Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36A94BD/2340EFBE342611F1AD21E606CF1D38B0/B369AC28381F11F18DCA46B3CE1D38B0.roa
File: B369AC28381F11F18DCA46B3CE1D38B0.roa (raw, json)
Hash identifier: YZtyT6PDtXJ4qALzjjOrC5/HQfvWf0WK/SUWLEjJyYY=
Subject key identifier: 12:14:C4:74:DB:38:6B:82:85:9B:BB:91:27:68:DD:FA:49:80:BD:A4
Certificate issuer: /CN=F36A94BDAF/serialNumber=C44D32D4917C782BB1DB324AE057087C063C70B9
Certificate serial: 1E
Authority key identifier: C4:4D:32:D4:91:7C:78:2B:B1:DB:32:4A:E0:57:08:7C:06:3C:70:B9
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/xE0y1JF8eCux2zJK4FcIfAY8cLk.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36A94BD/2340EFBE342611F1AD21E606CF1D38B0/B369AC28381F11F18DCA46B3CE1D38B0.roa
Signing time: Tue 14 Apr 2026 16:33:43 +0000
ROA not before: Tue 14 Apr 2026 16:33:38 +0000
ROA not after: Tue 13 Apr 2027 16:33:38 +0000
asID: 327746
IP address blocks: 154.73.100.0/22 maxlen: 22
2c0f:e800::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36A94BD/2340EFBE342611F1AD21E606CF1D38B0/xE0y1JF8eCux2zJK4FcIfAY8cLk.crl
rsync://rpki.afrinic.net/repository/member_repository/F36A94BD/2340EFBE342611F1AD21E606CF1D38B0/xE0y1JF8eCux2zJK4FcIfAY8cLk.mft
rsync://rpki.afrinic.net/repository/afrinic/xE0y1JF8eCux2zJK4FcIfAY8cLk.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 19 Apr 2026 05:31:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 30 (0x1e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36A94BDAF, serialNumber=C44D32D4917C782BB1DB324AE057087C063C70B9
Validity
Not Before: Apr 14 16:33:38 2026 GMT
Not After : Apr 13 16:33:38 2027 GMT
Subject: CN=69de6c67-6334
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:bd:ec:c3:eb:bf:6f:4d:d1:99:03:55:cc:58:
e9:64:3e:a6:6c:e8:d6:51:6a:70:00:f1:33:9d:c2:
ff:cd:ea:0b:51:27:b3:db:fd:29:de:47:b5:db:d6:
bd:f5:70:f0:40:d8:33:5b:b2:ce:ff:99:08:f7:9f:
d0:cd:00:01:59:54:d0:67:de:75:fb:85:bf:22:6d:
a1:fe:ab:40:b5:cb:aa:77:b5:ea:e0:71:31:fa:3b:
c6:0b:6d:2f:8c:ad:d9:91:b9:f1:b2:e9:b2:dc:c1:
16:d9:0a:05:79:81:65:cd:1a:19:1a:a5:06:20:a2:
a7:b1:74:8f:85:5e:49:38:4e:69:5d:eb:7b:ab:39:
da:a9:17:d0:ff:3d:c0:47:1c:0f:c6:19:8c:7e:61:
86:22:aa:10:67:81:48:bf:a8:60:f5:b3:d7:42:52:
17:89:98:8c:30:d4:d6:b4:24:79:c4:15:d0:10:ec:
d4:de:05:83:f4:f4:d9:02:4c:e7:4b:f2:b4:5a:c7:
a2:cb:56:39:0b:3e:9a:fb:61:60:f3:aa:3b:6d:cc:
b2:e4:90:90:e6:6f:89:f9:f3:f4:64:86:db:e7:9e:
3c:6c:de:a6:47:22:00:35:d3:de:57:8d:63:7c:bf:
91:5d:7a:ab:6c:8c:ad:96:07:dd:b5:c6:99:af:bc:
aa:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
12:14:C4:74:DB:38:6B:82:85:9B:BB:91:27:68:DD:FA:49:80:BD:A4
X509v3 Authority Key Identifier:
keyid:C4:4D:32:D4:91:7C:78:2B:B1:DB:32:4A:E0:57:08:7C:06:3C:70:B9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36A94BD/2340EFBE342611F1AD21E606CF1D38B0/xE0y1JF8eCux2zJK4FcIfAY8cLk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/xE0y1JF8eCux2zJK4FcIfAY8cLk.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36A94BD/2340EFBE342611F1AD21E606CF1D38B0/B369AC28381F11F18DCA46B3CE1D38B0.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.73.100.0/22
IPv6:
2c0f:e800::/32
Signature Algorithm: sha256WithRSAEncryption
08:18:eb:ff:ae:51:b4:c8:57:4d:51:f9:79:46:f0:27:1d:a0:
f8:91:e8:ba:a8:ba:a5:d5:76:ed:5c:81:bb:73:e6:27:c7:b0:
d3:f3:af:90:a8:79:44:34:6c:b8:f8:c3:10:21:71:01:50:b5:
ae:07:0a:cb:24:5a:d3:60:02:bf:69:a9:a3:22:f5:2f:2e:66:
37:3c:a8:b8:34:89:80:01:29:53:5b:2e:ab:76:a5:37:b6:c9:
bc:1b:27:7f:84:d2:6b:fa:84:13:5e:b5:ee:50:99:77:dc:5c:
5c:7b:ec:01:8c:f9:22:63:63:6e:57:7f:67:89:6a:4c:11:78:
7c:b0:06:95:d9:fe:97:9a:47:74:8a:07:82:22:ac:0e:50:c9:
a7:d7:75:8e:da:58:47:bf:8c:a6:e8:89:fe:eb:2b:90:aa:a8:
3a:95:ab:69:78:d6:46:87:f9:08:91:3d:64:26:a6:61:1b:f8:
59:67:32:c7:19:00:21:65:29:57:f8:02:94:52:e2:50:96:10:
b8:93:32:27:91:95:8a:3d:0a:f7:f9:a7:3a:bf:5b:e8:8d:2f:
08:86:a9:62:62:fa:54:b5:26:7f:ca:f2:82:78:b2:0a:6a:a3:
48:16:5a:ff:f7:a8:a3:da:68:62:ff:4e:0b:bc:52:c6:0a:a0:
14:dd:d5:f6
-----BEGIN CERTIFICATE-----
MIIFkTCCBHmgAwIBAgIBHjANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzZB
OTRCREFGMTEwLwYDVQQFEyhDNDREMzJENDkxN0M3ODJCQjFEQjMyNEFFMDU3MDg3
QzA2M0M3MEI5MB4XDTI2MDQxNDE2MzMzOFoXDTI3MDQxMzE2MzMzOFowGDEWMBQG
A1UEAxMNNjlkZTZjNjctNjMzNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMy97MPrv29N0ZkDVcxY6WQ+pmzo1lFqcADxM53C/83qC1Ens9v9Kd5HtdvW
vfVw8EDYM1uyzv+ZCPef0M0AAVlU0GfedfuFvyJtof6rQLXLqne16uBxMfo7xgtt
L4yt2ZG58bLpstzBFtkKBXmBZc0aGRqlBiCip7F0j4VeSThOaV3re6s52qkX0P89
wEccD8YZjH5hhiKqEGeBSL+oYPWz10JSF4mYjDDU1rQkecQV0BDs1N4Fg/T02QJM
50vytFrHostWOQs+mvthYPOqO23MsuSQkOZvifnz9GSG2+eePGzepkciADXT3leN
Y3y/kV16q2yMrZYH3bXGma+8qgMCAwEAAaOCArQwggKwMB0GA1UdDgQWBBQSFMR0
2zhrgoWbu5EnaN36SYC9pDAfBgNVHSMEGDAWgBTETTLUkXx4K7HbMkrgVwh8Bjxw
uTAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2QTk0QkQvMjM0MEVGQkUzNDI2MTFGMUFEMjFFNjA2Q0YxRDM4QjAveEUweTFK
RjhlQ3V4MnpKSzRGY0lmQVk4Y0xrLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMveEUweTFKRjhlQ3V4MnpKSzRGY0lmQVk4Y0xrLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2QTk0QkQvMjM0MEVGQkUzNDI2MTFGMUFEMjFFNjA2Q0Yx
RDM4QjAvQjM2OUFDMjgzODFGMTFGMThEQ0E0NkIzQ0UxRDM4QjAucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAuBggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEAppJZDANBAIAAjAHAwUALA/o
ADANBgkqhkiG9w0BAQsFAAOCAQEACBjr/65RtMhXTVH5eUbwJx2g+JHouqi6pdV2
7VyBu3PmJ8ew0/OvkKh5RDRsuPjDECFxAVC1rgcKyyRa02ACv2mpoyL1Ly5mNzyo
uDSJgAEpU1suq3alN7bJvBsnf4TSa/qEE1617lCZd9xcXHvsAYz5ImNjbld/Z4lq
TBF4fLAGldn+l5pHdIoHgiKsDlDJp9d1jtpYR7+MpuiJ/usrkKqoOpWraXjWRof5
CJE9ZCamYRv4WWcyxxkAIWUpV/gClFLiUJYQuJMyJ5GVij0K9/mnOr9b6I0vCIap
YmL6VLUmf8rygniyCmqjSBZa//eoo9poYv9OC7xSxgqgFN3V9g==
-----END CERTIFICATE-----
Generated at Fri Apr 17 23:54:58 2026 by rpki-client