Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36886B3/3535CA1AB8EF11EDA9B341DAF1222468/2CFC017C635311F19D993FE1CE1D38B0.roa
File: 2CFC017C635311F19D993FE1CE1D38B0.roa (raw, json)
Hash identifier: V7H3wtUO2XKKRWwYHk9LANumJZEQooTT5n654l3o9Ow=
Subject key identifier: 2B:DA:CB:D2:0C:65:F9:2E:8A:5C:F5:6F:4E:E9:EF:2A:08:EB:1A:2B
Certificate issuer: /CN=F36886B3AF/serialNumber=3D6ED905037C83C573780B0CCDC70D5D8CEF038B
Certificate serial: 0527
Authority key identifier: 3D:6E:D9:05:03:7C:83:C5:73:78:0B:0C:CD:C7:0D:5D:8C:EF:03:8B
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/PW7ZBQN8g8VzeAsMzccNXYzvA4s.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36886B3/3535CA1AB8EF11EDA9B341DAF1222468/2CFC017C635311F19D993FE1CE1D38B0.roa
Signing time: Mon 08 Jun 2026 16:00:32 +0000
ROA not before: Mon 08 Jun 2026 16:00:26 +0000
ROA not after: Mon 03 Jun 2030 16:00:26 +0000
asID: 33763
IP address blocks: 197.234.96.0/20 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36886B3/3535CA1AB8EF11EDA9B341DAF1222468/PW7ZBQN8g8VzeAsMzccNXYzvA4s.crl
rsync://rpki.afrinic.net/repository/member_repository/F36886B3/3535CA1AB8EF11EDA9B341DAF1222468/PW7ZBQN8g8VzeAsMzccNXYzvA4s.mft
rsync://rpki.afrinic.net/repository/afrinic/PW7ZBQN8g8VzeAsMzccNXYzvA4s.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 15 Jun 2026 00:07:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1319 (0x527)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36886B3AF, serialNumber=3D6ED905037C83C573780B0CCDC70D5D8CEF038B
Validity
Not Before: Jun 8 16:00:26 2026 GMT
Not After : Jun 3 16:00:26 2030 GMT
Subject: CN=6a26e71f-634b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:64:c3:44:60:70:07:02:43:48:3b:de:f3:07:
85:3e:46:43:20:95:ba:7f:f6:ac:d5:ff:c2:1d:aa:
d8:e0:46:a8:69:81:ca:bb:df:a9:ac:06:1b:3e:77:
39:d5:36:ce:a3:6d:35:96:f3:60:21:0a:ce:de:04:
f0:5a:5b:70:a8:e3:29:88:71:57:f5:a0:d2:74:95:
e0:d9:ed:fd:c8:2d:7d:39:ed:f9:a6:ba:5d:d4:c7:
d1:6c:ef:75:9e:e6:64:3d:24:ed:71:50:3e:dc:57:
4e:6a:b7:bc:d8:44:dd:69:f7:0b:c4:ff:f7:1e:31:
43:12:f2:3e:fd:d4:26:59:2c:cc:26:b6:93:3c:db:
98:70:00:3c:7a:2f:d9:4a:7c:d0:c3:b9:2b:3b:22:
0b:49:20:7b:8e:29:2b:16:d5:aa:3e:76:48:c2:9d:
c2:04:00:13:c6:3a:15:9c:2c:f8:bd:7c:78:0b:b4:
2d:f7:be:13:12:42:04:38:58:93:6a:56:e1:c0:9c:
6b:92:70:9a:f9:2e:41:d2:4a:61:a0:b2:82:20:72:
62:32:a3:e4:53:bf:13:a9:3a:0e:92:bd:84:ba:85:
ef:22:c1:2e:68:12:ce:3b:59:ed:e3:a8:81:c5:f6:
6c:6d:97:e6:2b:04:f4:ca:a0:65:b0:f9:01:80:4f:
26:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:DA:CB:D2:0C:65:F9:2E:8A:5C:F5:6F:4E:E9:EF:2A:08:EB:1A:2B
X509v3 Authority Key Identifier:
keyid:3D:6E:D9:05:03:7C:83:C5:73:78:0B:0C:CD:C7:0D:5D:8C:EF:03:8B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36886B3/3535CA1AB8EF11EDA9B341DAF1222468/PW7ZBQN8g8VzeAsMzccNXYzvA4s.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/PW7ZBQN8g8VzeAsMzccNXYzvA4s.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36886B3/3535CA1AB8EF11EDA9B341DAF1222468/2CFC017C635311F19D993FE1CE1D38B0.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
197.234.96.0/20
Signature Algorithm: sha256WithRSAEncryption
63:35:17:0c:81:12:aa:fb:f9:23:08:ef:25:73:03:d3:02:40:
e5:b8:5d:cc:01:cb:8d:13:76:5b:44:9d:60:d5:0a:1f:ce:9f:
95:45:fe:74:e4:13:4d:e9:74:07:c8:b1:88:12:fc:89:9c:4f:
9e:4c:cc:e6:4b:b3:ba:41:ec:01:c0:0a:8c:3b:b9:21:f9:4a:
01:c3:ed:a1:d6:10:c0:a8:f2:f8:07:2e:ab:05:bc:7e:eb:18:
1c:d2:ac:df:bd:d1:84:e8:75:c8:40:26:95:6e:15:5a:94:60:
6a:73:b3:55:f7:9d:e2:44:6b:32:0d:72:fe:70:4b:16:7d:20:
0f:fd:04:e1:b0:fe:f0:4d:9c:b2:e7:ab:ed:de:98:fd:a5:06:
27:87:2f:45:1f:76:f6:77:7a:a2:48:cb:97:56:b1:e3:8f:7f:
e7:cf:5d:f3:40:f4:6e:90:63:60:e6:4c:87:ee:e4:07:8b:75:
be:9b:41:19:ec:dc:95:5b:5d:f3:f9:f6:46:9e:8f:e3:15:f9:
35:aa:b0:5c:71:f7:85:b7:f0:d0:dd:6b:6b:51:4a:b5:94:84:
d8:c3:e7:94:b1:8e:e8:a1:1c:2f:1d:36:3e:22:50:10:c6:19:
b7:ca:19:bf:b5:0e:12:17:76:2e:2a:7b:ca:47:74:0c:8f:ee:
61:49:20:b4
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICBScwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
ODg2QjNBRjExMC8GA1UEBRMoM0Q2RUQ5MDUwMzdDODNDNTczNzgwQjBDQ0RDNzBE
NUQ4Q0VGMDM4QjAeFw0yNjA2MDgxNjAwMjZaFw0zMDA2MDMxNjAwMjZaMBgxFjAU
BgNVBAMTDTZhMjZlNzFmLTYzNGIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDPZMNEYHAHAkNIO97zB4U+RkMglbp/9qzV/8IdqtjgRqhpgcq736msBhs+
dznVNs6jbTWW82AhCs7eBPBaW3Co4ymIcVf1oNJ0leDZ7f3ILX057fmmul3Ux9Fs
73We5mQ9JO1xUD7cV05qt7zYRN1p9wvE//ceMUMS8j791CZZLMwmtpM825hwADx6
L9lKfNDDuSs7IgtJIHuOKSsW1ao+dkjCncIEABPGOhWcLPi9fHgLtC33vhMSQgQ4
WJNqVuHAnGuScJr5LkHSSmGgsoIgcmIyo+RTvxOpOg6SvYS6he8iwS5oEs47We3j
qIHF9mxtl+YrBPTKoGWw+QGATybXAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUK9rL
0gxl+S6KXPVvTunvKgjrGiswHwYDVR0jBBgwFoAUPW7ZBQN8g8VzeAsMzccNXYzv
A4swDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjg4NkIzLzM1MzVDQTFBQjhFRjExRURBOUIzNDFEQUYxMjIyNDY4L1BXN1pC
UU44ZzhWemVBc016Y2NOWFl6dkE0cy5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL1BXN1pCUU44ZzhWemVBc016Y2NOWFl6dkE0cy5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjg4NkIzLzM1MzVDQTFBQjhFRjExRURBOUIzNDFEQUYx
MjIyNDY4LzJDRkMwMTdDNjM1MzExRjE5RDk5M0ZFMUNFMUQzOEIwLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBATF6mAwDQYJKoZIhvcNAQEL
BQADggEBAGM1FwyBEqr7+SMI7yVzA9MCQOW4XcwBy40TdltEnWDVCh/On5VF/nTk
E03pdAfIsYgS/ImcT55MzOZLs7pB7AHACow7uSH5SgHD7aHWEMCo8vgHLqsFvH7r
GBzSrN+90YTodchAJpVuFVqUYGpzs1X3neJEazINcv5wSxZ9IA/9BOGw/vBNnLLn
q+3emP2lBieHL0UfdvZ3eqJIy5dWseOPf+fPXfNA9G6QY2DmTIfu5AeLdb6bQRns
3JVbXfP59kaej+MV+TWqsFxx94W38NDda2tRSrWUhNjD55SxjuihHC8dNj4iUBDG
GbfKGb+1DhIXdi4qe8pHdAyP7mFJILQ=
-----END CERTIFICATE-----
Generated at Sat Jun 13 08:04:40 2026 by rpki-client