Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36886B3/5A411F9EB8EF11EDA5B09DDAF1222468/DFD2B32A164811F1831AF77BDAE4EC9C.roa
File: DFD2B32A164811F1831AF77BDAE4EC9C.roa (raw, json)
Hash identifier: x3mxEyaa11oMqg1KAkOGBWsSUvRy6oN81BPBKnojwr0=
Subject key identifier: 9C:2A:42:59:80:23:1A:CE:9E:AB:05:FC:40:06:70:9D:59:66:54:77
Certificate issuer: /CN=F36886B3AR/serialNumber=D9C0B233ACB063543574D3F5F327BEB8B2B99118
Certificate serial: 04BA
Authority key identifier: D9:C0:B2:33:AC:B0:63:54:35:74:D3:F5:F3:27:BE:B8:B2:B9:91:18
Authority info access: rsync://rpki.afrinic.net/repository/arin/2cCyM6ywY1Q1dNP18ye-uLK5kRg.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36886B3/5A411F9EB8EF11EDA5B09DDAF1222468/DFD2B32A164811F1831AF77BDAE4EC9C.roa
Signing time: Mon 02 Mar 2026 15:02:47 +0000
ROA not before: Mon 02 Mar 2026 15:02:43 +0000
ROA not after: Sat 02 Mar 2030 15:02:43 +0000
asID: 33763
IP address blocks: 160.242.96.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36886B3/5A411F9EB8EF11EDA5B09DDAF1222468/2cCyM6ywY1Q1dNP18ye-uLK5kRg.crl
rsync://rpki.afrinic.net/repository/member_repository/F36886B3/5A411F9EB8EF11EDA5B09DDAF1222468/2cCyM6ywY1Q1dNP18ye-uLK5kRg.mft
rsync://rpki.afrinic.net/repository/arin/2cCyM6ywY1Q1dNP18ye-uLK5kRg.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Wed 04 Mar 2026 00:26:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1210 (0x4ba)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36886B3AR, serialNumber=D9C0B233ACB063543574D3F5F327BEB8B2B99118
Validity
Not Before: Mar 2 15:02:43 2026 GMT
Not After : Mar 2 15:02:43 2030 GMT
Subject: CN=69a5a697-40a3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:d4:87:93:42:b9:e1:f1:03:a5:a4:f6:08:df:
7f:6b:5a:e1:79:5e:d3:05:6a:47:3a:63:03:2d:09:
4f:d5:3d:59:61:ff:e8:a2:54:35:c2:5a:fc:fd:9d:
ca:50:f5:d2:42:f5:0c:bb:bf:3f:90:39:8f:3b:c2:
fd:8f:40:ac:c4:dc:9e:24:b7:66:33:59:98:7c:fe:
b0:94:a1:9a:f5:be:61:8c:a3:2d:97:65:9c:09:7d:
75:9e:5e:3e:58:52:42:d8:11:74:fd:bd:dc:4b:84:
d1:49:cd:24:57:ac:7c:b6:41:9a:5c:04:c5:fc:89:
c8:af:79:7f:ba:43:14:e3:d2:ac:46:36:de:c4:2b:
61:b4:c5:5b:10:a7:2d:05:14:c7:ab:83:91:6c:17:
17:2a:92:93:09:a7:06:a8:2f:fb:ae:66:b5:01:cf:
87:82:6c:6c:81:a3:de:9c:21:0f:b0:f7:f8:bf:86:
8d:94:a8:b3:7b:a8:87:2e:01:58:84:39:12:86:ae:
39:8d:60:d3:3d:25:21:42:70:21:07:96:2e:65:90:
65:7c:ae:f0:33:fc:36:c1:f3:b9:be:3e:fe:b8:e4:
12:4d:0e:0f:03:4e:23:54:8f:0c:54:b8:76:b5:89:
2b:34:55:8c:48:e2:ed:01:c0:25:67:46:be:13:b6:
b2:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:2A:42:59:80:23:1A:CE:9E:AB:05:FC:40:06:70:9D:59:66:54:77
X509v3 Authority Key Identifier:
keyid:D9:C0:B2:33:AC:B0:63:54:35:74:D3:F5:F3:27:BE:B8:B2:B9:91:18
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36886B3/5A411F9EB8EF11EDA5B09DDAF1222468/2cCyM6ywY1Q1dNP18ye-uLK5kRg.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/2cCyM6ywY1Q1dNP18ye-uLK5kRg.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36886B3/5A411F9EB8EF11EDA5B09DDAF1222468/DFD2B32A164811F1831AF77BDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
