Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36CE430/C1C65EFE115711F1BAFD10ABDAE4EC9C/B26406B2115E11F1A6022FD5DAE4EC9C.roa
File: B26406B2115E11F1A6022FD5DAE4EC9C.roa (raw, json)
Hash identifier: 7PV+1FdMOwzL2sEcSdwc46KEV9LTzKnwF2E0RpdtuUA=
Subject key identifier: E8:D0:6A:A2:B2:10:A8:ED:06:00:D5:0E:45:8D:82:27:6D:1A:16:66
Certificate issuer: /CN=F36CE430AF/serialNumber=22B1C24C4FE49C68C176628FDA64E68173F61E0F
Certificate serial: 04
Authority key identifier: 22:B1:C2:4C:4F:E4:9C:68:C1:76:62:8F:DA:64:E6:81:73:F6:1E:0F
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/IrHCTE_knGjBdmKP2mTmgXP2Hg8.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36CE430/C1C65EFE115711F1BAFD10ABDAE4EC9C/B26406B2115E11F1A6022FD5DAE4EC9C.roa
Signing time: Tue 24 Feb 2026 08:56:24 +0000
ROA not before: Tue 24 Feb 2026 08:56:18 +0000
ROA not after: Wed 24 Feb 2027 08:56:18 +0000
asID: 37473
IP address blocks: 197.157.244.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36CE430/C1C65EFE115711F1BAFD10ABDAE4EC9C/IrHCTE_knGjBdmKP2mTmgXP2Hg8.crl
rsync://rpki.afrinic.net/repository/member_repository/F36CE430/C1C65EFE115711F1BAFD10ABDAE4EC9C/IrHCTE_knGjBdmKP2mTmgXP2Hg8.mft
rsync://rpki.afrinic.net/repository/afrinic/IrHCTE_knGjBdmKP2mTmgXP2Hg8.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Wed 04 Mar 2026 00:07:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4 (0x4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36CE430AF, serialNumber=22B1C24C4FE49C68C176628FDA64E68173F61E0F
Validity
Not Before: Feb 24 08:56:18 2026 GMT
Not After : Feb 24 08:56:18 2027 GMT
Subject: CN=699d67b8-c796
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:e2:f2:f7:c7:89:5b:b0:80:29:17:8f:a8:2b:
d2:72:aa:13:58:68:85:7f:26:65:de:42:fd:f6:af:
f5:db:50:7b:d8:42:03:ae:7f:ba:68:a8:7f:9b:15:
53:2f:5e:38:e1:df:8c:3c:e7:74:14:ee:d7:eb:28:
c0:fa:27:d6:df:f9:be:32:c7:f4:da:be:81:d0:c3:
e6:96:ff:3e:72:e2:86:cc:92:fb:80:f2:69:23:26:
9a:49:bd:fc:11:a6:75:e1:d8:c6:62:47:e3:da:66:
d3:f2:ba:ae:98:4e:39:8b:59:2f:55:60:b1:01:e6:
ec:8e:f0:90:1b:2c:92:64:1e:9c:0e:39:77:4f:23:
fa:98:c7:91:b4:0c:bc:1e:e7:48:ea:06:1e:56:c7:
a5:43:8e:79:63:fb:3a:95:ae:a0:52:f3:94:ef:d7:
93:8d:b8:61:3c:26:2e:3d:83:d4:bc:37:9a:b5:14:
2c:80:41:5f:f8:c3:83:f6:fc:09:e8:81:4c:70:34:
a4:2a:47:73:b7:04:30:9e:93:28:e3:b3:e6:9c:f9:
33:5b:e0:c0:e6:b3:bd:d4:be:f5:91:e4:e8:a1:aa:
8b:e6:09:3a:71:c2:71:e8:00:72:84:b0:f6:72:75:
da:e2:f6:60:1e:eb:3e:b1:ec:7c:ee:a5:9c:74:d7:
60:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:D0:6A:A2:B2:10:A8:ED:06:00:D5:0E:45:8D:82:27:6D:1A:16:66
X509v3 Authority Key Identifier:
keyid:22:B1:C2:4C:4F:E4:9C:68:C1:76:62:8F:DA:64:E6:81:73:F6:1E:0F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36CE430/C1C65EFE115711F1BAFD10ABDAE4EC9C/IrHCTE_knGjBdmKP2mTmgXP2Hg8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/IrHCTE_knGjBdmKP2mTmgXP2Hg8.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36CE430/C1C65EFE115711F1BAFD10ABDAE4EC9C/B26406B2115E11F1A6022FD5DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
197.157.244.0/22
Signature Algorithm: sha256WithRSAEncryption
bb:2e:c8:57:61:02:3f:ed:0d:17:56:94:97:ec:d4:d9:bf:dd:
a7:77:c1:db:ea:32:b8:b5:a0:96:2a:80:1e:c4:05:f7:a5:ac:
e9:4c:af:5e:88:c8:69:14:9a:f8:d4:c2:e8:41:e0:38:f4:8d:
c1:5e:d9:6b:d4:1b:0f:e1:9d:10:ad:8c:a3:2a:1e:2a:53:0a:
be:a3:5c:46:9a:ee:f0:37:31:52:9b:c1:ca:fb:c6:e6:b4:4a:
7e:11:f3:46:e0:4a:3e:08:b2:e2:79:45:32:13:9b:7b:af:ea:
97:e4:1f:fb:21:4b:22:72:64:76:5f:e3:c7:47:15:0a:97:3e:
d4:67:2c:cb:fe:fe:22:16:fd:aa:20:10:a4:4f:71:81:ef:13:
2b:1e:a3:16:15:37:21:9b:ad:a2:28:e7:08:8c:5e:ec:6d:b3:
de:c3:f6:32:e1:ff:ff:41:f3:0a:c2:7f:d9:a0:f6:0a:9c:d7:
15:b3:2e:a2:66:85:d9:84:4e:20:b1:29:dc:a7:1d:c4:06:9d:
2d:c1:f7:8c:d0:82:13:5f:cf:37:40:32:74:d6:13:20:93:d9:
49:9c:e5:91:27:8e:27:ee:dd:e5:f3:5f:8e:c1:a6:53:41:e4:
bb:7e:a0:52:05:c4:44:ff:a0:8e:d4:6d:81:0f:6c:bb:4b:5a:
d5:65:bc:3b
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgIBBDANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzZD
RTQzMEFGMTEwLwYDVQQFEygyMkIxQzI0QzRGRTQ5QzY4QzE3NjYyOEZEQTY0RTY4
MTczRjYxRTBGMB4XDTI2MDIyNDA4NTYxOFoXDTI3MDIyNDA4NTYxOFowGDEWMBQG
A1UEAxMNNjk5ZDY3YjgtYzc5NjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALHi8vfHiVuwgCkXj6gr0nKqE1hohX8mZd5C/fav9dtQe9hCA65/umiof5sV
Uy9eOOHfjDzndBTu1+sowPon1t/5vjLH9Nq+gdDD5pb/PnLihsyS+4DyaSMmmkm9
/BGmdeHYxmJH49pm0/K6rphOOYtZL1VgsQHm7I7wkBsskmQenA45d08j+pjHkbQM
vB7nSOoGHlbHpUOOeWP7OpWuoFLzlO/Xk424YTwmLj2D1Lw3mrUULIBBX/jDg/b8
CeiBTHA0pCpHc7cEMJ6TKOOz5pz5M1vgwOazvdS+9ZHk6KGqi+YJOnHCcegAcoSw
9nJ12uL2YB7rPrHsfO6lnHTXYEsCAwEAAaOCAqUwggKhMB0GA1UdDgQWBBTo0Gqi
shCo7QYA1Q5FjYInbRoWZjAfBgNVHSMEGDAWgBQiscJMT+ScaMF2Yo/aZOaBc/Ye
DzAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2Q0U0MzAvQzFDNjVFRkUxMTU3MTFGMUJBRkQxMEFCREFFNEVDOUMvSXJIQ1RF
X2tuR2pCZG1LUDJtVG1nWFAySGc4LmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvSXJIQ1RFX2tuR2pCZG1LUDJtVG1nWFAySGc4LmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2Q0U0MzAvQzFDNjVFRkUxMTU3MTFGMUJBRkQxMEFCREFF
NEVDOUMvQjI2NDA2QjIxMTVFMTFGMUE2MDIyRkQ1REFFNEVDOUMucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAsWd9DANBgkqhkiG9w0BAQsF
AAOCAQEAuy7IV2ECP+0NF1aUl+zU2b/dp3fB2+oyuLWgliqAHsQF96Ws6UyvXojI
aRSa+NTC6EHgOPSNwV7Za9QbD+GdEK2MoyoeKlMKvqNcRpru8DcxUpvByvvG5rRK
fhHzRuBKPgiy4nlFMhObe6/ql+Qf+yFLInJkdl/jx0cVCpc+1Gcsy/7+Ihb9qiAQ
pE9xge8TKx6jFhU3IZutoijnCIxe7G2z3sP2MuH//0HzCsJ/2aD2CpzXFbMuomaF
2YROILEp3KcdxAadLcH3jNCCE1/PN0AydNYTIJPZSZzlkSeOJ+7d5fNfjsGmU0Hk
u36gUgXERP+gjtRtgQ9su0ta1WW8Ow==
-----END CERTIFICATE-----
Generated at Mon Mar 2 14:31:55 2026 by rpki-client