Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3693F0F/83B982CA5FF011F19DD36BD0CE1D38B0/AFCB87625FF711F1A8DA1BFCCE1D38B0.roa
File: AFCB87625FF711F1A8DA1BFCCE1D38B0.roa (raw, json)
Hash identifier: KNFgx4Y7qNd1DKcA9Cv6RjoV/HO1kZjxmkSRiG1PMU4=
Subject key identifier: BF:FA:25:E9:9B:79:48:66:BA:8F:54:59:E5:CF:78:3E:D8:2D:6B:34
Certificate issuer: /CN=F3693F0FAF/serialNumber=8DCDA51DEAE171423D37EFCF1BF26036C8FE534B
Certificate serial: 03
Authority key identifier: 8D:CD:A5:1D:EA:E1:71:42:3D:37:EF:CF:1B:F2:60:36:C8:FE:53:4B
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/jc2lHerhcUI9N-_PG_JgNsj-U0s.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3693F0F/83B982CA5FF011F19DD36BD0CE1D38B0/AFCB87625FF711F1A8DA1BFCCE1D38B0.roa
Signing time: Thu 04 Jun 2026 09:28:04 +0000
ROA not before: Thu 04 Jun 2026 09:27:59 +0000
ROA not after: Fri 04 Jun 2027 09:27:59 +0000
asID: 327946
IP address blocks: 102.220.64.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F3693F0F/83B982CA5FF011F19DD36BD0CE1D38B0/jc2lHerhcUI9N-_PG_JgNsj-U0s.crl
rsync://rpki.afrinic.net/repository/member_repository/F3693F0F/83B982CA5FF011F19DD36BD0CE1D38B0/jc2lHerhcUI9N-_PG_JgNsj-U0s.mft
rsync://rpki.afrinic.net/repository/afrinic/jc2lHerhcUI9N-_PG_JgNsj-U0s.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 15 Jun 2026 00:07:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3 (0x3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3693F0FAF, serialNumber=8DCDA51DEAE171423D37EFCF1BF26036C8FE534B
Validity
Not Before: Jun 4 09:27:59 2026 GMT
Not After : Jun 4 09:27:59 2027 GMT
Subject: CN=6a214524-5e2c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:5b:83:1d:36:5a:54:7c:9b:5e:88:c0:5e:c2:
83:05:65:94:17:b6:af:e3:74:11:79:eb:8d:f7:98:
c8:59:da:67:d0:4f:85:11:34:2c:da:3d:a2:2c:63:
1e:f8:50:95:9d:8a:67:72:2c:2f:53:9b:36:7d:f7:
f2:72:d9:2f:eb:90:df:fd:a2:b8:07:38:34:b3:b9:
11:a7:96:67:84:55:c2:c6:de:6b:49:7a:b0:c9:82:
55:32:0a:04:a2:48:d3:9e:a3:a5:0a:ea:48:8e:8b:
f3:fa:2c:f4:89:2b:35:c7:e5:04:61:dc:07:cb:6d:
09:6b:dc:ca:e9:8d:51:73:cc:f2:65:11:b2:27:35:
d4:a5:89:84:64:7c:3e:9a:15:6b:7c:2e:0f:1a:d2:
ee:3b:6d:7f:95:14:67:8b:12:49:ba:7a:23:10:9c:
be:24:9f:db:fc:b1:eb:35:87:a5:40:d2:ce:26:28:
8b:99:a1:a9:78:ef:46:db:65:a5:65:a4:b3:ec:a8:
72:39:7a:a8:fb:59:2a:3a:9b:8b:3d:3c:80:58:f8:
cd:0d:61:6b:07:31:20:b1:ae:5d:ba:e1:b8:43:86:
06:8c:e3:c1:b5:16:10:1e:df:c6:05:02:ea:bb:3d:
1a:ed:37:e9:da:c5:db:21:8f:7a:8c:32:c9:51:b1:
2a:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:FA:25:E9:9B:79:48:66:BA:8F:54:59:E5:CF:78:3E:D8:2D:6B:34
X509v3 Authority Key Identifier:
keyid:8D:CD:A5:1D:EA:E1:71:42:3D:37:EF:CF:1B:F2:60:36:C8:FE:53:4B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3693F0F/83B982CA5FF011F19DD36BD0CE1D38B0/jc2lHerhcUI9N-_PG_JgNsj-U0s.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/jc2lHerhcUI9N-_PG_JgNsj-U0s.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3693F0F/83B982CA5FF011F19DD36BD0CE1D38B0/AFCB87625FF711F1A8DA1BFCCE1D38B0.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.220.64.0/22
Signature Algorithm: sha256WithRSAEncryption
20:61:59:eb:44:b0:40:48:00:da:9e:85:72:08:6e:cf:6b:de:
17:49:a6:ff:95:0b:12:ac:4a:70:6d:9c:74:a7:77:34:e2:8b:
cb:dc:36:47:8a:cc:af:6a:47:68:28:c6:3d:f3:b0:f9:b0:56:
07:9b:1d:65:7c:f2:6d:7d:85:b1:77:42:e3:b0:c2:b0:a1:ee:
3b:23:41:63:29:be:26:01:b8:82:96:3d:36:48:e7:06:c0:70:
1c:3d:eb:a3:92:34:0e:59:52:3c:e5:03:a0:69:3a:f7:a5:a5:
17:38:d8:86:1c:43:f6:36:05:bc:25:6b:5b:15:0e:2c:d1:bc:
c3:5d:46:58:3c:76:35:76:e7:06:37:f2:9a:6c:4e:98:02:c0:
37:13:1f:88:b2:f3:60:63:e4:51:64:a5:a0:b3:a8:11:0a:d4:
b7:df:67:fd:61:3c:71:c9:81:d4:ee:20:03:14:f6:29:c4:f1:
ea:a8:f9:14:3a:f3:36:96:e0:c6:8c:37:cf:0f:15:a1:11:7f:
9e:32:b8:97:25:bf:2d:02:d8:10:19:ab:ff:61:8a:16:ea:90:
f2:2f:60:9e:43:3e:b7:59:cf:26:9b:16:69:fd:06:8f:87:26:
66:85:20:a8:7d:16:ab:1a:da:4b:13:06:64:53:56:36:4e:63:
1a:1d:02:8c
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgIBAzANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzY5
M0YwRkFGMTEwLwYDVQQFEyg4RENEQTUxREVBRTE3MTQyM0QzN0VGQ0YxQkYyNjAz
NkM4RkU1MzRCMB4XDTI2MDYwNDA5Mjc1OVoXDTI3MDYwNDA5Mjc1OVowGDEWMBQG
A1UEAxMNNmEyMTQ1MjQtNWUyYzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANlbgx02WlR8m16IwF7CgwVllBe2r+N0EXnrjfeYyFnaZ9BPhRE0LNo9oixj
HvhQlZ2KZ3IsL1ObNn338nLZL+uQ3/2iuAc4NLO5EaeWZ4RVwsbea0l6sMmCVTIK
BKJI056jpQrqSI6L8/os9IkrNcflBGHcB8ttCWvcyumNUXPM8mURsic11KWJhGR8
PpoVa3wuDxrS7jttf5UUZ4sSSbp6IxCcviSf2/yx6zWHpUDSziYoi5mhqXjvRttl
pWWks+yocjl6qPtZKjqbiz08gFj4zQ1hawcxILGuXbrhuEOGBozjwbUWEB7fxgUC
6rs9Gu036drF2yGPeowyyVGxKpsCAwEAAaOCAqUwggKhMB0GA1UdDgQWBBS/+iXp
m3lIZrqPVFnlz3g+2C1rNDAfBgNVHSMEGDAWgBSNzaUd6uFxQj03788b8mA2yP5T
SzAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2OTNGMEYvODNCOTgyQ0E1RkYwMTFGMTlERDM2QkQwQ0UxRDM4QjAvamMybEhl
cmhjVUk5Ti1fUEdfSmdOc2otVTBzLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvamMybEhlcmhjVUk5Ti1fUEdfSmdOc2otVTBzLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2OTNGMEYvODNCOTgyQ0E1RkYwMTFGMTlERDM2QkQwQ0Ux
RDM4QjAvQUZDQjg3NjI1RkY3MTFGMUE4REExQkZDQ0UxRDM4QjAucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAmbcQDANBgkqhkiG9w0BAQsF
AAOCAQEAIGFZ60SwQEgA2p6Fcghuz2veF0mm/5ULEqxKcG2cdKd3NOKLy9w2R4rM
r2pHaCjGPfOw+bBWB5sdZXzybX2FsXdC47DCsKHuOyNBYym+JgG4gpY9NkjnBsBw
HD3ro5I0DllSPOUDoGk696WlFzjYhhxD9jYFvCVrWxUOLNG8w11GWDx2NXbnBjfy
mmxOmALANxMfiLLzYGPkUWSloLOoEQrUt99n/WE8ccmB1O4gAxT2KcTx6qj5FDrz
Npbgxow3zw8VoRF/njK4lyW/LQLYEBmr/2GKFuqQ8i9gnkM+t1nPJpsWaf0Gj4cm
ZoUgqH0WqxraSxMGZFNWNk5jGh0CjA==
-----END CERTIFICATE-----
Generated at Sat Jun 13 15:00:36 2026 by rpki-client