Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3696E5F/3DA3D320189711ED8C936BD2F1222468/1CBBD95C63CD11F1951166D3CE1D38B0.roa
File: 1CBBD95C63CD11F1951166D3CE1D38B0.roa (raw, json)
Hash identifier: 4miT25AnxlNyNM74omEkAk+VyqFPtc/3toVSQUIWEiU=
Subject key identifier: DF:64:B5:F5:70:EF:6F:C0:94:49:C7:01:29:FE:AC:DC:DE:7E:3D:76
Certificate issuer: /CN=F3696E5FAF/serialNumber=5375CF4CA1643B08C341BDA79D8BE105BDC3C48B
Certificate serial: 060A
Authority key identifier: 53:75:CF:4C:A1:64:3B:08:C3:41:BD:A7:9D:8B:E1:05:BD:C3:C4:8B
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/U3XPTKFkOwjDQb2nnYvhBb3DxIs.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3696E5F/3DA3D320189711ED8C936BD2F1222468/1CBBD95C63CD11F1951166D3CE1D38B0.roa
Signing time: Tue 09 Jun 2026 06:33:23 +0000
ROA not before: Tue 09 Jun 2026 06:33:18 +0000
ROA not after: Tue 31 Dec 2030 06:33:18 +0000
asID: 25818
IP address blocks: 102.64.104.0/24 maxlen: 24
2001:4210:e00::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F3696E5F/3DA3D320189711ED8C936BD2F1222468/U3XPTKFkOwjDQb2nnYvhBb3DxIs.crl
rsync://rpki.afrinic.net/repository/member_repository/F3696E5F/3DA3D320189711ED8C936BD2F1222468/U3XPTKFkOwjDQb2nnYvhBb3DxIs.mft
rsync://rpki.afrinic.net/repository/afrinic/U3XPTKFkOwjDQb2nnYvhBb3DxIs.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 15 Jun 2026 00:07:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1546 (0x60a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3696E5FAF, serialNumber=5375CF4CA1643B08C341BDA79D8BE105BDC3C48B
Validity
Not Before: Jun 9 06:33:18 2026 GMT
Not After : Dec 31 06:33:18 2030 GMT
Subject: CN=6a27b3b3-6a9e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:d7:58:f8:d7:0e:95:a3:8d:2b:43:e1:2f:e3:
20:7b:7e:ef:15:1c:9b:95:53:e3:ab:f6:2c:6b:a6:
3c:63:dd:6e:1c:59:bd:a8:9e:cc:48:12:b9:90:be:
ca:24:c0:24:b9:81:18:0c:f6:82:7f:41:47:4a:3e:
02:08:25:f8:d8:01:52:22:27:50:0e:76:e6:c6:26:
c6:e2:42:d2:e3:5f:4b:84:36:bc:3b:e8:e2:c8:86:
7a:d1:fe:90:1a:00:56:c8:2f:73:5d:1a:a8:93:82:
5f:d2:33:a2:d3:56:75:35:3f:3d:e8:49:4d:83:9e:
51:dc:2d:bf:5b:72:d4:2a:49:ed:3a:53:4d:79:e9:
cb:7d:47:e5:86:d4:82:e3:cc:19:a4:e1:91:28:f5:
97:e1:38:50:c4:8e:cf:2d:01:b9:f9:19:36:ca:c2:
61:dc:e4:c3:ab:21:97:9d:fb:f6:f6:88:45:6d:db:
1d:b1:95:b2:20:3e:21:f5:de:d4:5b:d5:38:2a:2d:
80:24:34:35:d7:2a:94:0c:42:d9:0a:cd:19:f3:35:
ac:ea:34:b7:17:cf:ed:df:94:de:b2:bd:6b:96:41:
3e:13:ec:6c:d1:f0:23:18:d7:95:a6:67:fb:1a:12:
bd:9d:fc:de:8a:39:bb:e9:c6:08:31:35:90:63:ea:
b5:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:64:B5:F5:70:EF:6F:C0:94:49:C7:01:29:FE:AC:DC:DE:7E:3D:76
X509v3 Authority Key Identifier:
keyid:53:75:CF:4C:A1:64:3B:08:C3:41:BD:A7:9D:8B:E1:05:BD:C3:C4:8B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3696E5F/3DA3D320189711ED8C936BD2F1222468/U3XPTKFkOwjDQb2nnYvhBb3DxIs.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/U3XPTKFkOwjDQb2nnYvhBb3DxIs.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3696E5F/3DA3D320189711ED8C936BD2F1222468/1CBBD95C63CD11F1951166D3CE1D38B0.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.64.104.0/24
IPv6:
2001:4210:e00::/40
Signature Algorithm: sha256WithRSAEncryption
72:b6:31:b5:4b:d4:ff:0f:18:c7:48:fb:b4:9c:e8:f8:d8:26:
8e:af:4c:f4:7c:75:31:84:20:68:5a:cf:36:85:47:12:21:27:
53:6e:3a:64:dd:a8:41:ef:cd:21:91:70:0d:6f:ad:72:f6:2d:
65:c1:fe:52:b5:41:af:eb:5c:4f:32:fd:32:4a:36:8b:93:51:
48:4f:c9:cd:c6:2c:2a:be:51:58:c4:7d:e9:fa:46:71:54:50:
76:f1:67:fc:a9:f2:cd:55:d0:15:b4:4e:41:02:f4:e5:f0:90:
2a:2e:4d:58:c3:f7:04:fc:7e:af:41:06:71:2d:92:e6:31:31:
e9:78:5c:4e:0c:b6:f5:67:08:50:f6:00:9a:81:02:96:3a:2c:
99:a0:0a:37:5c:ff:e1:40:41:7e:a8:5c:0b:1d:b8:2a:ae:1d:
0b:da:ab:45:39:47:c3:b5:fe:fe:c8:a9:fa:2f:05:1a:af:f3:
3d:a2:c4:5b:dc:35:d2:13:94:db:d4:5a:d8:23:4e:b0:c8:7a:
cb:7a:5d:e0:8c:8e:a2:96:4a:05:30:92:af:c4:56:33:8b:b1:
bb:7e:4f:1e:c9:3c:8f:69:0b:48:cf:a1:e1:bc:0b:f5:59:36:
57:4e:7b:26:31:ee:c0:e0:8b:3c:9a:52:d3:1d:fe:e3:5c:28:
81:6e:f1:ab
-----BEGIN CERTIFICATE-----
MIIFkzCCBHugAwIBAgICBgowDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
OTZFNUZBRjExMC8GA1UEBRMoNTM3NUNGNENBMTY0M0IwOEMzNDFCREE3OUQ4QkUx
MDVCREMzQzQ4QjAeFw0yNjA2MDkwNjMzMThaFw0zMDEyMzEwNjMzMThaMBgxFjAU
BgNVBAMTDTZhMjdiM2IzLTZhOWUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDg11j41w6Vo40rQ+Ev4yB7fu8VHJuVU+Or9ixrpjxj3W4cWb2onsxIErmQ
vsokwCS5gRgM9oJ/QUdKPgIIJfjYAVIiJ1AOdubGJsbiQtLjX0uENrw76OLIhnrR
/pAaAFbIL3NdGqiTgl/SM6LTVnU1Pz3oSU2DnlHcLb9bctQqSe06U0156ct9R+WG
1ILjzBmk4ZEo9ZfhOFDEjs8tAbn5GTbKwmHc5MOrIZed+/b2iEVt2x2xlbIgPiH1
3tRb1TgqLYAkNDXXKpQMQtkKzRnzNazqNLcXz+3flN6yvWuWQT4T7GzR8CMY15Wm
Z/saEr2d/N6KObvpxggxNZBj6rXbAgMBAAGjggK1MIICsTAdBgNVHQ4EFgQU32S1
9XDvb8CUSccBKf6s3N5+PXYwHwYDVR0jBBgwFoAUU3XPTKFkOwjDQb2nnYvhBb3D
xIswDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjk2RTVGLzNEQTNEMzIwMTg5NzExRUQ4QzkzNkJEMkYxMjIyNDY4L1UzWFBU
S0ZrT3dqRFFiMm5uWXZoQmIzRHhJcy5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL1UzWFBUS0ZrT3dqRFFiMm5uWXZoQmIzRHhJcy5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjk2RTVGLzNEQTNEMzIwMTg5NzExRUQ4QzkzNkJEMkYx
MjIyNDY4LzFDQkJEOTVDNjNDRDExRjE5NTExNjZEM0NFMUQzOEIwLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwLwYIKwYBBQUHAQcBAf8EIDAeMAwEAgABMAYDBABmQGgwDgQCAAIwCAMGACAB
QhAOMA0GCSqGSIb3DQEBCwUAA4IBAQBytjG1S9T/DxjHSPu0nOj42CaOr0z0fHUx
hCBoWs82hUcSISdTbjpk3ahB780hkXANb61y9i1lwf5StUGv61xPMv0ySjaLk1FI
T8nNxiwqvlFYxH3p+kZxVFB28Wf8qfLNVdAVtE5BAvTl8JAqLk1Yw/cE/H6vQQZx
LZLmMTHpeFxODLb1ZwhQ9gCagQKWOiyZoAo3XP/hQEF+qFwLHbgqrh0L2qtFOUfD
tf7+yKn6LwUar/M9osRb3DXSE5Tb1FrYI06wyHrLel3gjI6ilkoFMJKvxFYzi7G7
fk8eyTyPaQtIz6HhvAv1WTZXTnsmMe7A4Is8mlLTHf7jXCiBbvGr
-----END CERTIFICATE-----
Generated at Sat Jun 13 06:51:59 2026 by rpki-client