Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36886B3/3535CA1AB8EF11EDA9B341DAF1222468/3CBEB5CE164511F1A59262E5DAE4EC9C.roa
File: 3CBEB5CE164511F1A59262E5DAE4EC9C.roa (raw, json)
Hash identifier: OG1AZjOphf+scFlo1ouZYzEDVGkXMX/NrBYlcyp5+6U=
Subject key identifier: C1:C4:1C:56:D8:AF:5A:06:4D:CE:0F:51:68:B6:7C:36:14:EC:02:60
Certificate issuer: /CN=F36886B3AF/serialNumber=3D6ED905037C83C573780B0CCDC70D5D8CEF038B
Certificate serial: 04AA
Authority key identifier: 3D:6E:D9:05:03:7C:83:C5:73:78:0B:0C:CD:C7:0D:5D:8C:EF:03:8B
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/PW7ZBQN8g8VzeAsMzccNXYzvA4s.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36886B3/3535CA1AB8EF11EDA9B341DAF1222468/3CBEB5CE164511F1A59262E5DAE4EC9C.roa
Signing time: Mon 02 Mar 2026 14:36:45 +0000
ROA not before: Mon 02 Mar 2026 14:36:41 +0000
ROA not after: Sat 02 Mar 2030 14:36:41 +0000
asID: 33763
IP address blocks: 197.234.96.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36886B3/3535CA1AB8EF11EDA9B341DAF1222468/PW7ZBQN8g8VzeAsMzccNXYzvA4s.crl
rsync://rpki.afrinic.net/repository/member_repository/F36886B3/3535CA1AB8EF11EDA9B341DAF1222468/PW7ZBQN8g8VzeAsMzccNXYzvA4s.mft
rsync://rpki.afrinic.net/repository/afrinic/PW7ZBQN8g8VzeAsMzccNXYzvA4s.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Wed 04 Mar 2026 00:07:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1194 (0x4aa)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36886B3AF, serialNumber=3D6ED905037C83C573780B0CCDC70D5D8CEF038B
Validity
Not Before: Mar 2 14:36:41 2026 GMT
Not After : Mar 2 14:36:41 2030 GMT
Subject: CN=69a5a07d-0a25
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:c2:51:3d:76:0f:8c:38:f6:88:01:30:b8:cd:
5e:03:d0:86:34:d3:1c:cd:3b:d3:71:5f:2d:cb:f2:
7d:8a:13:63:98:e7:db:88:0e:3a:63:1a:b7:13:b2:
48:ea:1f:9a:cd:50:c1:7f:13:50:c5:ec:b6:f6:e7:
ce:6c:45:a4:dc:d1:97:f6:ae:17:d2:9b:4d:05:0c:
71:c2:53:27:0a:01:3b:83:08:88:f2:a2:74:94:93:
77:de:61:0c:1b:14:06:21:75:55:4f:bd:fc:e3:86:
1a:20:76:fb:3a:fc:40:a1:3e:10:01:e3:f7:a9:5f:
85:dd:54:c7:14:16:bd:59:6b:7f:a5:d2:79:6b:36:
77:e7:a2:43:bb:11:68:eb:e5:aa:f8:a4:d8:1e:79:
d8:92:f2:00:1c:90:bd:41:bc:b5:8a:5f:a9:32:d9:
e7:cb:5c:67:93:fe:ef:28:ff:a9:45:d5:87:9d:5a:
7c:6b:f2:7d:47:f4:ae:7e:ac:85:28:27:cc:c0:17:
51:d0:cc:b0:81:99:31:81:bc:3c:29:bd:67:22:8b:
2f:96:cb:84:db:1d:40:a6:f4:e1:3c:eb:39:6e:9b:
9f:45:06:cb:81:b0:01:2d:fa:7d:99:27:8b:86:8e:
37:2d:c3:f4:68:12:32:80:d4:fc:32:a8:65:d9:12:
33:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:C4:1C:56:D8:AF:5A:06:4D:CE:0F:51:68:B6:7C:36:14:EC:02:60
X509v3 Authority Key Identifier:
keyid:3D:6E:D9:05:03:7C:83:C5:73:78:0B:0C:CD:C7:0D:5D:8C:EF:03:8B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36886B3/3535CA1AB8EF11EDA9B341DAF1222468/PW7ZBQN8g8VzeAsMzccNXYzvA4s.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/PW7ZBQN8g8VzeAsMzccNXYzvA4s.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36886B3/3535CA1AB8EF11EDA9B341DAF1222468/3CBEB5CE164511F1A59262E5DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
197.234.96.0/21
Signature Algorithm: sha256WithRSAEncryption
65:a1:00:8b:7c:1c:52:a5:ec:fe:4f:48:af:af:a9:b9:52:4d:
20:3e:eb:d9:2e:b9:e0:4b:91:58:f3:05:9d:04:29:fa:64:b2:
68:78:11:f7:1c:6c:53:4b:e6:b1:c0:21:00:72:52:56:c9:f3:
da:ac:5f:90:5c:69:eb:23:5d:c4:f3:10:c5:bb:5c:13:be:85:
89:a7:b6:3c:45:a5:8b:71:ef:76:09:83:45:39:d8:63:97:b9:
bf:91:7a:89:a9:ae:6a:af:57:58:95:e4:cd:25:46:25:39:a7:
e5:ac:ec:c5:98:c2:8b:11:13:1b:e6:70:95:cb:81:f3:bf:ff:
01:ac:95:91:f5:17:75:da:fb:86:79:83:e0:a2:78:9b:3f:15:
8c:0d:63:0f:55:5b:ce:5c:77:98:aa:cf:ab:d4:ca:de:09:46:
ba:f5:13:75:89:80:37:71:53:fa:c9:6b:c6:c9:66:3d:14:70:
5d:5f:3a:75:70:28:40:65:a7:4c:d9:b0:87:20:af:56:08:28:
9e:e1:2c:24:95:da:9b:f5:00:97:35:71:ef:3c:bd:7f:ae:22:
b7:bc:0d:e0:87:3e:3c:7c:19:34:0e:84:09:2d:f4:3a:3a:51:
de:86:fd:7f:2a:7c:ea:34:fc:68:98:15:01:b2:f5:50:29:3b:
d4:e3:f2:ca
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICBKowDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
ODg2QjNBRjExMC8GA1UEBRMoM0Q2RUQ5MDUwMzdDODNDNTczNzgwQjBDQ0RDNzBE
NUQ4Q0VGMDM4QjAeFw0yNjAzMDIxNDM2NDFaFw0zMDAzMDIxNDM2NDFaMBgxFjAU
BgNVBAMTDTY5YTVhMDdkLTBhMjUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDiwlE9dg+MOPaIATC4zV4D0IY00xzNO9NxXy3L8n2KE2OY59uIDjpjGrcT
skjqH5rNUMF/E1DF7Lb2585sRaTc0Zf2rhfSm00FDHHCUycKATuDCIjyonSUk3fe
YQwbFAYhdVVPvfzjhhogdvs6/EChPhAB4/epX4XdVMcUFr1Za3+l0nlrNnfnokO7
EWjr5ar4pNgeediS8gAckL1BvLWKX6ky2efLXGeT/u8o/6lF1YedWnxr8n1H9K5+
rIUoJ8zAF1HQzLCBmTGBvDwpvWciiy+Wy4TbHUCm9OE86zlum59FBsuBsAEt+n2Z
J4uGjjctw/RoEjKA1PwyqGXZEjPbAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUwcQc
VtivWgZNzg9RaLZ8NhTsAmAwHwYDVR0jBBgwFoAUPW7ZBQN8g8VzeAsMzccNXYzv
A4swDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjg4NkIzLzM1MzVDQTFBQjhFRjExRURBOUIzNDFEQUYxMjIyNDY4L1BXN1pC
UU44ZzhWemVBc016Y2NOWFl6dkE0cy5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL1BXN1pCUU44ZzhWemVBc016Y2NOWFl6dkE0cy5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjg4NkIzLzM1MzVDQTFBQjhFRjExRURBOUIzNDFEQUYx
MjIyNDY4LzNDQkVCNUNFMTY0NTExRjFBNTkyNjJFNURBRTRFQzlDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAPF6mAwDQYJKoZIhvcNAQEL
BQADggEBAGWhAIt8HFKl7P5PSK+vqblSTSA+69kuueBLkVjzBZ0EKfpksmh4Efcc
bFNL5rHAIQByUlbJ89qsX5BcaesjXcTzEMW7XBO+hYmntjxFpYtx73YJg0U52GOX
ub+ReomprmqvV1iV5M0lRiU5p+Ws7MWYwosRExvmcJXLgfO//wGslZH1F3Xa+4Z5
g+CieJs/FYwNYw9VW85cd5iqz6vUyt4JRrr1E3WJgDdxU/rJa8bJZj0UcF1fOnVw
KEBlp0zZsIcgr1YIKJ7hLCSV2pv1AJc1ce88vX+uIre8DeCHPjx8GTQOhAkt9Do6
Ud6G/X8qfOo0/GiYFQGy9VApO9Tj8so=
-----END CERTIFICATE-----
Generated at Tue Mar 3 01:50:01 2026 by rpki-client