Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3684027/43DC0FDC207711ECB23FE226D8A014CE/A9D6E48A5D0611F1B78F8114CF1D38B0.roa
File: A9D6E48A5D0611F1B78F8114CF1D38B0.roa (raw, json)
Hash identifier: opmRLpWk66BQlDryATDPPW9ebEfSz1NeYe47ioBWCPI=
Subject key identifier: 08:01:6E:76:94:5A:0E:67:4D:BF:74:E6:21:D0:89:10:C0:DA:7A:95
Certificate issuer: /CN=F3684027AF/serialNumber=A8F3FFCCF2BD6F173E578DCE8625E01C5397F735
Certificate serial: 06DB
Authority key identifier: A8:F3:FF:CC:F2:BD:6F:17:3E:57:8D:CE:86:25:E0:1C:53:97:F7:35
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/qPP_zPK9bxc-V43OhiXgHFOX9zU.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3684027/43DC0FDC207711ECB23FE226D8A014CE/A9D6E48A5D0611F1B78F8114CF1D38B0.roa
Signing time: Sun 31 May 2026 15:37:43 +0000
ROA not before: Mon 01 Jun 2026 15:37:38 +0000
ROA not after: Sun 01 Jun 2031 15:37:38 +0000
asID: 329181
IP address blocks: 102.218.220.0/22 maxlen: 24
2c0f:6500::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F3684027/43DC0FDC207711ECB23FE226D8A014CE/qPP_zPK9bxc-V43OhiXgHFOX9zU.crl
rsync://rpki.afrinic.net/repository/member_repository/F3684027/43DC0FDC207711ECB23FE226D8A014CE/qPP_zPK9bxc-V43OhiXgHFOX9zU.mft
rsync://rpki.afrinic.net/repository/afrinic/qPP_zPK9bxc-V43OhiXgHFOX9zU.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 15 Jun 2026 00:07:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1755 (0x6db)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3684027AF, serialNumber=A8F3FFCCF2BD6F173E578DCE8625E01C5397F735
Validity
Not Before: Jun 1 15:37:38 2026 GMT
Not After : Jun 1 15:37:38 2031 GMT
Subject: CN=6a1c55c7-be64
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:b9:32:5f:79:28:d2:21:2f:9d:58:28:22:d3:
b8:2c:71:7b:14:a6:32:09:19:e5:a1:d1:1a:9e:4e:
30:48:9e:34:ff:e4:14:bd:11:34:44:c2:fe:b8:7f:
14:11:61:d6:f2:e7:cb:c8:4e:28:47:fe:0a:53:f1:
bf:38:f6:4f:f3:fd:e3:9b:f6:0a:51:8f:9f:ed:ab:
5b:5b:e6:3d:f4:64:fe:45:5e:8c:06:3f:25:e9:31:
47:cc:90:9f:89:1c:0e:bd:8c:d5:72:92:be:40:b8:
97:03:16:9e:4c:c2:29:4c:87:11:54:4a:5c:1f:40:
e6:0e:ff:6b:6f:fb:70:76:77:ee:2b:aa:d0:55:66:
fb:fe:59:93:7e:0c:24:8b:a0:8f:e6:d7:7a:30:da:
00:28:3f:37:fa:70:42:38:c1:04:34:35:46:2a:30:
35:1c:7d:e5:92:26:9a:e5:26:c3:ca:d9:d1:3d:4f:
3d:58:01:fe:f0:de:04:a6:cb:cb:8d:77:bf:92:3c:
ef:60:59:2d:ad:34:46:57:2e:a5:b1:1f:cb:05:5f:
ab:fc:64:0d:54:28:18:c3:9a:ff:37:35:01:8a:06:
98:64:59:1c:e2:95:23:40:35:72:ed:00:ea:20:2b:
36:68:39:5d:ee:f8:6b:c7:11:0f:b7:fe:91:dd:a3:
0c:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:01:6E:76:94:5A:0E:67:4D:BF:74:E6:21:D0:89:10:C0:DA:7A:95
X509v3 Authority Key Identifier:
keyid:A8:F3:FF:CC:F2:BD:6F:17:3E:57:8D:CE:86:25:E0:1C:53:97:F7:35
