Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368EFA9/8124FF2C63DC11F1B03DA0AFCE1D38B0/3FEDDEF663DD11F190C6BEB3CE1D38B0.roa
File: 3FEDDEF663DD11F190C6BEB3CE1D38B0.roa (raw, json)
Hash identifier: 3xvDuGuPm+PDeZR/Wm7c96ujoWhROffy2SCsDzfKouA=
Subject key identifier: D7:D7:4D:A0:BC:F7:07:91:8F:08:CA:0E:12:91:5C:0F:64:68:88:37
Certificate issuer: /CN=F368EFA9AF/serialNumber=16CE53FBBF95B55E291E23A1FDCA437B66A584D0
Certificate serial: 02
Authority key identifier: 16:CE:53:FB:BF:95:B5:5E:29:1E:23:A1:FD:CA:43:7B:66:A5:84:D0
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/Fs5T-7-VtV4pHiOh_cpDe2alhNA.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368EFA9/8124FF2C63DC11F1B03DA0AFCE1D38B0/3FEDDEF663DD11F190C6BEB3CE1D38B0.roa
Signing time: Tue 09 Jun 2026 08:28:54 +0000
ROA not before: Tue 09 Jun 2026 08:28:49 +0000
ROA not after: Wed 09 Jun 2027 08:28:49 +0000
asID: 329759
IP address blocks: 102.202.64.0/23 maxlen: 24
2c0f:4ea0::/32 maxlen: 41
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368EFA9/8124FF2C63DC11F1B03DA0AFCE1D38B0/Fs5T-7-VtV4pHiOh_cpDe2alhNA.crl
rsync://rpki.afrinic.net/repository/member_repository/F368EFA9/8124FF2C63DC11F1B03DA0AFCE1D38B0/Fs5T-7-VtV4pHiOh_cpDe2alhNA.mft
rsync://rpki.afrinic.net/repository/afrinic/Fs5T-7-VtV4pHiOh_cpDe2alhNA.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 15 Jun 2026 00:07:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368EFA9AF, serialNumber=16CE53FBBF95B55E291E23A1FDCA437B66A584D0
Validity
Not Before: Jun 9 08:28:49 2026 GMT
Not After : Jun 9 08:28:49 2027 GMT
Subject: CN=6a27cec6-a9f6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:ef:53:60:6d:99:f9:af:e2:1b:56:7f:dc:3d:
7c:8f:ff:dc:9c:2d:30:1a:25:35:04:37:b4:33:b3:
ce:ba:59:0f:df:93:9d:4c:96:7d:11:d1:87:fe:7b:
d0:8e:8c:00:aa:33:5b:6e:1d:e8:bd:b7:94:e7:19:
02:73:05:d2:95:98:0a:de:e7:08:5c:a6:97:4d:f9:
73:bd:99:71:01:b2:df:eb:21:4d:e4:59:a2:10:06:
94:cd:8f:51:9a:ca:7f:20:59:32:31:5d:fc:4f:12:
51:23:dd:e3:12:e1:2b:40:55:33:9f:ad:2e:42:f4:
e7:48:06:08:83:79:62:14:ae:f9:d3:b6:bc:46:65:
48:1d:ad:12:3d:fe:96:c0:2c:38:cf:72:18:43:1b:
93:3c:df:d1:59:54:8c:93:d3:28:14:dd:63:b6:fb:
51:ff:51:45:d0:b6:de:2e:d4:64:6c:5d:8c:47:17:
16:37:e8:e7:33:d2:15:6f:47:93:d9:9c:41:db:a7:
99:06:a0:71:22:82:0f:57:a9:a6:ef:b3:d1:dc:55:
73:ce:bb:8c:e5:30:10:5b:f3:53:8e:af:30:66:18:
3d:a2:78:5d:ad:56:5f:dc:55:d6:95:3a:34:f0:20:
26:3b:45:79:36:88:48:6a:13:e9:18:9f:49:49:96:
a3:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:D7:4D:A0:BC:F7:07:91:8F:08:CA:0E:12:91:5C:0F:64:68:88:37
X509v3 Authority Key Identifier:
keyid:16:CE:53:FB:BF:95:B5:5E:29:1E:23:A1:FD:CA:43:7B:66:A5:84:D0
