Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36A1CEF/7F388DE4F13811EB917FD717D8A014CE/8058325C291811F1BCA469E5DAE4EC9C.roa
File: 8058325C291811F1BCA469E5DAE4EC9C.roa (raw, json)
Hash identifier: tn84rYgdhGNCGvc6GHqAV2yntcG3hM0yk13lx2/0f0g=
Subject key identifier: 11:8B:DF:87:81:B2:6E:EC:64:01:CC:EC:55:32:F8:9E:F8:FE:50:CB
Certificate issuer: /CN=F36A1CEFAF/serialNumber=82F1C6611A3A1467DB3D78A4A5FED50A08A57B13
Certificate serial: 075F
Authority key identifier: 82:F1:C6:61:1A:3A:14:67:DB:3D:78:A4:A5:FE:D5:0A:08:A5:7B:13
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/gvHGYRo6FGfbPXikpf7VCgilexM.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36A1CEF/7F388DE4F13811EB917FD717D8A014CE/8058325C291811F1BCA469E5DAE4EC9C.roa
Signing time: Thu 26 Mar 2026 13:34:24 +0000
ROA not before: Thu 26 Mar 2026 13:34:19 +0000
ROA not after: Wed 26 Mar 2036 13:34:19 +0000
asID: 37645
IP address blocks: 2c0f:f280::/32 maxlen: 39
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36A1CEF/7F388DE4F13811EB917FD717D8A014CE/gvHGYRo6FGfbPXikpf7VCgilexM.crl
rsync://rpki.afrinic.net/repository/member_repository/F36A1CEF/7F388DE4F13811EB917FD717D8A014CE/gvHGYRo6FGfbPXikpf7VCgilexM.mft
rsync://rpki.afrinic.net/repository/afrinic/gvHGYRo6FGfbPXikpf7VCgilexM.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 19 Apr 2026 00:07:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1887 (0x75f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36A1CEFAF, serialNumber=82F1C6611A3A1467DB3D78A4A5FED50A08A57B13
Validity
Not Before: Mar 26 13:34:19 2026 GMT
Not After : Mar 26 13:34:19 2036 GMT
Subject: CN=69c535e0-37ea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:4e:e1:92:10:76:f5:aa:7c:1b:28:81:45:b7:
47:14:27:82:ac:66:28:dc:74:49:30:2b:d0:e0:ab:
7c:f6:86:1d:f2:d6:16:36:bd:e6:8d:1b:5b:a1:02:
34:d4:52:50:8d:f5:f3:c3:a6:3a:e0:71:9c:11:2a:
6d:f2:04:54:85:36:1d:7c:81:d5:63:4e:43:fe:ca:
3e:04:2c:f4:c5:2c:03:b7:95:4f:b7:2f:37:f3:f7:
6b:32:44:e6:3a:9b:ac:fe:74:b5:2d:35:87:90:7c:
18:2d:6b:0e:94:99:f5:2b:10:b4:6c:c3:c1:fe:f8:
2a:41:ea:7c:2d:fa:f9:3c:84:dc:c3:58:83:30:af:
45:5f:3a:35:0e:a0:84:d9:84:37:83:52:54:c7:38:
52:6f:af:0a:5c:70:46:fb:06:27:b8:53:48:7d:30:
07:98:3d:93:41:9b:3d:97:b6:d5:38:46:c8:c5:54:
59:8e:37:70:f2:c3:2c:b0:f4:85:13:3f:7b:f8:1d:
fe:3e:b8:0d:f5:48:a9:2a:be:e3:57:34:41:85:1b:
fa:91:3b:6e:f7:22:e3:6f:c7:72:3c:20:b5:00:fb:
f3:63:ef:56:16:ac:89:1a:59:dc:ab:ea:8d:8c:ab:
95:41:5d:be:3d:d5:c6:5d:b9:0e:ed:c3:bd:c6:55:
9f:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:8B:DF:87:81:B2:6E:EC:64:01:CC:EC:55:32:F8:9E:F8:FE:50:CB
X509v3 Authority Key Identifier:
keyid:82:F1:C6:61:1A:3A:14:67:DB:3D:78:A4:A5:FE:D5:0A:08:A5:7B:13
