Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3696E5F/3DA3D320189711ED8C936BD2F1222468/8BB3CD2C63F211F183EC96B0CE1D38B0.roa
File: 8BB3CD2C63F211F183EC96B0CE1D38B0.roa (raw, json)
Hash identifier: QT2dN5QyAj5zmXwnOl8L432zMepTujG3dnHPbEOQoEo=
Subject key identifier: 1A:FE:73:C8:33:DD:12:0D:08:98:DE:5B:14:CF:D1:67:86:27:05:93
Certificate issuer: /CN=F3696E5FAF/serialNumber=5375CF4CA1643B08C341BDA79D8BE105BDC3C48B
Certificate serial: 062C
Authority key identifier: 53:75:CF:4C:A1:64:3B:08:C3:41:BD:A7:9D:8B:E1:05:BD:C3:C4:8B
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/U3XPTKFkOwjDQb2nnYvhBb3DxIs.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3696E5F/3DA3D320189711ED8C936BD2F1222468/8BB3CD2C63F211F183EC96B0CE1D38B0.roa
Signing time: Tue 09 Jun 2026 11:01:21 +0000
ROA not before: Tue 09 Jun 2026 11:01:16 +0000
ROA not after: Tue 31 Dec 2030 11:01:16 +0000
asID: 25818
IP address blocks: 102.177.123.0/24 maxlen: 24
2001:4210:4400::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F3696E5F/3DA3D320189711ED8C936BD2F1222468/U3XPTKFkOwjDQb2nnYvhBb3DxIs.crl
rsync://rpki.afrinic.net/repository/member_repository/F3696E5F/3DA3D320189711ED8C936BD2F1222468/U3XPTKFkOwjDQb2nnYvhBb3DxIs.mft
rsync://rpki.afrinic.net/repository/afrinic/U3XPTKFkOwjDQb2nnYvhBb3DxIs.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 15 Jun 2026 00:07:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1580 (0x62c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3696E5FAF, serialNumber=5375CF4CA1643B08C341BDA79D8BE105BDC3C48B
Validity
Not Before: Jun 9 11:01:16 2026 GMT
Not After : Dec 31 11:01:16 2030 GMT
Subject: CN=6a27f280-9697
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:91:22:22:67:d1:33:fa:aa:99:1a:35:d9:c8:
da:22:eb:40:e7:92:15:66:28:91:07:ec:04:cc:cc:
68:86:de:ab:0f:1d:eb:5e:82:70:97:41:eb:43:69:
14:6f:32:39:6f:8b:20:4a:77:f1:7d:7a:d9:e5:71:
ed:1e:55:51:b5:45:b4:f7:bd:06:ca:1f:bd:26:0d:
9e:d3:81:52:c7:22:33:50:ed:55:38:96:74:1c:61:
18:5f:63:9d:4d:0e:d6:2d:90:3c:51:93:72:5b:d1:
b4:5f:79:3b:dc:ab:5b:50:bb:80:50:24:73:69:03:
22:3f:6f:0f:35:06:23:11:52:4a:f3:8f:7a:9b:57:
e1:07:c8:5c:9a:b1:5d:f5:1b:34:04:d4:1c:98:e1:
e2:e5:8d:db:45:30:96:c2:e2:65:d9:cb:9e:54:1b:
ee:e1:8f:03:8b:7f:50:40:66:99:b3:f3:90:45:0a:
93:55:21:b7:fc:9e:8a:96:94:2f:8d:28:f9:9a:aa:
51:43:3e:49:d5:ca:31:36:25:22:59:db:1d:42:69:
59:66:d5:ee:6f:12:8b:12:38:cb:e7:bf:2a:c7:a6:
3a:85:01:92:c7:cf:8a:0b:d2:26:23:2a:32:7c:04:
4b:c5:b1:05:55:b1:07:b9:bd:8e:28:fa:8f:ca:d6:
43:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:FE:73:C8:33:DD:12:0D:08:98:DE:5B:14:CF:D1:67:86:27:05:93
X509v3 Authority Key Identifier:
