Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3696E5F/3DA3D320189711ED8C936BD2F1222468/0EE6164863CE11F1A3D0FAD7CE1D38B0.roa
File: 0EE6164863CE11F1A3D0FAD7CE1D38B0.roa (raw, json)
Hash identifier: wxtSa4sGkEa4UTR5Un9o7F3thEEYT91zL28hkshdvTo=
Subject key identifier: A0:34:9C:DA:49:B4:C9:A2:D4:AF:6D:91:B4:8A:4F:69:92:1F:8D:49
Certificate issuer: /CN=F3696E5FAF/serialNumber=5375CF4CA1643B08C341BDA79D8BE105BDC3C48B
Certificate serial: 060E
Authority key identifier: 53:75:CF:4C:A1:64:3B:08:C3:41:BD:A7:9D:8B:E1:05:BD:C3:C4:8B
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/U3XPTKFkOwjDQb2nnYvhBb3DxIs.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3696E5F/3DA3D320189711ED8C936BD2F1222468/0EE6164863CE11F1A3D0FAD7CE1D38B0.roa
Signing time: Tue 09 Jun 2026 06:40:09 +0000
ROA not before: Tue 09 Jun 2026 06:40:04 +0000
ROA not after: Tue 31 Dec 2030 06:40:04 +0000
asID: 25818
IP address blocks: 102.177.114.0/24 maxlen: 24
2001:4210:3500::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F3696E5F/3DA3D320189711ED8C936BD2F1222468/U3XPTKFkOwjDQb2nnYvhBb3DxIs.crl
rsync://rpki.afrinic.net/repository/member_repository/F3696E5F/3DA3D320189711ED8C936BD2F1222468/U3XPTKFkOwjDQb2nnYvhBb3DxIs.mft
rsync://rpki.afrinic.net/repository/afrinic/U3XPTKFkOwjDQb2nnYvhBb3DxIs.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 15 Jun 2026 00:07:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1550 (0x60e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3696E5FAF, serialNumber=5375CF4CA1643B08C341BDA79D8BE105BDC3C48B
Validity
Not Before: Jun 9 06:40:04 2026 GMT
Not After : Dec 31 06:40:04 2030 GMT
Subject: CN=6a27b549-c1f9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:28:bc:0d:93:65:a9:1d:22:c1:83:1d:fa:48:
58:a0:45:19:0a:e2:50:60:3c:0d:a4:77:31:8a:b0:
b8:94:80:52:5c:bf:ed:7c:21:a9:21:42:5e:f3:87:
e1:39:5f:ee:24:b5:0c:d6:eb:36:ca:f7:fc:41:05:
99:7e:46:fe:a2:b7:d9:aa:6a:ef:9b:e6:98:ea:35:
29:cf:0d:91:90:07:4d:77:6d:c7:0f:05:2b:93:93:
e5:20:d5:8c:68:09:d5:fc:8d:03:16:11:b4:e7:e7:
f5:e6:7f:44:2a:26:0c:cd:94:cb:8c:e9:92:de:12:
06:11:fd:38:06:53:9c:88:93:ff:83:10:14:00:92:
b7:43:e0:10:5f:54:2e:ab:05:84:65:71:86:c0:02:
96:6d:1f:b4:ac:89:cf:41:e6:c7:fe:05:c5:ae:24:
0e:b1:3e:5c:02:5e:e0:2b:de:48:72:e4:49:af:56:
f9:ee:72:24:21:23:e3:2c:42:21:a8:0e:7a:4f:fc:
d3:71:ab:5b:bf:5f:d4:ab:2e:f4:b0:03:75:7b:72:
23:1c:52:c2:57:c2:15:f2:c9:80:61:e0:17:a6:f4:
80:ed:3b:76:fb:4d:7c:e9:b7:8c:18:b3:ae:34:fd:
14:0d:8e:71:91:fc:4b:3b:16:20:e7:db:01:44:f1:
7d:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:34:9C:DA:49:B4:C9:A2:D4:AF:6D:91:B4:8A:4F:69:92:1F:8D:49
X509v3 Authority Key Identifier:
keyid:53:75:CF:4C:A1:64:3B:08:C3:41:BD:A7:9D:8B:E1:05:BD:C3:C4:8B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3696E5F/3DA3D320189711ED8C936BD2F1222468/U3XPTKFkOwjDQb2nnYvhBb3DxIs.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/U3XPTKFkOwjDQb2nnYvhBb3DxIs.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3696E5F/3DA3D320189711ED8C936BD2F1222468/0EE6164863CE11F1A3D0FAD7CE1D38B0.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.177.114.0/24
IPv6:
2001:4210:3500::/40
Signature Algorithm: sha256WithRSAEncryption
57:8a:06:15:61:f8:c2:aa:e9:75:a7:01:73:53:0f:30:92:e2:
e4:18:df:6d:6d:e7:e8:eb:70:68:99:f4:d2:29:2d:8f:5e:2c:
65:f9:26:23:c7:9f:20:66:92:79:11:aa:2a:87:33:7f:07:da:
e8:29:c3:5f:c3:00:87:9a:39:65:23:54:6c:cb:71:5b:6a:44:
17:97:05:8b:86:17:70:0e:97:a4:e7:01:f8:df:ec:5c:29:6f:
c5:cf:39:b3:33:6c:52:9e:f4:a1:c2:90:c7:8a:e4:5b:9a:9a:
e1:ef:5a:49:65:a2:db:c3:29:0b:49:c0:58:cf:ef:c1:73:1f:
82:02:ac:17:81:6a:7d:86:15:6b:8d:ac:21:1b:ab:ef:db:79:
89:6f:08:9b:19:e0:b1:2d:0f:85:ca:d3:dd:7d:bf:d2:ef:f6:
59:ce:4a:66:9d:66:fa:77:6a:69:c1:c4:af:1d:6f:f3:39:21:
a4:25:5d:13:82:42:da:1c:a4:05:d1:8d:89:a5:33:5a:55:48:
7c:b4:b4:3a:5b:c7:cc:ff:08:93:8d:82:aa:dc:24:fa:f7:3a:
71:ab:e8:5e:e4:5c:23:6a:81:78:ba:15:0b:5c:53:64:8d:23:
59:80:fb:45:77:5d:5a:b8:7a:e9:29:0b:ec:4d:f8:fb:7c:8a:
7b:e8:36:52
-----BEGIN CERTIFICATE-----
MIIFkzCCBHugAwIBAgICBg4wDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
OTZFNUZBRjExMC8GA1UEBRMoNTM3NUNGNENBMTY0M0IwOEMzNDFCREE3OUQ4QkUx
MDVCREMzQzQ4QjAeFw0yNjA2MDkwNjQwMDRaFw0zMDEyMzEwNjQwMDRaMBgxFjAU
BgNVBAMTDTZhMjdiNTQ5LWMxZjkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQC+KLwNk2WpHSLBgx36SFigRRkK4lBgPA2kdzGKsLiUgFJcv+18IakhQl7z
h+E5X+4ktQzW6zbK9/xBBZl+Rv6it9mqau+b5pjqNSnPDZGQB013bccPBSuTk+Ug
1YxoCdX8jQMWEbTn5/Xmf0QqJgzNlMuM6ZLeEgYR/TgGU5yIk/+DEBQAkrdD4BBf
VC6rBYRlcYbAApZtH7Ssic9B5sf+BcWuJA6xPlwCXuAr3khy5EmvVvnuciQhI+Ms
QiGoDnpP/NNxq1u/X9SrLvSwA3V7ciMcUsJXwhXyyYBh4Bem9IDtO3b7TXzpt4wY
s640/RQNjnGR/Es7FiDn2wFE8X3lAgMBAAGjggK1MIICsTAdBgNVHQ4EFgQUoDSc
2km0yaLUr22RtIpPaZIfjUkwHwYDVR0jBBgwFoAUU3XPTKFkOwjDQb2nnYvhBb3D
xIswDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjk2RTVGLzNEQTNEMzIwMTg5NzExRUQ4QzkzNkJEMkYxMjIyNDY4L1UzWFBU
S0ZrT3dqRFFiMm5uWXZoQmIzRHhJcy5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL1UzWFBUS0ZrT3dqRFFiMm5uWXZoQmIzRHhJcy5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjk2RTVGLzNEQTNEMzIwMTg5NzExRUQ4QzkzNkJEMkYx
MjIyNDY4LzBFRTYxNjQ4NjNDRTExRjFBM0QwRkFEN0NFMUQzOEIwLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwLwYIKwYBBQUHAQcBAf8EIDAeMAwEAgABMAYDBABmsXIwDgQCAAIwCAMGACAB
QhA1MA0GCSqGSIb3DQEBCwUAA4IBAQBXigYVYfjCqul1pwFzUw8wkuLkGN9tbefo
63BomfTSKS2PXixl+SYjx58gZpJ5EaoqhzN/B9roKcNfwwCHmjllI1Rsy3FbakQX
lwWLhhdwDpek5wH43+xcKW/FzzmzM2xSnvShwpDHiuRbmprh71pJZaLbwykLScBY
z+/Bcx+CAqwXgWp9hhVrjawhG6vv23mJbwibGeCxLQ+FytPdfb/S7/ZZzkpmnWb6
d2ppwcSvHW/zOSGkJV0TgkLaHKQF0Y2JpTNaVUh8tLQ6W8fM/wiTjYKq3CT69zpx
q+he5FwjaoF4uhULXFNkjSNZgPtFd11auHrpKQvsTfj7fIp76DZS
-----END CERTIFICATE-----
Generated at Sat Jun 13 09:05:05 2026 by rpki-client