Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368D59F/CF10B148324211F18586228DDAE4EC9C/CDA23108324A11F1B60EAEB9DAE4EC9C.roa
File: CDA23108324A11F1B60EAEB9DAE4EC9C.roa (raw, json)
Hash identifier: cE1RonJWQjRj/5iPA//z9En6WXcsSeuTNBdrevPeLx8=
Subject key identifier: 63:06:D5:91:D2:A9:EA:58:76:D8:1C:89:8F:1F:55:13:2A:22:6F:9B
Certificate issuer: /CN=F368D59FAF/serialNumber=074068F0BC1D7F6C65AF5E5202E22110D6857A59
Certificate serial: 02
Authority key identifier: 07:40:68:F0:BC:1D:7F:6C:65:AF:5E:52:02:E2:21:10:D6:85:7A:59
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/B0Bo8Lwdf2xlr15SAuIhENaFelk.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368D59F/CF10B148324211F18586228DDAE4EC9C/CDA23108324A11F1B60EAEB9DAE4EC9C.roa
Signing time: Tue 07 Apr 2026 06:27:09 +0000
ROA not before: Tue 07 Apr 2026 06:27:04 +0000
ROA not after: Sun 06 Apr 2036 06:27:04 +0000
asID: 328361
IP address blocks: 102.131.20.0/22 maxlen: 24
2c0f:e9d0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368D59F/CF10B148324211F18586228DDAE4EC9C/B0Bo8Lwdf2xlr15SAuIhENaFelk.crl
rsync://rpki.afrinic.net/repository/member_repository/F368D59F/CF10B148324211F18586228DDAE4EC9C/B0Bo8Lwdf2xlr15SAuIhENaFelk.mft
rsync://rpki.afrinic.net/repository/afrinic/B0Bo8Lwdf2xlr15SAuIhENaFelk.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 19 Apr 2026 05:30:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368D59FAF, serialNumber=074068F0BC1D7F6C65AF5E5202E22110D6857A59
Validity
Not Before: Apr 7 06:27:04 2026 GMT
Not After : Apr 6 06:27:04 2036 GMT
Subject: CN=69d4a3bd-b4a4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:36:0f:08:6f:9a:ae:f3:c4:89:16:81:f7:3b:
b7:e1:21:e9:15:b7:32:a1:5c:9e:65:eb:39:05:6a:
cc:b6:dc:13:eb:82:85:ea:11:47:0a:85:19:4a:4b:
6a:bb:16:b6:3f:05:5f:67:cd:f7:b5:2a:77:79:77:
3c:59:5b:48:3e:b7:bf:03:9c:1c:ba:73:07:2a:79:
1e:c2:56:e5:5d:5f:b3:b3:a0:1f:14:4c:61:5f:a7:
58:4c:21:24:f4:dc:39:a0:08:73:94:ea:07:ea:54:
e5:f0:59:d1:c1:03:49:8c:a5:52:89:f3:c6:db:3f:
e1:83:c3:d2:e8:d1:99:01:aa:42:d7:b1:37:a7:56:
ea:f4:0b:8b:44:96:49:80:00:04:9a:bd:9a:bc:b1:
dc:eb:0f:5c:f2:b5:84:3a:1c:25:89:2b:8d:59:8a:
02:28:56:e4:ec:15:e4:ae:1b:94:0c:bc:65:7a:52:
33:f9:9e:93:17:49:5c:cb:e0:b3:53:a1:1b:c5:89:
a3:55:80:db:39:00:91:88:3e:93:26:52:53:38:4f:
71:d3:a5:a6:71:28:be:43:0e:35:cc:be:27:8c:90:
e7:26:3a:a7:c5:6c:72:fb:33:7f:48:be:4d:f5:0a:
1a:36:87:44:68:b9:dd:93:37:c8:68:61:96:f8:78:
fd:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:06:D5:91:D2:A9:EA:58:76:D8:1C:89:8F:1F:55:13:2A:22:6F:9B
X509v3 Authority Key Identifier:
keyid:07:40:68:F0:BC:1D:7F:6C:65:AF:5E:52:02:E2:21:10:D6:85:7A:59