160.242.96.0/21
Signature Algorithm: sha256WithRSAEncryption
22:a4:2f:44:6b:9d:29:36:c0:3c:bc:af:de:90:08:14:c3:a8:
e1:a8:56:28:aa:11:0f:58:85:25:d3:e1:97:f3:25:07:d2:8f:
45:00:e9:d0:1a:61:aa:95:73:bd:8f:b2:1e:d4:1f:e7:3b:36:
6e:b5:4a:02:3d:db:51:e3:b7:d4:af:92:80:9e:a9:80:ab:66:
7f:25:db:86:17:cb:b8:9f:c8:7c:9e:83:a9:33:8d:fc:3c:9d:
b9:fd:8c:8e:d0:22:36:b8:b0:84:dc:11:c4:5b:13:ca:e4:ed:
ea:a0:d9:08:cb:42:31:cb:59:a2:1a:f3:f5:8a:41:6f:df:40:
a0:35:13:5a:af:5e:9b:2f:2a:a1:93:f7:ac:69:f7:ea:d7:2d:
07:59:10:66:59:27:bb:1b:9b:8b:56:5e:d0:43:ac:55:c2:db:
06:ac:27:33:a1:b1:cf:e8:bb:1a:83:dc:d3:90:34:86:48:96:
2d:ae:82:68:dd:61:9a:4f:bd:72:77:be:e0:41:cc:94:5c:79:
af:ea:85:e0:2b:91:83:ec:0f:70:bc:c8:e0:09:18:ff:43:c8:
28:95:f8:18:35:75:20:56:06:69:86:c1:76:85:88:4b:71:3b:
65:aa:ed:93:fc:c8:ab:e7:17:22:05:25:0b:0d:17:21:bb:7d:
b8:2f:12:7a
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICBLowDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
ODg2QjNBUjExMC8GA1UEBRMoRDlDMEIyMzNBQ0IwNjM1NDM1NzREM0Y1RjMyN0JF
QjhCMkI5OTExODAeFw0yNjAzMDIxNTAyNDNaFw0zMDAzMDIxNTAyNDNaMBgxFjAU
BgNVBAMTDTY5YTVhNjk3LTQwYTMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQC21IeTQrnh8QOlpPYI339rWuF5XtMFakc6YwMtCU/VPVlh/+iiVDXCWvz9
ncpQ9dJC9Qy7vz+QOY87wv2PQKzE3J4kt2YzWZh8/rCUoZr1vmGMoy2XZZwJfXWe
Xj5YUkLYEXT9vdxLhNFJzSRXrHy2QZpcBMX8iciveX+6QxTj0qxGNt7EK2G0xVsQ
py0FFMerg5FsFxcqkpMJpwaoL/uuZrUBz4eCbGyBo96cIQ+w9/i/ho2UqLN7qIcu
AViEORKGrjmNYNM9JSFCcCEHli5lkGV8rvAz/DbB87m+Pv645BJNDg8DTiNUjwxU
uHa1iSs0VYxI4u0BwCVnRr4TtrJrAgMBAAGjggKiMIICnjAdBgNVHQ4EFgQUnCpC
WYAjGs6eqwX8QAZwnVlmVHcwHwYDVR0jBBgwFoAU2cCyM6ywY1Q1dNP18ye+uLK5
kRgwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjg4NkIzLzVBNDExRjlFQjhFRjExRURBNUIwOUREQUYxMjIyNDY4LzJjQ3lN
Nnl3WTFRMWROUDE4eWUtdUxLNWtSZy5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hcmlu
LzJjQ3lNNnl3WTFRMWROUDE4eWUtdUxLNWtSZy5jZXIwTwYDVR0gAQH/BEUwQzBB
BggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5pYy5u
ZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEFBQcw
C4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9y
ZXBvc2l0b3J5L0YzNjg4NkIzLzVBNDExRjlFQjhFRjExRURBNUIwOUREQUYxMjIy
NDY4L0RGRDJCMzJBMTY0ODExRjE4MzFBRjc3QkRBRTRFQzlDLnJvYTA1BggrBgEF
BQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54bWww
HwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAOg8mAwDQYJKoZIhvcNAQELBQAD
ggEBACKkL0RrnSk2wDy8r96QCBTDqOGoViiqEQ9YhSXT4ZfzJQfSj0UA6dAaYaqV
c72Psh7UH+c7Nm61SgI921Hjt9SvkoCeqYCrZn8l24YXy7ifyHyeg6kzjfw8nbn9
jI7QIja4sITcEcRbE8rk7eqg2QjLQjHLWaIa8/WKQW/fQKA1E1qvXpsvKqGT96xp
9+rXLQdZEGZZJ7sbm4tWXtBDrFXC2wasJzOhsc/ouxqD3NOQNIZIli2ugmjdYZpP
vXJ3vuBBzJRcea/qheArkYPsD3C8yOAJGP9DyCiV+Bg1dSBWBmmGwXaFiEtxO2Wq
7ZP8yKvnFyIFJQsNFyG7fbgvEno=
-----END CERTIFICATE-----
Generated at Tue Mar 3 01:49:24 2026 by rpki-client