Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3696E5F/3DA3D320189711ED8C936BD2F1222468/55D7D7C863EF11F1B717CB1DCF1D38B0.roa
File: 55D7D7C863EF11F1B717CB1DCF1D38B0.roa (raw, json)
Hash identifier: eCTPynYtU0RlLWyEGFXITeHwvIzfcOhgUNmXQSjFir0=
Subject key identifier: 0C:B5:D3:64:B7:1E:40:16:8B:D9:B1:FD:C0:00:75:40:D0:B2:01:F0
Certificate issuer: /CN=F3696E5FAF/serialNumber=5375CF4CA1643B08C341BDA79D8BE105BDC3C48B
Certificate serial: 061A
Authority key identifier: 53:75:CF:4C:A1:64:3B:08:C3:41:BD:A7:9D:8B:E1:05:BD:C3:C4:8B
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/U3XPTKFkOwjDQb2nnYvhBb3DxIs.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3696E5F/3DA3D320189711ED8C936BD2F1222468/55D7D7C863EF11F1B717CB1DCF1D38B0.roa
Signing time: Tue 09 Jun 2026 10:38:22 +0000
ROA not before: Tue 09 Jun 2026 10:38:17 +0000
ROA not after: Tue 31 Dec 2030 10:38:17 +0000
asID: 25818
IP address blocks: 102.64.99.0/24 maxlen: 24
2001:4210:1a00::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F3696E5F/3DA3D320189711ED8C936BD2F1222468/U3XPTKFkOwjDQb2nnYvhBb3DxIs.crl
rsync://rpki.afrinic.net/repository/member_repository/F3696E5F/3DA3D320189711ED8C936BD2F1222468/U3XPTKFkOwjDQb2nnYvhBb3DxIs.mft
rsync://rpki.afrinic.net/repository/afrinic/U3XPTKFkOwjDQb2nnYvhBb3DxIs.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 15 Jun 2026 00:07:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1562 (0x61a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3696E5FAF, serialNumber=5375CF4CA1643B08C341BDA79D8BE105BDC3C48B
Validity
Not Before: Jun 9 10:38:17 2026 GMT
Not After : Dec 31 10:38:17 2030 GMT
Subject: CN=6a27ed1e-950b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:43:cb:14:56:a3:29:93:f8:90:fb:91:7b:86:
00:b3:62:07:df:c8:c6:af:f8:6e:25:6c:e1:42:58:
24:f1:ba:c2:35:52:e7:48:fe:39:d9:88:06:46:31:
44:3e:bf:63:92:34:ab:bb:ec:52:f1:ae:35:bd:66:
43:3e:f5:96:80:28:ee:78:40:ea:e7:5b:89:4b:ab:
ac:15:a0:cb:cb:c2:00:15:95:d2:75:44:47:99:16:
4e:f3:8f:fc:6f:9e:ec:53:77:e9:51:82:8e:78:67:
fc:6d:b4:93:ba:71:bd:40:1f:ed:39:14:ec:b2:61:
bd:e2:1a:40:8c:f7:6d:53:1d:f1:47:22:37:57:75:
b1:7e:ea:f1:52:41:9f:5a:9b:38:fe:ba:05:b3:14:
33:29:ad:99:55:a9:af:7c:8a:6f:a4:4e:86:cb:92:
f5:41:1e:e5:ec:51:25:63:e3:a6:d6:da:0d:21:11:
b8:91:72:86:a2:37:61:b6:ef:63:e5:f9:3f:e4:08:
50:1a:e5:71:8a:c2:6b:9b:78:c8:0f:88:c1:98:d4:
b1:ae:38:1a:2e:a5:aa:9b:4e:22:58:83:c0:74:bc:
89:70:17:d3:de:5e:44:47:ea:a8:10:79:7f:aa:df:
1f:26:f2:91:50:8b:89:9e:1d:45:7d:aa:36:c7:2e:
a0:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:B5:D3:64:B7:1E:40:16:8B:D9:B1:FD:C0:00:75:40:D0:B2:01:F0
X509v3 Authority Key Identifier:
keyid:53:75:CF:4C:A1:64:3B:08:C3:41:BD:A7:9D:8B:E1:05:BD:C3:C4:8B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3696E5F/3DA3D320189711ED8C936BD2F1222468/U3XPTKFkOwjDQb2nnYvhBb3DxIs.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/U3XPTKFkOwjDQb2nnYvhBb3DxIs.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3696E5F/3DA3D320189711ED8C936BD2F1222468/55D7D7C863EF11F1B717CB1DCF1D38B0.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.64.99.0/24
IPv6:
2001:4210:1a00::/40
Signature Algorithm: sha256WithRSAEncryption
5e:e2:b6:4b:23:16:26:1c:52:99:f7:0a:1f:c0:db:31:f2:ef:
d7:f7:00:6a:c2:cf:e4:bd:d8:ed:1b:8d:6a:34:40:ac:54:40:
4e:77:23:d9:85:d9:2e:5b:6f:9b:59:97:5f:ed:9e:3b:56:f3:
87:eb:81:9a:53:59:34:aa:83:9b:97:c7:fa:a1:d9:e2:0a:32:
d1:33:3b:93:74:b0:d0:57:31:d1:44:c1:2c:6b:70:a7:b9:2c:
bc:b0:1f:45:dd:34:e9:f3:65:44:32:96:11:46:41:5c:6b:34:
ce:57:69:3b:e7:c5:dd:d4:df:74:e7:cd:4c:8c:ec:b1:ce:bb:
e4:6c:57:f2:de:50:80:83:08:36:86:dc:0b:cf:a1:d6:18:4b:
c0:8d:11:e2:fc:3c:b3:f9:c1:f9:5f:9d:1d:7e:bf:1e:26:97:
69:d7:76:7e:79:b9:1a:44:33:aa:b8:c7:89:76:4f:ba:89:96:
ac:67:2f:df:b9:de:4e:15:8a:8c:d2:bc:e2:89:d9:7b:3e:99:
20:24:b5:6f:de:a6:9e:4c:2c:14:24:bf:72:88:d1:90:70:e9:
55:c5:78:44:f6:62:bd:5f:09:b1:7f:61:90:94:a3:df:67:d5:
ea:b2:d5:01:8f:7e:76:72:d2:64:41:51:d9:0a:10:da:73:a7:
f7:e1:0d:d2
-----BEGIN CERTIFICATE-----
MIIFkzCCBHugAwIBAgICBhowDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
OTZFNUZBRjExMC8GA1UEBRMoNTM3NUNGNENBMTY0M0IwOEMzNDFCREE3OUQ4QkUx
MDVCREMzQzQ4QjAeFw0yNjA2MDkxMDM4MTdaFw0zMDEyMzExMDM4MTdaMBgxFjAU
BgNVBAMTDTZhMjdlZDFlLTk1MGIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDpQ8sUVqMpk/iQ+5F7hgCzYgffyMav+G4lbOFCWCTxusI1UudI/jnZiAZG
MUQ+v2OSNKu77FLxrjW9ZkM+9ZaAKO54QOrnW4lLq6wVoMvLwgAVldJ1REeZFk7z
j/xvnuxTd+lRgo54Z/xttJO6cb1AH+05FOyyYb3iGkCM921THfFHIjdXdbF+6vFS
QZ9amzj+ugWzFDMprZlVqa98im+kTobLkvVBHuXsUSVj46bW2g0hEbiRcoaiN2G2
72Pl+T/kCFAa5XGKwmubeMgPiMGY1LGuOBoupaqbTiJYg8B0vIlwF9PeXkRH6qgQ
eX+q3x8m8pFQi4meHUV9qjbHLqBTAgMBAAGjggK1MIICsTAdBgNVHQ4EFgQUDLXT
ZLceQBaL2bH9wAB1QNCyAfAwHwYDVR0jBBgwFoAUU3XPTKFkOwjDQb2nnYvhBb3D
xIswDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjk2RTVGLzNEQTNEMzIwMTg5NzExRUQ4QzkzNkJEMkYxMjIyNDY4L1UzWFBU
S0ZrT3dqRFFiMm5uWXZoQmIzRHhJcy5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL1UzWFBUS0ZrT3dqRFFiMm5uWXZoQmIzRHhJcy5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjk2RTVGLzNEQTNEMzIwMTg5NzExRUQ4QzkzNkJEMkYx
MjIyNDY4LzU1RDdEN0M4NjNFRjExRjFCNzE3Q0IxRENGMUQzOEIwLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwLwYIKwYBBQUHAQcBAf8EIDAeMAwEAgABMAYDBABmQGMwDgQCAAIwCAMGACAB
QhAaMA0GCSqGSIb3DQEBCwUAA4IBAQBe4rZLIxYmHFKZ9wofwNsx8u/X9wBqws/k
vdjtG41qNECsVEBOdyPZhdkuW2+bWZdf7Z47VvOH64GaU1k0qoObl8f6odniCjLR
MzuTdLDQVzHRRMEsa3CnuSy8sB9F3TTp82VEMpYRRkFcazTOV2k758Xd1N90581M
jOyxzrvkbFfy3lCAgwg2htwLz6HWGEvAjRHi/Dyz+cH5X50dfr8eJpdp13Z+ebka
RDOquMeJdk+6iZasZy/fud5OFYqM0rziidl7PpkgJLVv3qaeTCwUJL9yiNGQcOlV
xXhE9mK9Xwmxf2GQlKPfZ9XqstUBj352ctJkQVHZChDac6f34Q3S
-----END CERTIFICATE-----
Generated at Sat Jun 13 06:40:31 2026 by rpki-client