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368D59F/CF10B148324211F18586228DDAE4EC9C/B0Bo8Lwdf2xlr15SAuIhENaFelk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/B0Bo8Lwdf2xlr15SAuIhENaFelk.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368D59F/CF10B148324211F18586228DDAE4EC9C/CDA23108324A11F1B60EAEB9DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.131.20.0/22
IPv6:
2c0f:e9d0::/32
Signature Algorithm: sha256WithRSAEncryption
32:bc:85:48:9e:48:ab:bf:b4:0e:eb:74:88:d4:06:9a:5c:96:
f7:d9:f9:17:49:15:90:91:bc:2c:32:8e:73:c8:b1:68:e1:9d:
d2:53:2a:1b:bb:72:e5:9a:24:24:60:4e:8f:08:c9:d5:b0:94:
a4:40:f2:00:f9:bc:3c:ae:cd:6d:cf:8b:6c:98:22:8d:94:ae:
ac:3c:0a:06:52:40:5d:c5:74:d4:e8:c1:9f:5b:b4:2a:97:fe:
b4:17:1b:27:59:6e:cd:a3:0a:76:2f:98:11:b3:fc:09:a1:08:
b0:dd:27:ad:d2:42:00:5f:98:19:a1:4a:13:c4:b6:95:5a:a9:
57:64:7d:8e:7a:50:05:5d:28:f0:04:65:26:eb:1a:0c:e5:76:
24:9a:a0:4f:f1:a2:da:98:06:02:3c:6e:3c:9b:be:db:71:b4:
7f:b0:d4:eb:1a:6a:dd:6b:51:33:a8:11:cb:cc:4e:0b:8e:19:
5d:07:90:af:a9:81:78:c0:96:e4:1b:df:47:14:fe:76:6e:0f:
47:e2:58:b3:fe:d2:48:bb:d2:84:f7:3a:0e:bb:52:21:b7:b7:
a0:d3:9f:c3:b3:fd:92:12:25:e3:71:e2:ec:38:9a:45:57:2a:
2a:b0:16:22:35:7d:46:7b:0e:f5:73:c1:3b:a7:b4:bc:18:a0:
96:79:ef:f3
-----BEGIN CERTIFICATE-----
MIIFkTCCBHmgAwIBAgIBAjANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzY4
RDU5RkFGMTEwLwYDVQQFEygwNzQwNjhGMEJDMUQ3RjZDNjVBRjVFNTIwMkUyMjEx
MEQ2ODU3QTU5MB4XDTI2MDQwNzA2MjcwNFoXDTM2MDQwNjA2MjcwNFowGDEWMBQG
A1UEAxMNNjlkNGEzYmQtYjRhNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAM82Dwhvmq7zxIkWgfc7t+Eh6RW3MqFcnmXrOQVqzLbcE+uCheoRRwqFGUpL
arsWtj8FX2fN97Uqd3l3PFlbSD63vwOcHLpzByp5HsJW5V1fs7OgHxRMYV+nWEwh
JPTcOaAIc5TqB+pU5fBZ0cEDSYylUonzxts/4YPD0ujRmQGqQtexN6dW6vQLi0SW
SYAABJq9mryx3OsPXPK1hDocJYkrjVmKAihW5OwV5K4blAy8ZXpSM/mekxdJXMvg
s1OhG8WJo1WA2zkAkYg+kyZSUzhPcdOlpnEovkMONcy+J4yQ5yY6p8Vscvszf0i+
TfUKGjaHRGi53ZM3yGhhlvh4/dkCAwEAAaOCArQwggKwMB0GA1UdDgQWBBRjBtWR
0qnqWHbYHImPH1UTKiJvmzAfBgNVHSMEGDAWgBQHQGjwvB1/bGWvXlIC4iEQ1oV6
WTAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2OEQ1OUYvQ0YxMEIxNDgzMjQyMTFGMTg1ODYyMjhEREFFNEVDOUMvQjBCbzhM
d2RmMnhscjE1U0F1SWhFTmFGZWxrLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvQjBCbzhMd2RmMnhscjE1U0F1SWhFTmFGZWxrLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2OEQ1OUYvQ0YxMEIxNDgzMjQyMTFGMTg1ODYyMjhEREFF
NEVDOUMvQ0RBMjMxMDgzMjRBMTFGMUI2MEVBRUI5REFFNEVDOUMucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAuBggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEAmaDFDANBAIAAjAHAwUALA/p
0DANBgkqhkiG9w0BAQsFAAOCAQEAMryFSJ5Iq7+0Dut0iNQGmlyW99n5F0kVkJG8
LDKOc8ixaOGd0lMqG7ty5ZokJGBOjwjJ1bCUpEDyAPm8PK7Nbc+LbJgijZSurDwK
BlJAXcV01OjBn1u0Kpf+tBcbJ1luzaMKdi+YEbP8CaEIsN0nrdJCAF+YGaFKE8S2
lVqpV2R9jnpQBV0o8ARlJusaDOV2JJqgT/Gi2pgGAjxuPJu+23G0f7DU6xpq3WtR
M6gRy8xOC44ZXQeQr6mBeMCW5BvfRxT+dm4PR+JYs/7SSLvShPc6DrtSIbe3oNOf
w7P9khIl43Hi7DiaRVcqKrAWIjV9RnsO9XPBO6e0vBiglnnv8w==
-----END CERTIFICATE-----
Generated at Fri Apr 17 17:43:04 2026 by rpki-client