Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368B126/3678BC0660EA11F1865AE3BCCE1D38B0/BFDD710260EB11F1BC4C59C5CE1D38B0.roa
File: BFDD710260EB11F1BC4C59C5CE1D38B0.roa (raw, json)
Hash identifier: nzHijC1btPOPq+rhPk1w9tV6+iAigyizeq9RqiGh1EI=
Subject key identifier: 8B:3C:57:BA:09:4B:CB:E0:FA:12:D5:CA:FE:ED:68:20:DF:84:12:60
Certificate issuer: /CN=F368B126AF/serialNumber=E043CC711426DE19A0D6144CBEB293DE79B38279
Certificate serial: 02
Authority key identifier: E0:43:CC:71:14:26:DE:19:A0:D6:14:4C:BE:B2:93:DE:79:B3:82:79
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/4EPMcRQm3hmg1hRMvrKT3nmzgnk.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368B126/3678BC0660EA11F1865AE3BCCE1D38B0/BFDD710260EB11F1BC4C59C5CE1D38B0.roa
Signing time: Fri 05 Jun 2026 14:35:08 +0000
ROA not before: Fri 05 Jun 2026 14:35:03 +0000
ROA not after: Wed 31 Mar 2027 14:35:03 +0000
asID: 329709
IP address blocks: 102.204.100.0/22 maxlen: 22
2c0f:4720::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368B126/3678BC0660EA11F1865AE3BCCE1D38B0/4EPMcRQm3hmg1hRMvrKT3nmzgnk.crl
rsync://rpki.afrinic.net/repository/member_repository/F368B126/3678BC0660EA11F1865AE3BCCE1D38B0/4EPMcRQm3hmg1hRMvrKT3nmzgnk.mft
rsync://rpki.afrinic.net/repository/afrinic/4EPMcRQm3hmg1hRMvrKT3nmzgnk.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 15 Jun 2026 05:39:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368B126AF, serialNumber=E043CC711426DE19A0D6144CBEB293DE79B38279
Validity
Not Before: Jun 5 14:35:03 2026 GMT
Not After : Mar 31 14:35:03 2027 GMT
Subject: CN=6a22de9c-a935
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:96:d2:15:5d:d7:ed:93:0e:d6:39:5f:6a:c2:
21:7c:c9:5f:70:dd:8b:09:ca:f9:c6:a1:22:dd:50:
49:f6:26:84:30:42:0b:e2:d3:91:98:f2:f8:24:38:
a7:fe:ee:8c:ff:3f:ef:6c:9e:29:cd:8e:38:de:39:
f5:00:7c:2e:67:55:8e:33:f7:ef:7f:66:b0:e5:ba:
7c:da:f5:79:15:de:f9:ba:cd:ee:a8:2c:31:99:46:
19:14:88:05:ae:5d:d8:76:66:d8:bb:b6:55:11:7a:
d3:7e:00:d1:e2:36:bd:08:0a:d2:9d:8b:7a:c0:a2:
81:ac:62:a0:56:91:ae:9f:65:73:e8:a1:d4:92:23:
6f:86:19:52:36:b7:08:b2:ae:40:14:5b:a1:f7:18:
bb:f5:28:a6:7a:58:41:4e:69:61:e6:fd:9c:fe:d7:
1c:f7:f9:51:f4:2e:55:a1:56:ae:1c:f9:ac:bf:36:
c6:39:2b:06:03:cd:f7:a8:49:61:6a:39:ff:c4:0d:
07:ee:07:83:27:e4:9e:46:dd:80:06:29:af:2b:1b:
b2:52:9c:d0:63:eb:6b:da:dd:dd:49:4a:00:c0:9e:
78:06:19:ee:1f:c0:5a:22:cd:79:2a:0f:b7:d7:b9:
1c:c2:74:a9:f1:cd:1e:f0:8e:1b:26:2e:e5:1e:85:
45:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:3C:57:BA:09:4B:CB:E0:FA:12:D5:CA:FE:ED:68:20:DF:84:12:60
X509v3 Authority Key Identifier:
keyid:E0:43:CC:71:14:26:DE:19:A0:D6:14:4C:BE:B2:93:DE:79:B3:82:79
