Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36A1CEF/7F388DE4F13811EB917FD717D8A014CE/EF98E58A333B11F19E91FDF8CE1D38B0.roa
File: EF98E58A333B11F19E91FDF8CE1D38B0.roa (raw, json)
Hash identifier: ag2v5reb+zDo0vsvEh1NsL0zM4GQBnL1uS0jIXx6S14=
Subject key identifier: DB:27:8C:25:2D:9F:20:67:83:64:12:27:65:89:53:2F:8C:78:A8:1E
Certificate issuer: /CN=F36A1CEFAF/serialNumber=82F1C6611A3A1467DB3D78A4A5FED50A08A57B13
Certificate serial: 07CF
Authority key identifier: 82:F1:C6:61:1A:3A:14:67:DB:3D:78:A4:A5:FE:D5:0A:08:A5:7B:13
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/gvHGYRo6FGfbPXikpf7VCgilexM.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36A1CEF/7F388DE4F13811EB917FD717D8A014CE/EF98E58A333B11F19E91FDF8CE1D38B0.roa
Signing time: Wed 08 Apr 2026 11:13:14 +0000
ROA not before: Wed 08 Apr 2026 11:13:09 +0000
ROA not after: Tue 08 Apr 2036 11:13:09 +0000
asID: 37645
IP address blocks: 102.209.4.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36A1CEF/7F388DE4F13811EB917FD717D8A014CE/gvHGYRo6FGfbPXikpf7VCgilexM.crl
rsync://rpki.afrinic.net/repository/member_repository/F36A1CEF/7F388DE4F13811EB917FD717D8A014CE/gvHGYRo6FGfbPXikpf7VCgilexM.mft
rsync://rpki.afrinic.net/repository/afrinic/gvHGYRo6FGfbPXikpf7VCgilexM.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 19 Apr 2026 00:07:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1999 (0x7cf)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36A1CEFAF, serialNumber=82F1C6611A3A1467DB3D78A4A5FED50A08A57B13
Validity
Not Before: Apr 8 11:13:09 2026 GMT
Not After : Apr 8 11:13:09 2036 GMT
Subject: CN=69d6384a-8e9d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:cb:e4:40:7b:b6:50:05:27:e1:e8:6e:00:f2:
47:21:d6:88:f1:35:91:a1:1d:90:30:fc:f8:19:ab:
d5:17:9d:e9:34:3b:43:40:cc:98:32:a5:86:88:64:
a5:26:da:39:87:d7:1f:3b:50:f3:8e:43:b9:34:f6:
41:b5:36:98:db:8f:6c:b6:c7:8f:22:3d:80:75:ae:
77:53:87:64:78:ff:60:8a:a8:bd:0e:0a:ff:fd:68:
12:da:f2:dd:9f:16:cd:41:11:e5:46:ee:fd:3d:a9:
69:84:5c:97:dc:83:0f:f4:54:aa:84:13:ec:5c:88:
5d:92:a8:3a:f8:63:f0:0f:1c:8d:a8:37:01:24:51:
48:b3:95:e6:be:59:da:fe:a7:f3:63:60:a6:9e:09:
3a:45:91:c5:9f:a3:8b:61:02:4b:e7:38:c4:71:64:
7c:7c:09:c3:6c:03:0e:19:4d:25:d7:95:87:ff:a1:
c5:67:6b:f2:13:c9:4c:ff:1a:ea:0e:50:7d:67:51:
ee:86:5a:c1:35:3c:dd:41:d5:8b:2e:dc:2c:32:55:
82:a2:03:52:10:86:fb:90:1e:cb:e1:ae:d8:ab:d6:
45:ed:a6:16:03:d4:95:cf:3d:d0:4b:04:53:9f:74:
a3:28:93:40:8f:05:9d:04:2a:22:36:81:53:27:68:
71:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:27:8C:25:2D:9F:20:67:83:64:12:27:65:89:53:2F:8C:78:A8:1E
X509v3 Authority Key Identifier:
keyid:82:F1:C6:61:1A:3A:14:67:DB:3D:78:A4:A5:FE:D5:0A:08:A5:7B:13
