Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36A75D2/3CFEC410059311F19F65F3D6DAE4EC9C/5BE72858059411F1AB4403DFDAE4EC9C.roa
File: 5BE72858059411F1AB4403DFDAE4EC9C.roa (raw, json)
Hash identifier: 0OaZbwlKspj+/PLiCfmeszFXjMcg4792APuxNjcF8Pg=
Subject key identifier: 78:C8:5B:60:7B:21:F2:E1:21:4F:EC:CE:B1:9E:70:93:CC:58:A2:22
Certificate issuer: /CN=F36A75D2AF/serialNumber=85E2EB428CBF8D4B31F9A64662BC07B6C3EE4111
Certificate serial: 02
Authority key identifier: 85:E2:EB:42:8C:BF:8D:4B:31:F9:A6:46:62:BC:07:B6:C3:EE:41:11
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/heLrQoy_jUsx-aZGYrwHtsPuQRE.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36A75D2/3CFEC410059311F19F65F3D6DAE4EC9C/5BE72858059411F1AB4403DFDAE4EC9C.roa
Signing time: Mon 09 Feb 2026 08:50:18 +0000
ROA not before: Mon 09 Feb 2026 08:50:14 +0000
ROA not after: Sat 09 Feb 2036 08:50:14 +0000
asID: 329676
IP address blocks: 102.203.212.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36A75D2/3CFEC410059311F19F65F3D6DAE4EC9C/heLrQoy_jUsx-aZGYrwHtsPuQRE.crl
rsync://rpki.afrinic.net/repository/member_repository/F36A75D2/3CFEC410059311F19F65F3D6DAE4EC9C/heLrQoy_jUsx-aZGYrwHtsPuQRE.mft
rsync://rpki.afrinic.net/repository/afrinic/heLrQoy_jUsx-aZGYrwHtsPuQRE.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 03 Mar 2026 00:07:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36A75D2AF, serialNumber=85E2EB428CBF8D4B31F9A64662BC07B6C3EE4111
Validity
Not Before: Feb 9 08:50:14 2026 GMT
Not After : Feb 9 08:50:14 2036 GMT
Subject: CN=69899fca-e114
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:cf:ae:8f:2d:a5:5c:54:aa:d6:3e:68:97:cd:
52:f5:4a:d3:78:61:05:8f:9c:bd:e5:f8:f0:58:ef:
bd:56:75:a4:05:f5:1e:84:44:59:72:df:b9:2d:5b:
a5:93:05:e9:3c:ab:c8:4a:74:b7:45:da:09:65:82:
ff:ec:94:66:b1:30:8e:26:48:e3:74:7c:27:7f:50:
c1:f6:7a:40:97:75:da:6a:b6:71:83:c3:d2:d6:7a:
8e:78:7e:35:25:26:5b:e5:22:3d:d0:83:55:95:bc:
c6:1d:a8:62:c5:19:d5:ba:af:ab:d3:b1:35:ff:59:
9f:27:80:54:ed:3f:45:09:8c:8a:53:0d:d5:eb:59:
1d:47:2a:c3:59:e6:0a:18:f2:60:b2:f2:a8:44:4f:
e7:e9:05:b2:8a:57:3d:c7:06:69:bf:87:10:c5:2c:
ac:c8:85:2f:ca:e7:94:bb:b6:96:76:5b:a6:04:23:
57:0b:3d:cc:bb:6b:af:cf:2b:f2:49:44:3c:d6:b1:
7d:bc:5a:ad:90:49:9f:0c:0a:6e:9a:9f:ec:03:00:
a1:1d:b2:6b:b0:58:19:68:5f:f4:64:4a:85:59:e1:
4e:8a:8f:11:8f:60:06:b4:3f:fe:82:4f:77:3c:69:
04:80:d5:c3:92:31:d5:bf:1d:b7:9c:5c:4c:46:eb:
2e:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:C8:5B:60:7B:21:F2:E1:21:4F:EC:CE:B1:9E:70:93:CC:58:A2:22
X509v3 Authority Key Identifier:
keyid:85:E2:EB:42:8C:BF:8D:4B:31:F9:A6:46:62:BC:07:B6:C3:EE:41:11