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368B126/3678BC0660EA11F1865AE3BCCE1D38B0/4EPMcRQm3hmg1hRMvrKT3nmzgnk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/4EPMcRQm3hmg1hRMvrKT3nmzgnk.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368B126/3678BC0660EA11F1865AE3BCCE1D38B0/BFDD710260EB11F1BC4C59C5CE1D38B0.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.204.100.0/22
IPv6:
2c0f:4720::/32
Signature Algorithm: sha256WithRSAEncryption
9d:76:19:76:33:c7:fa:05:9d:c8:69:96:fb:03:c4:ed:36:2e:
de:eb:56:54:63:e6:51:f8:b5:9b:83:73:77:15:42:c0:0c:1f:
95:96:36:d8:ff:a5:2c:1c:bc:50:6e:5d:85:eb:ac:46:2e:c2:
20:db:a9:2b:75:96:fe:08:4c:c1:98:d2:89:d5:d6:82:d1:9d:
f9:fb:25:a1:ca:b5:d5:e9:69:a8:c9:04:6f:4e:fe:d0:2c:30:
cf:96:6d:5d:6f:2a:d6:d6:7a:4c:c1:f1:68:f9:14:ee:87:2a:
ce:09:a9:ae:f2:55:28:fa:30:78:52:6e:df:5c:fb:11:e2:a3:
70:34:a6:e0:03:77:24:30:89:d4:6b:db:b9:04:27:50:d9:20:
58:b1:bf:03:4e:a0:1a:33:d7:58:25:8c:51:0b:02:47:66:4e:
94:65:83:25:66:94:de:d5:9f:3d:87:3e:01:f1:fc:f8:7e:72:
17:8e:0e:61:bf:14:c9:3d:94:9a:75:8a:83:be:d5:97:3d:b1:
23:46:07:da:1c:e6:6a:45:92:40:88:08:68:4b:a2:a6:8f:b2:
91:64:55:24:b4:10:c8:09:4d:8c:24:4f:fa:e0:a4:c6:c6:6e:
3a:47:ff:4f:19:6b:b2:73:81:36:b1:24:64:e5:e2:f4:80:ab:
62:38:8e:30
-----BEGIN CERTIFICATE-----
MIIFkTCCBHmgAwIBAgIBAjANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzY4
QjEyNkFGMTEwLwYDVQQFEyhFMDQzQ0M3MTE0MjZERTE5QTBENjE0NENCRUIyOTNE
RTc5QjM4Mjc5MB4XDTI2MDYwNTE0MzUwM1oXDTI3MDMzMTE0MzUwM1owGDEWMBQG
A1UEAxMNNmEyMmRlOWMtYTkzNTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMSW0hVd1+2TDtY5X2rCIXzJX3DdiwnK+cahIt1QSfYmhDBCC+LTkZjy+CQ4
p/7ujP8/72yeKc2OON459QB8LmdVjjP3739msOW6fNr1eRXe+brN7qgsMZlGGRSI
Ba5d2HZm2Lu2VRF6034A0eI2vQgK0p2LesCigaxioFaRrp9lc+ih1JIjb4YZUja3
CLKuQBRbofcYu/UopnpYQU5pYeb9nP7XHPf5UfQuVaFWrhz5rL82xjkrBgPN96hJ
YWo5/8QNB+4HgyfknkbdgAYprysbslKc0GPra9rd3UlKAMCeeAYZ7h/AWiLNeSoP
t9e5HMJ0qfHNHvCOGyYu5R6FRZcCAwEAAaOCArQwggKwMB0GA1UdDgQWBBSLPFe6
CUvL4PoS1cr+7Wgg34QSYDAfBgNVHSMEGDAWgBTgQ8xxFCbeGaDWFEy+spPeebOC
eTAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2OEIxMjYvMzY3OEJDMDY2MEVBMTFGMTg2NUFFM0JDQ0UxRDM4QjAvNEVQTWNS
UW0zaG1nMWhSTXZyS1Qzbm16Z25rLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvNEVQTWNSUW0zaG1nMWhSTXZyS1Qzbm16Z25rLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2OEIxMjYvMzY3OEJDMDY2MEVBMTFGMTg2NUFFM0JDQ0Ux
RDM4QjAvQkZERDcxMDI2MEVCMTFGMUJDNEM1OUM1Q0UxRDM4QjAucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAuBggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEAmbMZDANBAIAAjAHAwUALA9H
IDANBgkqhkiG9w0BAQsFAAOCAQEAnXYZdjPH+gWdyGmW+wPE7TYu3utWVGPmUfi1
m4NzdxVCwAwflZY22P+lLBy8UG5dheusRi7CINupK3WW/ghMwZjSidXWgtGd+fsl
ocq11elpqMkEb07+0Cwwz5ZtXW8q1tZ6TMHxaPkU7ocqzgmprvJVKPoweFJu31z7
EeKjcDSm4AN3JDCJ1GvbuQQnUNkgWLG/A06gGjPXWCWMUQsCR2ZOlGWDJWaU3tWf
PYc+AfH8+H5yF44OYb8UyT2UmnWKg77Vlz2xI0YH2hzmakWSQIgIaEuipo+ykWRV
JLQQyAlNjCRP+uCkxsZuOkf/TxlrsnOBNrEkZOXi9ICrYjiOMA==
-----END CERTIFICATE-----
Generated at Sun Jun 14 02:44:42 2026 by rpki-client