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36A1CEF/7F388DE4F13811EB917FD717D8A014CE/gvHGYRo6FGfbPXikpf7VCgilexM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/gvHGYRo6FGfbPXikpf7VCgilexM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36A1CEF/7F388DE4F13811EB917FD717D8A014CE/EF98E58A333B11F19E91FDF8CE1D38B0.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.209.4.0/22
Signature Algorithm: sha256WithRSAEncryption
7e:e0:17:4a:23:8d:0e:65:1c:06:44:12:fb:13:97:8a:00:13:
73:8c:f8:60:ab:83:91:12:ef:7b:0d:35:6f:e5:2b:3a:bb:3e:
9b:28:76:da:9c:9a:b3:68:3a:c7:9c:7c:29:92:7a:d1:a6:05:
a5:70:d7:b0:f5:f9:61:30:6a:96:8e:28:77:1a:43:ac:dc:32:
3e:9e:d2:6d:df:2d:7d:fc:d1:ab:0e:6e:a7:7c:9f:66:a9:5c:
fd:62:80:fb:0a:fe:3d:50:99:3e:20:3f:95:34:52:0a:d6:59:
f0:7a:d2:7c:e1:22:ef:7e:3b:3c:b3:a2:5b:1e:a9:a0:e5:ae:
1c:c7:38:80:31:d7:3e:c4:b6:75:5d:1e:a3:f1:71:de:42:cd:
f9:39:4b:80:a5:0d:03:59:f7:f4:ff:8a:5f:30:37:a8:bf:3e:
ba:4e:04:f3:de:35:a0:a1:5f:c2:f5:41:cb:ae:42:2c:b1:fa:
b6:53:43:14:54:4b:05:83:fa:a6:f4:bc:b5:e9:72:67:9d:ae:
a7:41:c5:d3:5f:2e:a2:51:a8:dd:1c:fa:4f:6a:d4:e2:d1:8c:
19:bb:94:52:9f:7a:92:03:14:67:e4:8e:20:20:e0:68:8d:ef:
c9:33:5a:72:17:5d:c7:d5:e0:63:dd:c6:4a:d6:10:59:4a:0a:
90:5b:37:d1
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICB88wDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
QTFDRUZBRjExMC8GA1UEBRMoODJGMUM2NjExQTNBMTQ2N0RCM0Q3OEE0QTVGRUQ1
MEEwOEE1N0IxMzAeFw0yNjA0MDgxMTEzMDlaFw0zNjA0MDgxMTEzMDlaMBgxFjAU
BgNVBAMTDTY5ZDYzODRhLThlOWQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDHy+RAe7ZQBSfh6G4A8kch1ojxNZGhHZAw/PgZq9UXnek0O0NAzJgypYaI
ZKUm2jmH1x87UPOOQ7k09kG1Npjbj2y2x48iPYB1rndTh2R4/2CKqL0OCv/9aBLa
8t2fFs1BEeVG7v09qWmEXJfcgw/0VKqEE+xciF2SqDr4Y/APHI2oNwEkUUizlea+
Wdr+p/NjYKaeCTpFkcWfo4thAkvnOMRxZHx8CcNsAw4ZTSXXlYf/ocVna/ITyUz/
GuoOUH1nUe6GWsE1PN1B1Ysu3CwyVYKiA1IQhvuQHsvhrtir1kXtphYD1JXPPdBL
BFOfdKMok0CPBZ0EKiI2gVMnaHEdAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQU2yeM
JS2fIGeDZBInZYlTL4x4qB4wHwYDVR0jBBgwFoAUgvHGYRo6FGfbPXikpf7VCgil
exMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNkExQ0VGLzdGMzg4REU0RjEzODExRUI5MTdGRDcxN0Q4QTAxNENFL2d2SEdZ
Um82RkdmYlBYaWtwZjdWQ2dpbGV4TS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL2d2SEdZUm82RkdmYlBYaWtwZjdWQ2dpbGV4TS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNkExQ0VGLzdGMzg4REU0RjEzODExRUI5MTdGRDcxN0Q4
QTAxNENFL0VGOThFNThBMzMzQjExRjE5RTkxRkRGOENFMUQzOEIwLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAJm0QQwDQYJKoZIhvcNAQEL
BQADggEBAH7gF0ojjQ5lHAZEEvsTl4oAE3OM+GCrg5ES73sNNW/lKzq7Ppsodtqc
mrNoOsecfCmSetGmBaVw17D1+WEwapaOKHcaQ6zcMj6e0m3fLX380asObqd8n2ap
XP1igPsK/j1QmT4gP5U0UgrWWfB60nzhIu9+OzyzolseqaDlrhzHOIAx1z7EtnVd
HqPxcd5Czfk5S4ClDQNZ9/T/il8wN6i/PrpOBPPeNaChX8L1QcuuQiyx+rZTQxRU
SwWD+qb0vLXpcmedrqdBxdNfLqJRqN0c+k9q1OLRjBm7lFKfepIDFGfkjiAg4GiN
78kzWnIXXcfV4GPdxkrWEFlKCpBbN9E=
-----END CERTIFICATE-----
Generated at Fri Apr 17 06:51:17 2026 by rpki-client