Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3696E5F/3DA3D320189711ED8C936BD2F1222468/BC1191BE63D111F1981D62ECCE1D38B0.roa
File: BC1191BE63D111F1981D62ECCE1D38B0.roa (raw, json)
Hash identifier: 7C59kQ//mtaLdQHz1mSnz/+/gp8g+MjA6MlX0q2vpuw=
Subject key identifier: 24:BC:C9:3D:B9:C0:29:D9:C4:F5:EB:49:D0:BF:7C:04:2C:8D:99:84
Certificate issuer: /CN=F3696E5FAF/serialNumber=5375CF4CA1643B08C341BDA79D8BE105BDC3C48B
Certificate serial: 0614
Authority key identifier: 53:75:CF:4C:A1:64:3B:08:C3:41:BD:A7:9D:8B:E1:05:BD:C3:C4:8B
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/U3XPTKFkOwjDQb2nnYvhBb3DxIs.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3696E5F/3DA3D320189711ED8C936BD2F1222468/BC1191BE63D111F1981D62ECCE1D38B0.roa
Signing time: Tue 09 Jun 2026 07:06:28 +0000
ROA not before: Tue 09 Jun 2026 07:06:23 +0000
ROA not after: Tue 31 Dec 2030 07:06:23 +0000
asID: 25818
IP address blocks: 102.177.127.0/24 maxlen: 24
2001:4210:5c00::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F3696E5F/3DA3D320189711ED8C936BD2F1222468/U3XPTKFkOwjDQb2nnYvhBb3DxIs.crl
rsync://rpki.afrinic.net/repository/member_repository/F3696E5F/3DA3D320189711ED8C936BD2F1222468/U3XPTKFkOwjDQb2nnYvhBb3DxIs.mft
rsync://rpki.afrinic.net/repository/afrinic/U3XPTKFkOwjDQb2nnYvhBb3DxIs.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 15 Jun 2026 00:07:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1556 (0x614)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3696E5FAF, serialNumber=5375CF4CA1643B08C341BDA79D8BE105BDC3C48B
Validity
Not Before: Jun 9 07:06:23 2026 GMT
Not After : Dec 31 07:06:23 2030 GMT
Subject: CN=6a27bb74-ce0b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:5c:dc:f6:ae:5a:b4:6a:60:86:a6:7e:ad:a6:
80:63:b3:e4:c3:89:d0:e9:2b:2d:06:02:4b:30:1d:
76:1f:67:49:0e:da:cc:18:49:ca:6f:92:5d:82:af:
48:97:e9:1e:8a:ca:46:d4:8b:7f:60:ac:87:f6:4d:
c7:66:cf:a1:88:86:47:45:b3:d3:cf:d5:37:8b:5b:
69:d6:f9:3a:d8:62:c8:aa:db:86:0d:10:38:14:af:
1a:08:50:8c:d3:59:d2:79:a2:ba:bd:e2:8e:30:a3:
05:f0:8d:89:83:71:e3:ff:88:33:68:6b:18:77:8e:
43:42:0e:b1:d6:92:4c:6e:aa:32:99:e6:13:38:5a:
45:b2:04:86:b1:82:3d:d3:86:c1:eb:8e:e5:c5:2c:
0b:67:85:bb:a4:58:8c:45:a3:be:bb:d3:ae:95:4b:
a9:50:79:7d:3e:ee:fb:da:83:31:79:41:3f:67:ec:
ae:2d:57:87:a3:11:4a:51:6c:c3:67:df:0d:5b:6a:
11:e9:0e:8d:4e:62:58:47:8c:47:bb:b4:b8:d9:6d:
78:9c:02:47:f4:03:99:d2:b7:0d:be:62:94:75:80:
78:b7:a4:5c:03:9f:8e:95:39:ac:11:4e:84:bd:8b:
9d:01:f9:f5:92:83:0a:de:55:87:23:a4:2c:96:39:
b5:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:BC:C9:3D:B9:C0:29:D9:C4:F5:EB:49:D0:BF:7C:04:2C:8D:99:84
X509v3 Authority Key Identifier:
keyid:53:75:CF:4C:A1:64:3B:08:C3:41:BD:A7:9D:8B:E1:05:BD:C3:C4:8B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3696E5F/3DA3D320189711ED8C936BD2F1222468/U3XPTKFkOwjDQb2nnYvhBb3DxIs.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/U3XPTKFkOwjDQb2nnYvhBb3DxIs.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3696E5F/3DA3D320189711ED8C936BD2F1222468/BC1191BE63D111F1981D62ECCE1D38B0.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.177.127.0/24
IPv6:
2001:4210:5c00::/40
Signature Algorithm: sha256WithRSAEncryption
92:89:f7:cd:c8:f4:35:84:5a:99:c3:a4:e2:4f:73:b5:dc:42:
2d:67:f7:1e:e9:4a:f1:20:e8:07:5b:09:38:3c:11:6e:ff:ab:
93:98:c6:21:5d:5b:df:57:f2:7a:52:6a:02:7c:9d:0c:4e:d4:
34:88:dc:0d:9c:8e:7f:13:d5:dc:bc:a5:1e:0f:7d:fd:92:62:
12:60:fb:d5:f3:49:98:7d:cb:6b:a1:e7:f4:4c:14:a8:5c:94:
cd:79:07:63:08:b9:94:0e:48:3a:7d:49:e5:e2:0a:87:f5:ca:
94:7b:72:8d:e6:5e:9b:91:62:6b:1b:38:c5:81:18:69:61:9a:
82:db:23:41:7f:92:72:0d:de:be:9c:8e:4f:37:a8:ef:00:8a:
83:5d:c6:2e:05:03:9d:42:07:03:2c:b0:ef:d7:52:5f:5b:90:
e7:69:38:0a:94:a6:72:6c:8f:b2:67:9c:4f:45:ae:8a:75:81:
72:4c:39:23:2f:36:ad:92:25:c7:c6:3d:95:d9:d3:4c:5c:a9:
ed:42:5f:11:de:a4:1a:c9:3a:ee:46:ce:cf:6d:43:28:6f:c8:
1f:1f:24:39:be:24:43:91:af:7e:a6:44:a1:1a:a8:77:d2:36:
7b:f4:7b:fb:7e:74:e8:48:30:0d:8e:dc:78:cd:73:d0:7d:e2:
c4:04:c0:5d
-----BEGIN CERTIFICATE-----
MIIFkzCCBHugAwIBAgICBhQwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
OTZFNUZBRjExMC8GA1UEBRMoNTM3NUNGNENBMTY0M0IwOEMzNDFCREE3OUQ4QkUx
MDVCREMzQzQ4QjAeFw0yNjA2MDkwNzA2MjNaFw0zMDEyMzEwNzA2MjNaMBgxFjAU
BgNVBAMTDTZhMjdiYjc0LWNlMGIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDrXNz2rlq0amCGpn6tpoBjs+TDidDpKy0GAkswHXYfZ0kO2swYScpvkl2C
r0iX6R6KykbUi39grIf2Tcdmz6GIhkdFs9PP1TeLW2nW+TrYYsiq24YNEDgUrxoI
UIzTWdJ5orq94o4wowXwjYmDceP/iDNoaxh3jkNCDrHWkkxuqjKZ5hM4WkWyBIax
gj3ThsHrjuXFLAtnhbukWIxFo767066VS6lQeX0+7vvagzF5QT9n7K4tV4ejEUpR
bMNn3w1bahHpDo1OYlhHjEe7tLjZbXicAkf0A5nStw2+YpR1gHi3pFwDn46VOawR
ToS9i50B+fWSgwreVYcjpCyWObVHAgMBAAGjggK1MIICsTAdBgNVHQ4EFgQUJLzJ
PbnAKdnE9etJ0L98BCyNmYQwHwYDVR0jBBgwFoAUU3XPTKFkOwjDQb2nnYvhBb3D
xIswDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjk2RTVGLzNEQTNEMzIwMTg5NzExRUQ4QzkzNkJEMkYxMjIyNDY4L1UzWFBU
S0ZrT3dqRFFiMm5uWXZoQmIzRHhJcy5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL1UzWFBUS0ZrT3dqRFFiMm5uWXZoQmIzRHhJcy5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjk2RTVGLzNEQTNEMzIwMTg5NzExRUQ4QzkzNkJEMkYx
MjIyNDY4L0JDMTE5MUJFNjNEMTExRjE5ODFENjJFQ0NFMUQzOEIwLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwLwYIKwYBBQUHAQcBAf8EIDAeMAwEAgABMAYDBABmsX8wDgQCAAIwCAMGACAB
QhBcMA0GCSqGSIb3DQEBCwUAA4IBAQCSiffNyPQ1hFqZw6TiT3O13EItZ/ce6Urx
IOgHWwk4PBFu/6uTmMYhXVvfV/J6UmoCfJ0MTtQ0iNwNnI5/E9XcvKUeD339kmIS
YPvV80mYfctroef0TBSoXJTNeQdjCLmUDkg6fUnl4gqH9cqUe3KN5l6bkWJrGzjF
gRhpYZqC2yNBf5JyDd6+nI5PN6jvAIqDXcYuBQOdQgcDLLDv11JfW5DnaTgKlKZy
bI+yZ5xPRa6KdYFyTDkjLzatkiXHxj2V2dNMXKntQl8R3qQayTruRs7PbUMob8gf
HyQ5viRDka9+pkShGqh30jZ79Hv7fnToSDANjtx4zXPQfeLEBMBd
-----END CERTIFICATE-----
Generated at Sat Jun 13 06:39:51 2026 by rpki-client