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368EFA9/8124FF2C63DC11F1B03DA0AFCE1D38B0/Fs5T-7-VtV4pHiOh_cpDe2alhNA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/Fs5T-7-VtV4pHiOh_cpDe2alhNA.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368EFA9/8124FF2C63DC11F1B03DA0AFCE1D38B0/3FEDDEF663DD11F190C6BEB3CE1D38B0.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.202.64.0/23
IPv6:
2c0f:4ea0::/32
Signature Algorithm: sha256WithRSAEncryption
a2:64:74:a5:10:6b:81:60:f0:fa:de:ea:98:65:18:6a:68:e1:
14:64:6b:04:13:72:0e:1e:9e:79:69:aa:c4:1b:ee:96:d5:37:
98:96:a5:35:4f:ef:66:31:c2:e0:1e:9e:3d:57:8d:46:62:c3:
14:57:cf:b5:0a:84:aa:ce:f5:40:09:01:46:6e:09:f7:9d:9b:
97:4e:df:2c:ee:cb:d0:14:c3:d7:8e:20:6b:64:0c:63:a3:a2:
19:b6:b2:0b:37:0d:e2:c3:b9:2f:0e:9b:ff:0d:43:75:44:2d:
c6:77:dc:9b:b2:50:95:af:fd:b6:f7:2d:a6:30:b6:3c:38:42:
0a:05:00:e7:0a:10:1e:07:d7:2c:dc:06:a3:b4:21:4e:22:44:
57:7b:c2:e3:e6:f5:35:cd:de:ce:23:2b:c8:7b:93:de:b7:8a:
95:a0:05:de:24:10:f3:d6:9b:a2:1f:96:20:37:6e:1f:cf:77:
c4:ee:bf:31:a3:f4:a8:b8:75:d1:97:1d:01:a1:58:a5:67:00:
73:73:f2:78:65:3b:78:7b:e0:ed:54:54:48:67:63:46:c0:5b:
3b:e5:26:22:f2:a1:24:90:4d:78:da:fe:e9:a2:20:fa:09:e5:
18:de:fe:f7:f7:6f:19:b2:26:fd:63:28:4e:06:41:82:ac:9a:
d4:23:c6:81
-----BEGIN CERTIFICATE-----
MIIFkTCCBHmgAwIBAgIBAjANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzY4
RUZBOUFGMTEwLwYDVQQFEygxNkNFNTNGQkJGOTVCNTVFMjkxRTIzQTFGRENBNDM3
QjY2QTU4NEQwMB4XDTI2MDYwOTA4Mjg0OVoXDTI3MDYwOTA4Mjg0OVowGDEWMBQG
A1UEAxMNNmEyN2NlYzYtYTlmNjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAM7vU2Btmfmv4htWf9w9fI//3JwtMBolNQQ3tDOzzrpZD9+TnUyWfRHRh/57
0I6MAKozW24d6L23lOcZAnMF0pWYCt7nCFyml035c72ZcQGy3+shTeRZohAGlM2P
UZrKfyBZMjFd/E8SUSPd4xLhK0BVM5+tLkL050gGCIN5YhSu+dO2vEZlSB2tEj3+
lsAsOM9yGEMbkzzf0VlUjJPTKBTdY7b7Uf9RRdC23i7UZGxdjEcXFjfo5zPSFW9H
k9mcQdunmQagcSKCD1eppu+z0dxVc867jOUwEFvzU46vMGYYPaJ4Xa1WX9xV1pU6
NPAgJjtFeTaISGoT6RifSUmWo4UCAwEAAaOCArQwggKwMB0GA1UdDgQWBBTX102g
vPcHkY8Iyg4SkVwPZGiINzAfBgNVHSMEGDAWgBQWzlP7v5W1XikeI6H9ykN7ZqWE
0DAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2OEVGQTkvODEyNEZGMkM2M0RDMTFGMUIwM0RBMEFGQ0UxRDM4QjAvRnM1VC03
LVZ0VjRwSGlPaF9jcERlMmFsaE5BLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvRnM1VC03LVZ0VjRwSGlPaF9jcERlMmFsaE5BLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2OEVGQTkvODEyNEZGMkM2M0RDMTFGMUIwM0RBMEFGQ0Ux
RDM4QjAvM0ZFRERFRjY2M0REMTFGMTkwQzZCRUIzQ0UxRDM4QjAucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAuBggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEAWbKQDANBAIAAjAHAwUALA9O
oDANBgkqhkiG9w0BAQsFAAOCAQEAomR0pRBrgWDw+t7qmGUYamjhFGRrBBNyDh6e
eWmqxBvultU3mJalNU/vZjHC4B6ePVeNRmLDFFfPtQqEqs71QAkBRm4J952bl07f
LO7L0BTD144ga2QMY6OiGbayCzcN4sO5Lw6b/w1DdUQtxnfcm7JQla/9tvctpjC2
PDhCCgUA5woQHgfXLNwGo7QhTiJEV3vC4+b1Nc3eziMryHuT3reKlaAF3iQQ89ab
oh+WIDduH893xO6/MaP0qLh10ZcdAaFYpWcAc3PyeGU7eHvg7VRUSGdjRsBbO+Um
IvKhJJBNeNr+6aIg+gnlGN7+9/dvGbIm/WMoTgZBgqya1CPGgQ==
-----END CERTIFICATE-----
Generated at Sat Jun 13 15:16:13 2026 by rpki-client