Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3693F0F/83B982CA5FF011F19DD36BD0CE1D38B0/B95F77C45FF811F1B23C6C02CF1D38B0.roa
File: B95F77C45FF811F1B23C6C02CF1D38B0.roa (raw, json)
Hash identifier: /N7Eji9q9wfccWf1HfZnYAfyNQ17sZ5mHVOr0C6Cwr8=
Subject key identifier: C9:21:FD:92:2D:66:A5:AF:71:F3:D5:A4:4C:FE:5B:E9:62:67:79:81
Certificate issuer: /CN=F3693F0FAF/serialNumber=8DCDA51DEAE171423D37EFCF1BF26036C8FE534B
Certificate serial: 05
Authority key identifier: 8D:CD:A5:1D:EA:E1:71:42:3D:37:EF:CF:1B:F2:60:36:C8:FE:53:4B
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/jc2lHerhcUI9N-_PG_JgNsj-U0s.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3693F0F/83B982CA5FF011F19DD36BD0CE1D38B0/B95F77C45FF811F1B23C6C02CF1D38B0.roa
Signing time: Thu 04 Jun 2026 09:35:29 +0000
ROA not before: Thu 04 Jun 2026 09:35:25 +0000
ROA not after: Fri 04 Jun 2027 09:35:25 +0000
asID: 327946
IP address blocks: 102.213.156.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F3693F0F/83B982CA5FF011F19DD36BD0CE1D38B0/jc2lHerhcUI9N-_PG_JgNsj-U0s.crl
rsync://rpki.afrinic.net/repository/member_repository/F3693F0F/83B982CA5FF011F19DD36BD0CE1D38B0/jc2lHerhcUI9N-_PG_JgNsj-U0s.mft
rsync://rpki.afrinic.net/repository/afrinic/jc2lHerhcUI9N-_PG_JgNsj-U0s.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 15 Jun 2026 00:07:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5 (0x5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3693F0FAF, serialNumber=8DCDA51DEAE171423D37EFCF1BF26036C8FE534B
Validity
Not Before: Jun 4 09:35:25 2026 GMT
Not After : Jun 4 09:35:25 2027 GMT
Subject: CN=6a2146e1-5a86
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:64:f7:69:fa:f3:3a:c2:b6:74:93:5f:af:e8:
5a:2c:c8:1a:29:33:3d:ab:16:d1:20:54:6e:76:da:
09:6d:85:54:4c:c3:9c:ae:97:fd:be:95:22:d5:c8:
fe:0e:31:ec:ea:df:20:96:16:54:5c:71:74:9e:b8:
b0:35:f9:2b:4a:72:f1:07:96:61:f9:56:16:b2:f4:
4c:1c:d0:c8:d8:c4:6f:41:ad:96:ec:10:df:61:60:
b6:2a:18:f2:41:06:42:c5:ce:3a:11:88:2b:0b:27:
68:2e:d0:85:2a:fc:06:12:44:9d:d9:a4:50:30:00:
f6:3c:4b:10:28:cb:95:31:76:3d:cd:75:58:df:54:
b4:e1:4d:98:ec:87:a7:32:3f:fb:dd:d6:58:26:95:
df:da:63:cc:35:95:c6:cf:74:2d:27:dc:47:5c:c3:
de:82:99:b5:25:9a:74:86:4b:f8:42:07:d0:84:81:
cc:ed:1a:bb:0d:63:36:b0:1a:fc:6d:0e:47:dc:34:
87:b2:20:86:18:57:ee:3c:3c:bc:6a:43:88:72:13:
68:63:f7:c7:7b:89:03:eb:cd:4f:6c:cf:17:16:ac:
f2:80:05:01:8d:3f:65:dd:11:d1:af:4d:08:c7:47:
91:ef:2c:48:0c:ad:4c:a4:fd:3a:a9:75:1f:9e:3d:
37:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:21:FD:92:2D:66:A5:AF:71:F3:D5:A4:4C:FE:5B:E9:62:67:79:81
X509v3 Authority Key Identifier:
keyid:8D:CD:A5:1D:EA:E1:71:42:3D:37:EF:CF:1B:F2:60:36:C8:FE:53:4B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3693F0F/83B982CA5FF011F19DD36BD0CE1D38B0/jc2lHerhcUI9N-_PG_JgNsj-U0s.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/jc2lHerhcUI9N-_PG_JgNsj-U0s.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3693F0F/83B982CA5FF011F19DD36BD0CE1D38B0/B95F77C45FF811F1B23C6C02CF1D38B0.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.213.156.0/22
Signature Algorithm: sha256WithRSAEncryption
54:0e:33:c5:b2:e5:67:eb:92:3c:55:27:b1:48:48:aa:3d:96:
69:14:f2:b6:b6:9e:a2:0b:59:ba:1f:9a:4f:71:87:d8:12:86:
2d:19:5e:4e:1f:3d:e2:4e:81:3c:29:f4:b4:f5:55:62:8e:c0:
6d:f5:25:6d:d5:7e:6b:7e:61:2d:a3:67:82:7a:3b:57:2d:eb:
27:6e:a2:94:f3:01:1f:f8:a6:bc:4d:65:ce:05:59:85:36:81:
9a:17:dc:14:d6:57:e1:db:5e:f8:24:26:19:14:fd:37:d8:29:
7f:5b:3b:b0:ae:42:09:69:6f:7f:47:99:ff:bf:de:be:d7:af:
df:15:f8:ad:21:22:b8:78:90:1f:3c:fa:45:77:7c:28:65:57:
ba:39:37:45:7b:da:d8:1c:23:93:97:08:d6:5f:14:1a:be:82:
5a:4b:05:25:5c:f5:8e:0d:36:0c:52:7a:7a:65:68:cc:d2:f5:
bb:09:c2:20:5a:e8:74:7a:aa:c6:b9:dc:66:d2:97:55:be:e2:
92:3e:09:19:b9:e2:84:67:97:7a:9b:f2:71:56:b1:b4:b9:3a:
96:ba:9a:78:39:50:ee:09:81:2e:6a:f6:54:9e:c6:d9:d8:92:
5c:5a:09:a8:c9:20:61:d6:17:01:ef:82:2b:34:13:37:fe:8d:
e3:84:a8:d6
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgIBBTANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzY5
M0YwRkFGMTEwLwYDVQQFEyg4RENEQTUxREVBRTE3MTQyM0QzN0VGQ0YxQkYyNjAz
NkM4RkU1MzRCMB4XDTI2MDYwNDA5MzUyNVoXDTI3MDYwNDA5MzUyNVowGDEWMBQG
A1UEAxMNNmEyMTQ2ZTEtNWE4NjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKNk92n68zrCtnSTX6/oWizIGikzPasW0SBUbnbaCW2FVEzDnK6X/b6VItXI
/g4x7OrfIJYWVFxxdJ64sDX5K0py8QeWYflWFrL0TBzQyNjEb0GtluwQ32FgtioY
8kEGQsXOOhGIKwsnaC7QhSr8BhJEndmkUDAA9jxLECjLlTF2Pc11WN9UtOFNmOyH
pzI/+93WWCaV39pjzDWVxs90LSfcR1zD3oKZtSWadIZL+EIH0ISBzO0auw1jNrAa
/G0OR9w0h7IghhhX7jw8vGpDiHITaGP3x3uJA+vNT2zPFxas8oAFAY0/Zd0R0a9N
CMdHke8sSAytTKT9Oql1H549N+UCAwEAAaOCAqUwggKhMB0GA1UdDgQWBBTJIf2S
LWalr3Hz1aRM/lvpYmd5gTAfBgNVHSMEGDAWgBSNzaUd6uFxQj03788b8mA2yP5T
SzAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2OTNGMEYvODNCOTgyQ0E1RkYwMTFGMTlERDM2QkQwQ0UxRDM4QjAvamMybEhl
cmhjVUk5Ti1fUEdfSmdOc2otVTBzLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvamMybEhlcmhjVUk5Ti1fUEdfSmdOc2otVTBzLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2OTNGMEYvODNCOTgyQ0E1RkYwMTFGMTlERDM2QkQwQ0Ux
RDM4QjAvQjk1Rjc3QzQ1RkY4MTFGMUIyM0M2QzAyQ0YxRDM4QjAucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAmbVnDANBgkqhkiG9w0BAQsF
AAOCAQEAVA4zxbLlZ+uSPFUnsUhIqj2WaRTytraeogtZuh+aT3GH2BKGLRleTh89
4k6BPCn0tPVVYo7AbfUlbdV+a35hLaNngno7Vy3rJ26ilPMBH/imvE1lzgVZhTaB
mhfcFNZX4dte+CQmGRT9N9gpf1s7sK5CCWlvf0eZ/7/evtev3xX4rSEiuHiQHzz6
RXd8KGVXujk3RXva2Bwjk5cI1l8UGr6CWksFJVz1jg02DFJ6emVozNL1uwnCIFro
dHqqxrncZtKXVb7ikj4JGbnihGeXepvycVaxtLk6lrqaeDlQ7gmBLmr2VJ7G2diS
XFoJqMkgYdYXAe+CKzQTN/6N44So1g==
-----END CERTIFICATE-----
Generated at Sat Jun 13 15:00:48 2026 by rpki-client