Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36BD4B8/692AA9B2536511F19488F8F9CE1D38B0/2DA4907C536711F1ADAACB05CF1D38B0.roa
File: 2DA4907C536711F1ADAACB05CF1D38B0.roa (raw, json)
Hash identifier: W8s98dmPz2oaTSG33wfbHLJVAgbCxjkRjcOg7gZNfGk=
Subject key identifier: 24:FE:76:CF:E8:1B:75:6E:A6:DF:66:EE:32:9C:A2:DC:11:C2:2A:11
Certificate issuer: /CN=F36BD4B8AF/serialNumber=583C32CC7C24E3350E3EED15542658A2546E081C
Certificate serial: 02
Authority key identifier: 58:3C:32:CC:7C:24:E3:35:0E:3E:ED:15:54:26:58:A2:54:6E:08:1C
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/WDwyzHwk4zUOPu0VVCZYolRuCBw.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36BD4B8/692AA9B2536511F19488F8F9CE1D38B0/2DA4907C536711F1ADAACB05CF1D38B0.roa
Signing time: Tue 19 May 2026 09:43:24 +0000
ROA not before: Tue 19 May 2026 09:43:19 +0000
ROA not after: Mon 19 May 2036 09:43:19 +0000
asID: 329747
IP address blocks: 102.202.116.0/22 maxlen: 24
2c0f:4ca0::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36BD4B8/692AA9B2536511F19488F8F9CE1D38B0/WDwyzHwk4zUOPu0VVCZYolRuCBw.crl
rsync://rpki.afrinic.net/repository/member_repository/F36BD4B8/692AA9B2536511F19488F8F9CE1D38B0/WDwyzHwk4zUOPu0VVCZYolRuCBw.mft
rsync://rpki.afrinic.net/repository/afrinic/WDwyzHwk4zUOPu0VVCZYolRuCBw.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 15 Jun 2026 00:07:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36BD4B8AF, serialNumber=583C32CC7C24E3350E3EED15542658A2546E081C
Validity
Not Before: May 19 09:43:19 2026 GMT
Not After : May 19 09:43:19 2036 GMT
Subject: CN=6a0c30bc-f344
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:9a:a6:e9:19:ca:b2:04:89:74:05:af:50:af:
d6:f9:e3:d5:02:4f:e3:cb:5e:d9:12:da:9f:f6:c9:
cb:d1:5d:51:33:56:9c:aa:d3:ed:46:ca:ac:85:a6:
00:1b:c6:88:16:3d:4a:ba:66:96:30:d6:d5:ec:77:
cc:43:23:a4:66:43:b4:ee:7b:9f:7f:15:2a:d1:91:
c0:d8:30:1a:33:55:f3:fd:dc:3d:7c:9c:c7:3b:a8:
f8:31:3c:ff:b5:7c:63:c4:10:76:4a:18:46:05:d0:
2d:33:2d:13:6f:d5:12:6e:2c:ce:77:4f:fe:0c:6c:
62:23:02:61:af:87:9f:5f:10:2f:1e:10:cc:60:f2:
1e:b1:17:47:75:bf:e9:64:bd:1e:c0:fe:a2:d8:69:
de:28:4d:91:74:4c:d9:6d:cc:fc:c7:8e:25:ea:49:
89:8a:06:20:a1:5f:33:4c:fc:18:c1:5a:32:1f:f5:
9d:5a:1f:22:a0:fc:db:24:83:cd:aa:a3:23:ce:33:
32:55:80:e5:37:d1:52:8d:1e:b8:38:e2:fd:ff:c1:
6f:e4:6c:70:6b:9f:fd:5a:0b:d7:83:5c:7e:ed:89:
30:66:ed:f9:d3:d5:6e:e8:9d:66:98:df:b2:4a:2c:
3b:fc:2a:ee:7b:9d:3f:1d:37:5b:68:1f:02:24:e3:
d1:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:FE:76:CF:E8:1B:75:6E:A6:DF:66:EE:32:9C:A2:DC:11:C2:2A:11
X509v3 Authority Key Identifier:
keyid:58:3C:32:CC:7C:24:E3:35:0E:3E:ED:15:54:26:58:A2:54:6E:08:1C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36BD4B8/692AA9B2536511F19488F8F9CE1D38B0/WDwyzHwk4zUOPu0VVCZYolRuCBw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/WDwyzHwk4zUOPu0VVCZYolRuCBw.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36BD4B8/692AA9B2536511F19488F8F9CE1D38B0/2DA4907C536711F1ADAACB05CF1D38B0.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.202.116.0/22
