Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F367E157/E62CA68A0B3611F19D79027CDAE4EC9C/CE9FEAFC29E211F19A2F7E84DAE4EC9C.roa
File: CE9FEAFC29E211F19A2F7E84DAE4EC9C.roa (raw, json)
Hash identifier: DFioY4TtccPGtKp1xwhCK0Fw8LMx+i//Mg7FbiPkadU=
Subject key identifier: AD:98:0A:A6:DA:B7:37:98:87:31:36:68:8A:C9:C5:BA:28:83:09:B1
Certificate issuer: /CN=F367E157AF/serialNumber=7EC14D7C497690DCB0C933DF33D6A68B1B992A8F
Certificate serial: 2C
Authority key identifier: 7E:C1:4D:7C:49:76:90:DC:B0:C9:33:DF:33:D6:A6:8B:1B:99:2A:8F
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/fsFNfEl2kNywyTPfM9amixuZKo8.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F367E157/E62CA68A0B3611F19D79027CDAE4EC9C/CE9FEAFC29E211F19A2F7E84DAE4EC9C.roa
Signing time: Fri 27 Mar 2026 13:42:34 +0000
ROA not before: Fri 27 Mar 2026 13:42:27 +0000
ROA not after: Tue 31 Dec 2030 13:42:27 +0000
asID: 329580
IP address blocks: 102.205.88.0/23 maxlen: 23
102.205.88.0/24 maxlen: 24
102.205.89.0/24 maxlen: 24
102.205.90.0/23 maxlen: 23
102.205.90.0/24 maxlen: 24
102.205.91.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F367E157/E62CA68A0B3611F19D79027CDAE4EC9C/fsFNfEl2kNywyTPfM9amixuZKo8.crl
rsync://rpki.afrinic.net/repository/member_repository/F367E157/E62CA68A0B3611F19D79027CDAE4EC9C/fsFNfEl2kNywyTPfM9amixuZKo8.mft
rsync://rpki.afrinic.net/repository/afrinic/fsFNfEl2kNywyTPfM9amixuZKo8.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 19 Apr 2026 05:26:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 44 (0x2c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F367E157AF, serialNumber=7EC14D7C497690DCB0C933DF33D6A68B1B992A8F
Validity
Not Before: Mar 27 13:42:27 2026 GMT
Not After : Dec 31 13:42:27 2030 GMT
Subject: CN=69c68949-3313
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:0e:0a:bf:07:1a:25:60:0a:54:3f:df:fa:dc:
19:a4:a0:22:dd:36:58:c4:27:e1:5e:30:10:4f:16:
c2:6a:4b:94:25:92:eb:94:0d:eb:f4:0a:45:d2:b4:
89:83:43:9f:f6:6c:29:4b:33:99:48:bd:c6:4c:fd:
66:24:a8:de:11:6a:ad:90:f9:f3:27:f9:88:a5:c3:
2d:0d:2d:e0:a8:9e:ac:a3:08:8e:53:6a:fb:7a:5f:
d6:e0:7d:6a:2d:7f:12:0e:cb:77:95:f2:73:a8:21:
a5:e0:f7:8b:1d:ee:f1:e8:de:fa:c0:a5:a5:01:c7:
93:31:a6:a2:c7:c5:ee:7a:ad:2c:2d:b6:d8:1d:b8:
c9:1a:f8:9d:d7:df:a2:3f:7d:81:c5:99:6a:59:60:
2b:0b:15:14:68:df:56:83:5d:d9:72:7d:40:1f:39:
a9:28:13:56:8b:a3:88:9b:ca:8c:d8:30:73:37:21:
56:93:9c:f4:50:b6:46:7d:f3:76:0b:bc:d8:31:86:
78:4b:b2:1c:10:af:f6:f8:ef:2c:23:e9:ff:14:4b:
69:66:51:4f:ea:33:5b:76:ca:f8:54:e3:c3:ac:b2:
47:44:a0:04:44:0c:0a:c9:cb:39:a1:c5:06:8d:14:
8a:13:bb:40:f0:6a:f4:e5:fe:19:dc:97:bc:00:e6:
b8:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:98:0A:A6:DA:B7:37:98:87:31:36:68:8A:C9:C5:BA:28:83:09:B1
X509v3 Authority Key Identifier:
keyid:7E:C1:4D:7C:49:76:90:DC:B0:C9:33:DF:33:D6:A6:8B:1B:99:2A:8F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F367E157/E62CA68A0B3611F19D79027CDAE4EC9C/fsFNfEl2kNywyTPfM9amixuZKo8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/fsFNfEl2kNywyTPfM9amixuZKo8.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F367E157/E62CA68A0B3611F19D79027CDAE4EC9C/CE9FEAFC29E211F19A2F7E84DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.205.88.0/22
Signature Algorithm: sha256WithRSAEncryption
47:55:11:36:dd:df:58:6a:3e:65:e1:f3:e8:0c:db:9f:e1:c9:
44:33:56:95:80:39:a2:07:9f:24:15:18:42:31:9d:ac:d8:0c:
6b:02:36:17:ac:8d:b4:82:cc:39:12:ed:c8:69:1d:59:ba:44:
18:12:22:59:fd:14:a5:92:f4:b5:b4:4e:1a:c5:db:b9:76:a1:
5d:ac:a0:13:07:b9:6a:a6:42:06:9a:82:2f:c5:c8:bf:d4:3b:
29:1a:25:94:f3:36:75:d6:eb:de:5c:bd:35:7b:0c:3d:e8:f1:
ae:0b:12:63:15:23:ba:ce:fa:b2:da:0c:c9:47:b6:cc:1b:f2:
2e:55:cb:b8:9f:d0:52:b3:54:0a:a6:44:ca:53:d8:fe:a3:a4:
26:57:c0:f8:d8:0f:bd:45:2d:81:d9:32:67:a0:12:bb:07:b4:
ac:c8:b0:6c:dc:32:47:3d:46:8b:36:65:2c:c8:d4:d9:f4:8b:
12:06:f3:35:32:df:16:ee:bd:75:60:0b:e9:5d:a8:60:5a:03:
26:0e:ea:dd:b9:f5:8b:f7:ee:67:10:07:02:fb:69:0c:46:84:
92:b5:ae:f5:a4:0f:a8:f3:01:4e:d2:e2:67:d4:03:8d:4c:6f:
78:5f:9f:24:57:f5:bb:f5:eb:c4:88:64:37:2f:98:df:b6:96:
9b:da:3c:3e
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgIBLDANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzY3
RTE1N0FGMTEwLwYDVQQFEyg3RUMxNEQ3QzQ5NzY5MERDQjBDOTMzREYzM0Q2QTY4
QjFCOTkyQThGMB4XDTI2MDMyNzEzNDIyN1oXDTMwMTIzMTEzNDIyN1owGDEWMBQG
A1UEAxMNNjljNjg5NDktMzMxMzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKkOCr8HGiVgClQ/3/rcGaSgIt02WMQn4V4wEE8WwmpLlCWS65QN6/QKRdK0
iYNDn/ZsKUszmUi9xkz9ZiSo3hFqrZD58yf5iKXDLQ0t4KierKMIjlNq+3pf1uB9
ai1/Eg7Ld5Xyc6ghpeD3ix3u8eje+sClpQHHkzGmosfF7nqtLC222B24yRr4ndff
oj99gcWZallgKwsVFGjfVoNd2XJ9QB85qSgTVoujiJvKjNgwczchVpOc9FC2Rn3z
dgu82DGGeEuyHBCv9vjvLCPp/xRLaWZRT+ozW3bK+FTjw6yyR0SgBEQMCsnLOaHF
Bo0UihO7QPBq9OX+GdyXvADmuAUCAwEAAaOCAqUwggKhMB0GA1UdDgQWBBStmAqm
2rc3mIcxNmiKycW6KIMJsTAfBgNVHSMEGDAWgBR+wU18SXaQ3LDJM98z1qaLG5kq
jzAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2N0UxNTcvRTYyQ0E2OEEwQjM2MTFGMTlENzkwMjdDREFFNEVDOUMvZnNGTmZF
bDJrTnl3eVRQZk05YW1peHVaS284LmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvZnNGTmZFbDJrTnl3eVRQZk05YW1peHVaS284LmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2N0UxNTcvRTYyQ0E2OEEwQjM2MTFGMTlENzkwMjdDREFF
NEVDOUMvQ0U5RkVBRkMyOUUyMTFGMTlBMkY3RTg0REFFNEVDOUMucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAmbNWDANBgkqhkiG9w0BAQsF
AAOCAQEAR1URNt3fWGo+ZeHz6Azbn+HJRDNWlYA5ogefJBUYQjGdrNgMawI2F6yN
tILMORLtyGkdWbpEGBIiWf0UpZL0tbROGsXbuXahXaygEwe5aqZCBpqCL8XIv9Q7
KRollPM2ddbr3ly9NXsMPejxrgsSYxUjus76stoMyUe2zBvyLlXLuJ/QUrNUCqZE
ylPY/qOkJlfA+NgPvUUtgdkyZ6ASuwe0rMiwbNwyRz1GizZlLMjU2fSLEgbzNTLf
Fu69dWAL6V2oYFoDJg7q3bn1i/fuZxAHAvtpDEaEkrWu9aQPqPMBTtLiZ9QDjUxv
eF+fJFf1u/XrxIhkNy+Y37aWm9o8Pg==
-----END CERTIFICATE-----
Generated at Fri Apr 17 23:54:31 2026 by rpki-client