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36A75D2/3CFEC410059311F19F65F3D6DAE4EC9C/heLrQoy_jUsx-aZGYrwHtsPuQRE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/heLrQoy_jUsx-aZGYrwHtsPuQRE.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36A75D2/3CFEC410059311F19F65F3D6DAE4EC9C/5BE72858059411F1AB4403DFDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.203.212.0/23
Signature Algorithm: sha256WithRSAEncryption
19:45:b2:11:04:50:13:78:ab:51:8a:6b:61:72:d8:5b:66:47:
6a:b2:7a:45:65:ba:47:e0:4d:97:4b:6b:82:61:c9:3a:0c:ae:
52:52:64:17:f8:8f:3a:45:4f:2a:03:b5:a8:02:fc:8f:ae:f3:
55:81:c3:4a:7d:d8:df:34:d5:f3:f8:4c:d1:68:43:e6:56:d1:
9f:51:c8:7b:fc:aa:0d:ff:bf:44:1e:9e:9d:7b:7a:d6:26:1f:
35:c9:57:bd:c7:1d:27:da:94:db:9a:f5:a4:61:10:72:52:cd:
c3:73:a5:18:05:8b:c4:b4:38:58:ce:d0:e1:34:98:be:85:cd:
8f:d1:7f:f7:f7:d2:89:20:71:80:26:dd:06:4c:af:a0:b0:51:
6c:7e:75:67:f0:65:5c:d7:df:90:27:4d:62:50:bb:e8:7a:5b:
62:78:e2:82:c6:7f:40:72:a0:ee:77:58:b9:d9:c2:c0:fa:7d:
ac:b1:1b:18:0b:64:e2:f4:cb:42:b1:9b:7f:b7:79:f9:76:54:
58:a4:db:32:82:c5:e8:a2:2d:6f:d2:1f:43:12:53:57:2c:b7:
73:bd:32:bb:c1:64:e3:3d:f7:3f:84:af:93:52:86:86:bf:f0:
55:75:b0:95:9c:2e:a8:d2:28:66:c2:a7:ea:3d:1f:33:cc:e6:
b3:41:32:64
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgIBAjANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzZB
NzVEMkFGMTEwLwYDVQQFEyg4NUUyRUI0MjhDQkY4RDRCMzFGOUE2NDY2MkJDMDdC
NkMzRUU0MTExMB4XDTI2MDIwOTA4NTAxNFoXDTM2MDIwOTA4NTAxNFowGDEWMBQG
A1UEAxMNNjk4OTlmY2EtZTExNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAM7Pro8tpVxUqtY+aJfNUvVK03hhBY+cveX48FjvvVZ1pAX1HoREWXLfuS1b
pZMF6TyryEp0t0XaCWWC/+yUZrEwjiZI43R8J39QwfZ6QJd12mq2cYPD0tZ6jnh+
NSUmW+UiPdCDVZW8xh2oYsUZ1bqvq9OxNf9ZnyeAVO0/RQmMilMN1etZHUcqw1nm
ChjyYLLyqERP5+kFsopXPccGab+HEMUsrMiFL8rnlLu2lnZbpgQjVws9zLtrr88r
8klEPNaxfbxarZBJnwwKbpqf7AMAoR2ya7BYGWhf9GRKhVnhToqPEY9gBrQ//oJP
dzxpBIDVw5Ix1b8dt5xcTEbrLoMCAwEAAaOCAqUwggKhMB0GA1UdDgQWBBR4yFtg
eyHy4SFP7M6xnnCTzFiiIjAfBgNVHSMEGDAWgBSF4utCjL+NSzH5pkZivAe2w+5B
ETAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2QTc1RDIvM0NGRUM0MTAwNTkzMTFGMTlGNjVGM0Q2REFFNEVDOUMvaGVMclFv
eV9qVXN4LWFaR1lyd0h0c1B1UVJFLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvaGVMclFveV9qVXN4LWFaR1lyd0h0c1B1UVJFLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2QTc1RDIvM0NGRUM0MTAwNTkzMTFGMTlGNjVGM0Q2REFF
NEVDOUMvNUJFNzI4NTgwNTk0MTFGMUFCNDQwM0RGREFFNEVDOUMucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAWbL1DANBgkqhkiG9w0BAQsF
AAOCAQEAGUWyEQRQE3irUYprYXLYW2ZHarJ6RWW6R+BNl0trgmHJOgyuUlJkF/iP
OkVPKgO1qAL8j67zVYHDSn3Y3zTV8/hM0WhD5lbRn1HIe/yqDf+/RB6enXt61iYf
NclXvccdJ9qU25r1pGEQclLNw3OlGAWLxLQ4WM7Q4TSYvoXNj9F/9/fSiSBxgCbd
BkyvoLBRbH51Z/BlXNffkCdNYlC76HpbYnjigsZ/QHKg7ndYudnCwPp9rLEbGAtk
4vTLQrGbf7d5+XZUWKTbMoLF6KItb9IfQxJTVyy3c70yu8Fk4z33P4Svk1KGhr/w
VXWwlZwuqNIoZsKn6j0fM8zms0EyZA==
-----END CERTIFICATE-----
Generated at Mon Mar 2 02:42:57 2026 by rpki-client