3xuK6XkNRfU4vs.mft
rsync://rpki.afrinic.net/repository/afrinic/_pOvT0KHl7wjB3xuK6XkNRfU4vs.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 03 Mar 2026 03:41:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3678B2CAF, serialNumber=FE93AF4F428797BC23077C6E2BA5E43517D4E2FB
Validity
Not Before: Feb 13 10:23:02 2026 GMT
Not After : Feb 13 10:23:02 2036 GMT
Subject: CN=698efb8d-b3e7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:52:aa:b5:83:4b:63:0a:ef:3e:37:31:13:95:
60:b5:9f:54:03:8c:42:38:c6:d9:df:fe:8c:e1:aa:
a8:98:6d:45:b4:b7:d7:57:5e:b3:c8:5c:5e:9d:8f:
33:b6:67:33:3f:30:09:c1:57:02:bb:49:29:8f:a0:
d4:e1:3a:5d:fa:ca:56:ae:8c:7e:51:85:a9:b9:9f:
3b:6c:d8:1e:6c:68:6a:80:09:e8:ec:89:74:aa:f2:
06:b2:9c:12:f2:76:b9:aa:de:5a:b9:64:f4:72:53:
f4:36:ce:cb:5c:5b:51:20:40:b3:02:da:18:72:c7:
dd:96:ce:dd:00:26:6a:0e:69:52:6c:ac:80:83:7b:
76:c6:1c:87:fc:3a:ae:26:70:21:fc:02:fa:5d:6d:
6b:c7:79:9a:90:f4:a1:d0:38:10:71:12:3a:33:c6:
6c:57:d0:63:b4:48:4b:f4:35:d6:d1:12:8d:0c:bd:
5d:8e:e5:1f:b4:ee:fc:fd:7e:d8:ea:5e:fe:31:6f:
f6:c1:5d:26:30:f9:b4:dd:c7:9b:53:bd:e6:09:30:
ff:42:9d:c1:04:77:1f:4f:77:cf:5e:6b:85:ac:ef:
a3:d5:54:0d:c1:96:a0:3d:ea:3b:7f:40:98:e0:74:
2f:9d:59:9c:7a:45:02:86:df:b7:c9:5a:04:00:f5:
b9:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:86:22:91:A4:C8:69:B8:CB:F0:62:97:4D:79:27:B9:41:F6:C3:45
X509v3 Authority Key Identifier:
keyid:FE:93:AF:4F:42:87:97:BC:23:07:7C:6E:2B:A5:E4:35:17:D4:E2:FB
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3678B2C/903267CE08C511F1BD6ADA7BDAE4EC9C/_pOvT0KHl7wjB3xuK6XkNRfU4vs.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/_pOvT0KHl7wjB3xuK6XkNRfU4vs.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3678B2C/903267CE08C511F1BD6ADA7BDAE4EC9C/FE138FA208C511F1827C647CDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.205.84.0/22
IPv6:
2c0f:69c0::/32
Signature Algorithm: sha256WithRSAEncryption
5b:d0:a8:f5:85:77:b4:6c:77:44:09:bd:11:41:f2:a6:ed:fe:
b9:e8:eb:c6:d0:c9:b6:79:43:f0:a9:ad:71:15:e7:ce:a7:75:
0b:42:23:f3:1a:fc:0c:f6:a0:5f:51:78:df:ad:e2:f0:b0:00:
f3:2e:c1:90:f6:64:8b:e7:ef:06:a7:05:f6:cd:27:41:ae:2f:
80:18:62:be:0a:9c:dc:07:fb:5b:3d:1d:b3:9e:4a:5c:60:9c:
fb:24:4e:2e:b4:fb:1e:6e:28:d2:0f:4c:37:51:5a:16:28:c0:
fd:8e:10:12:19:f9:71:46:a6:f7:9b:5b:ee:ac:ba:ba:58:55:
3d:5f:6b:09:45:af:94:86:f7:17:8d:66:8f:2f:c5:9e:12:07:
92:fb:4a:a9:16:03:ff:dc:64:9c:9d:ba:be:9c:aa:51:ba:d2:
66:1f:d0:27:b5:1e:50:57:b6:2c:97:a2:f4:52:c0:c3:a3:63:
3e:57:f6:bb:a9:54:19:79:19:95:25:4d:36:40:25:0a:be:9a:
f3:bc:46:63:69:4e:af:97:52:9e:05:a5:43:cf:87:1a:1f:e4:
77:cc:c4:42:5f:0a:89:b2:9d:47:d2:e9:ae:05:35:f0:b3:36:
39:07:b7:3d:2f:31:04:b8:87:4c:88:8d:a2:e3:3e:83:22:fb:
01:25:1f:b0
-----BEGIN CERTIFICATE-----
MIIFkTCCBHmgAwIBAgIBAjANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzY3
OEIyQ0FGMTEwLwYDVQQFEyhGRTkzQUY0RjQyODc5N0JDMjMwNzdDNkUyQkE1RTQz
NTE3RDRFMkZCMB4XDTI2MDIxMzEwMjMwMloXDTM2MDIxMzEwMjMwMlowGDEWMBQG
A1UEAxMNNjk4ZWZiOGQtYjNlNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKJSqrWDS2MK7z43MROVYLWfVAOMQjjG2d/+jOGqqJhtRbS311des8hcXp2P
M7ZnMz8wCcFXArtJKY+g1OE6XfrKVq6MflGFqbmfO2zYHmxoaoAJ6OyJdKryBrKc
EvJ2uareWrlk9HJT9DbOy1xbUSBAswLaGHLH3ZbO3QAmag5pUmysgIN7dsYch/w6
riZwIfwC+l1ta8d5mpD0odA4EHESOjPGbFfQY7RIS/Q11tESjQy9XY7lH7Tu/P1+
2Ope/jFv9sFdJjD5tN3Hm1O95gkw/0KdwQR3H093z15rhazvo9VUDcGWoD3qO39A
mOB0L51ZnHpFAobft8laBAD1ucsCAwEAAaOCArQwggKwMB0GA1UdDgQWBBQxhiKR
pMhpuMvwYpdNeSe5QfbDRTAfBgNVHSMEGDAWgBT+k69PQoeXvCMHfG4rpeQ1F9Ti
+zAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2NzhCMkMvOTAzMjY3Q0UwOEM1MTFGMUJENkFEQTdCREFFNEVDOUMvX3BPdlQw
S0hsN3dqQjN4dUs2WGtOUmZVNHZzLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvX3BPdlQwS0hsN3dqQjN4dUs2WGtOUmZVNHZzLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2NzhCMkMvOTAzMjY3Q0UwOEM1MTFGMUJENkFEQTdCREFF
NEVDOUMvRkUxMzhGQTIwOEM1MTFGMTgyN0M2NDdDREFFNEVDOUMucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAuBggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEAmbNVDANBAIAAjAHAwUALA9p
wDANBgkqhkiG9w0BAQsFAAOCAQEAW9Co9YV3tGx3RAm9EUHypu3+uejrxtDJtnlD
8KmtcRXnzqd1C0Ij8xr8DPagX1F4363i8LAA8y7BkPZki+fvBqcF9s0nQa4vgBhi
vgqc3Af7Wz0ds55KXGCc+yROLrT7Hm4o0g9MN1FaFijA/Y4QEhn5cUam95tb7qy6
ulhVPV9rCUWvlIb3F41mjy/FnhIHkvtKqRYD/9xknJ26vpyqUbrSZh/QJ7UeUFe2
LJei9FLAw6NjPlf2u6lUGXkZlSVNNkAlCr6a87xGY2lOr5dSngWlQ8+HGh/kd8zE
Ql8KibKdR9LprgU18LM2OQe3PS8xBLiHTIiNouM+gyL7ASUfsA==
-----END CERTIFICATE-----
Generated at Mon Mar 2 04:22:36 2026 by rpki-client