keyid:53:75:CF:4C:A1:64:3B:08:C3:41:BD:A7:9D:8B:E1:05:BD:C3:C4:8B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3696E5F/3DA3D320189711ED8C936BD2F1222468/U3XPTKFkOwjDQb2nnYvhBb3DxIs.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/U3XPTKFkOwjDQb2nnYvhBb3DxIs.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3696E5F/3DA3D320189711ED8C936BD2F1222468/8BB3CD2C63F211F183EC96B0CE1D38B0.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.177.123.0/24
IPv6:
2001:4210:4400::/40
Signature Algorithm: sha256WithRSAEncryption
9b:17:2a:2f:36:44:49:f7:b4:7e:3d:07:87:84:05:97:f8:00:
8a:7b:ea:f0:af:49:82:e6:77:4d:da:d0:ea:3d:bb:cd:ef:ec:
8e:dc:a9:3b:0f:ed:46:34:46:a1:d9:38:78:62:9e:9c:dc:af:
b9:01:05:02:8b:fd:c0:b0:54:1b:92:4e:bc:bf:b7:6e:5a:28:
86:42:aa:e6:79:1c:58:16:02:18:ca:c8:44:62:e6:17:92:c6:
ee:b1:4c:1b:5f:59:fa:3a:fc:c0:60:f1:d1:f0:a2:2e:29:df:
76:4e:ce:4a:63:16:c6:81:cc:09:12:2d:b3:dc:d0:52:46:83:
4e:14:3c:0f:d9:23:3d:a1:e2:eb:65:a8:0a:07:28:4c:5b:a4:
5e:ba:22:40:93:0e:34:e0:a5:fc:a9:bc:ef:4a:8f:94:fa:55:
a6:ad:d8:61:88:15:56:d1:1f:cd:bd:20:79:61:4e:11:8c:c2:
dc:1a:3e:c9:e2:ad:80:7e:60:de:62:57:c2:3c:cd:49:13:15:
43:0c:e4:0f:0d:17:0e:a3:15:5e:f4:f2:62:9a:bc:87:e3:db:
ec:35:06:2d:af:b6:27:8a:29:06:f8:79:82:cf:22:05:e4:20:
c2:9b:cc:bf:ef:31:41:b8:12:72:54:87:94:5f:4a:e0:32:1a:
33:86:9d:52
-----BEGIN CERTIFICATE-----
MIIFkzCCBHugAwIBAgICBiwwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
OTZFNUZBRjExMC8GA1UEBRMoNTM3NUNGNENBMTY0M0IwOEMzNDFCREE3OUQ4QkUx
MDVCREMzQzQ4QjAeFw0yNjA2MDkxMTAxMTZaFw0zMDEyMzExMTAxMTZaMBgxFjAU
BgNVBAMTDTZhMjdmMjgwLTk2OTcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQCskSIiZ9Ez+qqZGjXZyNoi60DnkhVmKJEH7ATMzGiG3qsPHetegnCXQetD
aRRvMjlviyBKd/F9etnlce0eVVG1RbT3vQbKH70mDZ7TgVLHIjNQ7VU4lnQcYRhf
Y51NDtYtkDxRk3Jb0bRfeTvcq1tQu4BQJHNpAyI/bw81BiMRUkrzj3qbV+EHyFya
sV31GzQE1ByY4eLljdtFMJbC4mXZy55UG+7hjwOLf1BAZpmz85BFCpNVIbf8noqW
lC+NKPmaqlFDPknVyjE2JSJZ2x1CaVlm1e5vEosSOMvnvyrHpjqFAZLHz4oL0iYj
KjJ8BEvFsQVVsQe5vY4o+o/K1kNVAgMBAAGjggK1MIICsTAdBgNVHQ4EFgQUGv5z
yDPdEg0ImN5bFM/RZ4YnBZMwHwYDVR0jBBgwFoAUU3XPTKFkOwjDQb2nnYvhBb3D
xIswDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjk2RTVGLzNEQTNEMzIwMTg5NzExRUQ4QzkzNkJEMkYxMjIyNDY4L1UzWFBU
S0ZrT3dqRFFiMm5uWXZoQmIzRHhJcy5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL1UzWFBUS0ZrT3dqRFFiMm5uWXZoQmIzRHhJcy5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjk2RTVGLzNEQTNEMzIwMTg5NzExRUQ4QzkzNkJEMkYx
MjIyNDY4LzhCQjNDRDJDNjNGMjExRjE4M0VDOTZCMENFMUQzOEIwLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwLwYIKwYBBQUHAQcBAf8EIDAeMAwEAgABMAYDBABmsXswDgQCAAIwCAMGACAB
QhBEMA0GCSqGSIb3DQEBCwUAA4IBAQCbFyovNkRJ97R+PQeHhAWX+ACKe+rwr0mC
5ndN2tDqPbvN7+yO3Kk7D+1GNEah2Th4Yp6c3K+5AQUCi/3AsFQbkk68v7duWiiG
QqrmeRxYFgIYyshEYuYXksbusUwbX1n6OvzAYPHR8KIuKd92Ts5KYxbGgcwJEi2z
3NBSRoNOFDwP2SM9oeLrZagKByhMW6ReuiJAkw404KX8qbzvSo+U+lWmrdhhiBVW
0R/NvSB5YU4RjMLcGj7J4q2AfmDeYlfCPM1JExVDDOQPDRcOoxVe9PJimryH49vs
NQYtr7YniikG+HmCzyIF5CDCm8y/7zFBuBJyVIeUX0rgMhozhp1S
-----END CERTIFICATE-----
Generated at Sat Jun 13 06:38:40 2026 by rpki-client