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36A1CEF/7F388DE4F13811EB917FD717D8A014CE/gvHGYRo6FGfbPXikpf7VCgilexM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/gvHGYRo6FGfbPXikpf7VCgilexM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36A1CEF/7F388DE4F13811EB917FD717D8A014CE/8058325C291811F1BCA469E5DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv6:
2c0f:f280::/32
Signature Algorithm: sha256WithRSAEncryption
cc:bb:e6:dc:4e:e8:0d:97:e5:2e:44:de:d2:aa:51:10:26:f4:
42:0e:1d:ce:f5:49:4d:60:6b:0c:f4:aa:a3:e6:d0:aa:63:d5:
6c:53:00:15:73:72:fc:1b:61:6b:a1:ee:7f:63:7e:ad:ab:b0:
b2:66:a4:bf:2b:a0:46:52:0d:2c:19:1d:cd:05:9c:82:99:d4:
00:a0:3a:70:2f:36:0a:38:48:0e:a7:a0:9c:33:9f:83:33:90:
0f:52:4c:2e:ac:59:14:ab:19:55:f4:42:ee:15:ab:7c:b0:44:
86:8b:94:bc:d3:11:e9:07:a1:bc:16:fd:48:04:5a:8a:d9:cf:
84:65:4d:eb:ff:48:f1:3b:0d:38:c7:4d:59:fa:c4:ee:f5:5c:
20:52:d1:09:99:e1:4f:48:5d:00:1b:2c:88:e6:01:62:92:9f:
ce:a0:5a:e0:91:b2:57:38:19:ea:cc:74:15:90:7e:b8:97:3c:
b9:30:16:9c:f7:66:01:f9:00:9f:1b:e1:80:a3:6b:73:d2:9f:
f6:2e:52:24:19:29:67:0d:d2:9d:af:d2:19:35:81:de:d2:7f:
77:24:e9:2b:bc:8b:c4:15:9e:af:8e:38:36:11:e6:e4:26:7e:
4c:fa:0b:90:a0:8c:45:8d:3e:ab:73:ce:b5:1b:1e:83:49:ca:
83:bb:5b:a5
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICB18wDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
QTFDRUZBRjExMC8GA1UEBRMoODJGMUM2NjExQTNBMTQ2N0RCM0Q3OEE0QTVGRUQ1
MEEwOEE1N0IxMzAeFw0yNjAzMjYxMzM0MTlaFw0zNjAzMjYxMzM0MTlaMBgxFjAU
BgNVBAMTDTY5YzUzNWUwLTM3ZWEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDKTuGSEHb1qnwbKIFFt0cUJ4KsZijcdEkwK9Dgq3z2hh3y1hY2veaNG1uh
AjTUUlCN9fPDpjrgcZwRKm3yBFSFNh18gdVjTkP+yj4ELPTFLAO3lU+3Lzfz92sy
ROY6m6z+dLUtNYeQfBgtaw6UmfUrELRsw8H++CpB6nwt+vk8hNzDWIMwr0VfOjUO
oITZhDeDUlTHOFJvrwpccEb7Bie4U0h9MAeYPZNBmz2XttU4RsjFVFmON3Dywyyw
9IUTP3v4Hf4+uA31SKkqvuNXNEGFG/qRO273IuNvx3I8ILUA+/Nj71YWrIkaWdyr
6o2Mq5VBXb491cZduQ7tw73GVZ8HAgMBAAGjggKmMIICojAdBgNVHQ4EFgQUEYvf
h4GybuxkAczsVTL4nvj+UMswHwYDVR0jBBgwFoAUgvHGYRo6FGfbPXikpf7VCgil
exMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNkExQ0VGLzdGMzg4REU0RjEzODExRUI5MTdGRDcxN0Q4QTAxNENFL2d2SEdZ
Um82RkdmYlBYaWtwZjdWQ2dpbGV4TS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL2d2SEdZUm82RkdmYlBYaWtwZjdWQ2dpbGV4TS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNkExQ0VGLzdGMzg4REU0RjEzODExRUI5MTdGRDcxN0Q4
QTAxNENFLzgwNTgzMjVDMjkxODExRjFCQ0E0NjlFNURBRTRFQzlDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwIAYIKwYBBQUHAQcBAf8EETAPMA0EAgACMAcDBQAsD/KAMA0GCSqGSIb3DQEB
CwUAA4IBAQDMu+bcTugNl+UuRN7SqlEQJvRCDh3O9UlNYGsM9Kqj5tCqY9VsUwAV
c3L8G2Froe5/Y36tq7CyZqS/K6BGUg0sGR3NBZyCmdQAoDpwLzYKOEgOp6CcM5+D
M5APUkwurFkUqxlV9ELuFat8sESGi5S80xHpB6G8Fv1IBFqK2c+EZU3r/0jxOw04
x01Z+sTu9VwgUtEJmeFPSF0AGyyI5gFikp/OoFrgkbJXOBnqzHQVkH64lzy5MBac
92YB+QCfG+GAo2tz0p/2LlIkGSlnDdKdr9IZNYHe0n93JOkrvIvEFZ6vjjg2Eebk
Jn5M+guQoIxFjT6rc861Gx6DScqDu1ul
-----END CERTIFICATE-----
Generated at Fri Apr 17 13:29:30 2026 by rpki-client