IPv6:
2c0f:4ca0::/32
Signature Algorithm: sha256WithRSAEncryption
60:38:0a:24:d7:db:c4:51:9b:2e:25:87:36:ba:47:8d:b8:2f:
d0:c9:c4:90:02:92:38:05:27:60:c3:c9:c9:70:9c:b9:5d:fc:
48:cc:d7:5b:dd:de:dd:15:a4:a5:45:87:e5:8f:18:74:03:52:
25:1c:1e:09:5f:29:46:10:63:36:00:0f:04:d6:7b:03:5f:36:
98:1d:3c:0d:15:f2:da:87:3a:f0:ad:cd:bc:3c:cc:ea:29:24:
54:16:9b:de:7f:5b:49:70:4e:f7:f2:cd:0b:ea:a0:d1:d8:c2:
62:f7:b2:60:da:87:ab:8e:98:f4:99:47:c0:da:5d:cf:4d:df:
4f:80:fc:fe:d5:1e:93:82:85:7c:21:cb:d5:72:a6:6a:60:a0:
ea:9f:68:df:f9:2e:06:67:0d:72:e9:02:93:31:25:b5:21:32:
f5:98:c2:12:ba:40:a7:21:6f:fa:a8:8f:1c:c8:67:28:e7:db:
0f:9c:8b:c5:d0:27:28:72:2a:33:83:1b:eb:da:71:c4:7a:9a:
cb:b1:9d:b3:ab:83:ca:ef:42:2c:1c:85:70:13:b9:43:cb:3a:
0b:03:c7:a3:73:5a:d4:3a:c4:96:9d:06:63:dc:6f:a2:ee:88:
8c:e9:08:cb:d3:d0:d9:da:c6:f4:eb:23:f8:b5:69:06:a6:1f:
4e:97:d4:9a
-----BEGIN CERTIFICATE-----
MIIFkTCCBHmgAwIBAgIBAjANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzZC
RDRCOEFGMTEwLwYDVQQFEyg1ODNDMzJDQzdDMjRFMzM1MEUzRUVEMTU1NDI2NThB
MjU0NkUwODFDMB4XDTI2MDUxOTA5NDMxOVoXDTM2MDUxOTA5NDMxOVowGDEWMBQG
A1UEAxMNNmEwYzMwYmMtZjM0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANCapukZyrIEiXQFr1Cv1vnj1QJP48te2RLan/bJy9FdUTNWnKrT7UbKrIWm
ABvGiBY9SrpmljDW1ex3zEMjpGZDtO57n38VKtGRwNgwGjNV8/3cPXycxzuo+DE8
/7V8Y8QQdkoYRgXQLTMtE2/VEm4szndP/gxsYiMCYa+Hn18QLx4QzGDyHrEXR3W/
6WS9HsD+othp3ihNkXRM2W3M/MeOJepJiYoGIKFfM0z8GMFaMh/1nVofIqD82ySD
zaqjI84zMlWA5TfRUo0euDji/f/Bb+RscGuf/VoL14Ncfu2JMGbt+dPVbuidZpjf
skosO/wq7nudPx03W2gfAiTj0UcCAwEAAaOCArQwggKwMB0GA1UdDgQWBBQk/nbP
6Bt1bqbfZu4ynKLcEcIqETAfBgNVHSMEGDAWgBRYPDLMfCTjNQ4+7RVUJliiVG4I
HDAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2QkQ0QjgvNjkyQUE5QjI1MzY1MTFGMTk0ODhGOEY5Q0UxRDM4QjAvV0R3eXpI
d2s0elVPUHUwVlZDWllvbFJ1Q0J3LmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvV0R3eXpId2s0elVPUHUwVlZDWllvbFJ1Q0J3LmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2QkQ0QjgvNjkyQUE5QjI1MzY1MTFGMTk0ODhGOEY5Q0Ux
RDM4QjAvMkRBNDkwN0M1MzY3MTFGMUFEQUFDQjA1Q0YxRDM4QjAucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAuBggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEAmbKdDANBAIAAjAHAwUALA9M
oDANBgkqhkiG9w0BAQsFAAOCAQEAYDgKJNfbxFGbLiWHNrpHjbgv0MnEkAKSOAUn
YMPJyXCcuV38SMzXW93e3RWkpUWH5Y8YdANSJRweCV8pRhBjNgAPBNZ7A182mB08
DRXy2oc68K3NvDzM6ikkVBab3n9bSXBO9/LNC+qg0djCYveyYNqHq46Y9JlHwNpd
z03fT4D8/tUek4KFfCHL1XKmamCg6p9o3/kuBmcNcukCkzEltSEy9ZjCErpApyFv
+qiPHMhnKOfbD5yLxdAnKHIqM4Mb69pxxHqay7Gds6uDyu9CLByFcBO5Q8s6CwPH
o3Na1DrElp0GY9xvou6IjOkIy9PQ2drG9Osj+LVpBqYfTpfUmg==
-----END CERTIFICATE-----
Generated at Sat Jun 13 11:08:00 2026 by rpki-client