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3684027/43DC0FDC207711ECB23FE226D8A014CE/qPP_zPK9bxc-V43OhiXgHFOX9zU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/qPP_zPK9bxc-V43OhiXgHFOX9zU.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3684027/43DC0FDC207711ECB23FE226D8A014CE/A9D6E48A5D0611F1B78F8114CF1D38B0.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.218.220.0/22
IPv6:
2c0f:6500::/32
Signature Algorithm: sha256WithRSAEncryption
61:49:d1:10:ec:7c:f2:aa:67:3e:cf:de:b5:ac:59:02:e1:4e:
6f:36:14:5b:8a:d5:0f:9d:42:04:2c:6f:38:f0:b3:c4:d3:41:
2d:78:dd:16:31:0a:fd:0a:7a:36:49:55:28:8d:f2:6c:8a:1b:
0b:0f:c3:ea:0a:4b:a5:6c:18:12:f9:09:f4:11:39:ac:42:ef:
5d:85:2b:b7:d2:21:9c:3b:2d:82:ac:7c:4f:97:d3:18:c0:14:
a7:27:38:20:a1:b7:65:f2:1d:c7:a9:cf:9e:c6:1b:d1:04:99:
d0:16:2f:7d:0c:da:e4:03:37:a5:3a:ad:14:97:29:ed:5f:4e:
3e:fd:5e:7e:c3:16:be:7a:fc:8c:f1:da:a3:03:d9:64:a2:ab:
34:55:e1:f6:60:71:ad:36:c3:52:d9:38:fa:7a:21:2e:34:a1:
fd:d4:c5:27:0b:46:99:01:2b:e2:68:80:0a:04:1c:96:3b:25:
3e:88:b1:b2:e1:ff:eb:7f:80:47:34:56:0e:a1:3f:a3:f9:db:
0b:2d:9a:67:19:d9:d6:eb:15:11:e3:23:db:49:ca:02:4b:b7:
b7:3c:25:97:52:16:bb:8f:57:39:ad:b7:cc:4d:c5:1b:25:13:
f8:92:02:3d:a2:d9:a4:57:01:4b:10:31:95:eb:7c:de:07:8a:
25:8f:ae:ae
-----BEGIN CERTIFICATE-----
MIIFkjCCBHqgAwIBAgICBtswDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
ODQwMjdBRjExMC8GA1UEBRMoQThGM0ZGQ0NGMkJENkYxNzNFNTc4RENFODYyNUUw
MUM1Mzk3RjczNTAeFw0yNjA2MDExNTM3MzhaFw0zMTA2MDExNTM3MzhaMBgxFjAU
BgNVBAMTDTZhMWM1NWM3LWJlNjQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQChuTJfeSjSIS+dWCgi07gscXsUpjIJGeWh0RqeTjBInjT/5BS9ETREwv64
fxQRYdby58vITihH/gpT8b849k/z/eOb9gpRj5/tq1tb5j30ZP5FXowGPyXpMUfM
kJ+JHA69jNVykr5AuJcDFp5MwilMhxFUSlwfQOYO/2tv+3B2d+4rqtBVZvv+WZN+
DCSLoI/m13ow2gAoPzf6cEI4wQQ0NUYqMDUcfeWSJprlJsPK2dE9Tz1YAf7w3gSm
y8uNd7+SPO9gWS2tNEZXLqWxH8sFX6v8ZA1UKBjDmv83NQGKBphkWRzilSNANXLt
AOogKzZoOV3u+GvHEQ+3/pHdowz/AgMBAAGjggK0MIICsDAdBgNVHQ4EFgQUCAFu
dpRaDmdNv3TmIdCJEMDaepUwHwYDVR0jBBgwFoAUqPP/zPK9bxc+V43OhiXgHFOX
9zUwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjg0MDI3LzQzREMwRkRDMjA3NzExRUNCMjNGRTIyNkQ4QTAxNENFL3FQUF96
UEs5YnhjLVY0M09oaVhnSEZPWDl6VS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL3FQUF96UEs5YnhjLVY0M09oaVhnSEZPWDl6VS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjg0MDI3LzQzREMwRkRDMjA3NzExRUNCMjNGRTIyNkQ4
QTAxNENFL0E5RDZFNDhBNUQwNjExRjFCNzhGODExNENGMUQzOEIwLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwLgYIKwYBBQUHAQcBAf8EHzAdMAwEAgABMAYDBAJm2twwDQQCAAIwBwMFACwP
ZQAwDQYJKoZIhvcNAQELBQADggEBAGFJ0RDsfPKqZz7P3rWsWQLhTm82FFuK1Q+d
QgQsbzjws8TTQS143RYxCv0KejZJVSiN8myKGwsPw+oKS6VsGBL5CfQROaxC712F
K7fSIZw7LYKsfE+X0xjAFKcnOCCht2XyHcepz57GG9EEmdAWL30M2uQDN6U6rRSX
Ke1fTj79Xn7DFr56/Izx2qMD2WSiqzRV4fZgca02w1LZOPp6IS40of3UxScLRpkB
K+JogAoEHJY7JT6IsbLh/+t/gEc0Vg6hP6P52wstmmcZ2dbrFRHjI9tJygJLt7c8
JZdSFruPVzmtt8xNxRslE/iSAj2i2aRXAUsQMZXrfN4HiiWPrq4=
-----END CERTIFICATE-----
Generated at Sat Jun 13 20:57:17 2026 by rpki-client