Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36D9927/70C37DE4332511F1B78D32F3CE1D38B0/F278A9C4335A11F19639E4B1CE1D38B0.roa
File: F278A9C4335A11F19639E4B1CE1D38B0.roa (raw, json)
Hash identifier: UU0V0NfzzH+dIdfJ5GgUO+sS3Xy/jBQNuHs7Gk+oVuE=
Subject key identifier: DA:0A:A7:88:D8:03:10:49:0D:B8:D8:EE:C4:55:D0:19:C5:AD:C8:37
Certificate issuer: /CN=F36D9927AF/serialNumber=9D6F817CFEDF6BD09D9A4A965E148E60506F3A6E
Certificate serial: 0B
Authority key identifier: 9D:6F:81:7C:FE:DF:6B:D0:9D:9A:4A:96:5E:14:8E:60:50:6F:3A:6E
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/nW-BfP7fa9CdmkqWXhSOYFBvOm4.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36D9927/70C37DE4332511F1B78D32F3CE1D38B0/F278A9C4335A11F19639E4B1CE1D38B0.roa
Signing time: Wed 08 Apr 2026 14:55:14 +0000
ROA not before: Wed 08 Apr 2026 14:55:09 +0000
ROA not after: Tue 30 Apr 2030 14:55:09 +0000
asID: 329721
IP address blocks: 2c0f:9a0::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36D9927/70C37DE4332511F1B78D32F3CE1D38B0/nW-BfP7fa9CdmkqWXhSOYFBvOm4.crl
rsync://rpki.afrinic.net/repository/member_repository/F36D9927/70C37DE4332511F1B78D32F3CE1D38B0/nW-BfP7fa9CdmkqWXhSOYFBvOm4.mft
rsync://rpki.afrinic.net/repository/afrinic/nW-BfP7fa9CdmkqWXhSOYFBvOm4.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 19 Apr 2026 00:07:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 11 (0xb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36D9927AF, serialNumber=9D6F817CFEDF6BD09D9A4A965E148E60506F3A6E
Validity
Not Before: Apr 8 14:55:09 2026 GMT
Not After : Apr 30 14:55:09 2030 GMT
Subject: CN=69d66c51-2426
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:e4:e5:99:b5:f8:8a:7a:fd:de:0a:c6:b8:91:
e0:71:22:70:2f:76:db:e4:05:f2:23:90:db:39:09:
ed:07:ba:3f:43:44:04:8c:8b:14:d1:0e:e0:c4:e7:
b5:f2:7a:3b:9b:9c:af:c4:c1:8c:bd:7e:ef:82:d3:
97:f6:5f:1a:1c:f1:fb:da:29:b4:e0:ef:7b:13:be:
2d:c6:e9:c1:20:cd:ab:9c:f0:ff:00:80:22:ef:1f:
56:5e:38:c4:fe:75:52:bb:0b:61:84:a5:9a:75:92:
ee:70:d3:e8:ea:62:6f:b6:89:c8:53:0a:97:97:88:
07:4b:f3:cf:b3:6b:ff:90:2f:8f:70:56:ad:0a:0f:
13:18:3b:60:64:03:d5:ed:5f:04:ac:60:5c:46:f2:
73:8c:f8:4d:d0:08:4f:b9:74:dd:81:e3:da:0f:38:
fe:cb:a3:45:65:af:72:c3:3f:91:de:98:4d:02:ea:
fe:18:0c:4b:14:2d:4e:58:57:fc:1a:93:a5:ac:d2:
50:56:73:12:13:73:c9:d1:99:1e:05:42:73:fd:7b:
91:a6:1c:b2:3b:01:6b:80:75:81:63:f3:fe:99:f3:
6f:04:51:5f:dd:91:98:e0:08:61:be:72:d7:1f:7d:
ca:df:a3:97:5f:e4:32:0f:7c:38:5c:dc:8b:18:f8:
7c:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:0A:A7:88:D8:03:10:49:0D:B8:D8:EE:C4:55:D0:19:C5:AD:C8:37
X509v3 Authority Key Identifier:
keyid:9D:6F:81:7C:FE:DF:6B:D0:9D:9A:4A:96:5E:14:8E:60:50:6F:3A:6E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36D9927/70C37DE4332511F1B78D32F3CE1D38B0/nW-BfP7fa9CdmkqWXhSOYFBvOm4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/nW-BfP7fa9CdmkqWXhSOYFBvOm4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36D9927/70C37DE4332511F1B78D32F3CE1D38B0/F278A9C4335A11F19639E4B1CE1D38B0.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv6:
2c0f:9a0::/32
Signature Algorithm: sha256WithRSAEncryption
18:52:86:8b:9f:91:3d:af:9a:d2:c5:b2:8a:57:fb:01:9d:6f:
7c:f4:0e:f4:bb:40:ad:d7:40:08:61:2b:87:58:30:7d:e6:0b:
00:84:af:1d:73:9e:77:03:3d:78:89:5b:b7:6d:fc:f5:07:a9:
2b:78:93:a5:ed:50:2e:0a:56:07:10:c0:5f:f0:3c:14:86:a0:
48:6c:f2:96:23:85:29:59:60:c4:ba:46:71:86:cc:b3:45:1c:
01:31:4d:b4:a0:2e:05:44:7f:06:8e:85:00:ac:c2:26:5d:89:
8a:d6:15:58:d0:a8:de:68:11:99:4c:5b:3b:6e:99:55:b8:1b:
50:ff:9e:d2:4d:cc:43:fb:b3:2c:f0:87:05:e1:58:2d:87:05:
1a:2f:d5:9c:bf:f0:46:a8:b1:94:94:9b:f2:c5:75:26:d9:5a:
a3:b8:f3:97:f9:66:f8:1c:5d:e4:a0:3f:40:d6:7f:ee:f9:63:
eb:bd:7e:0f:1e:2a:c0:bf:3c:5d:bf:1c:fc:43:af:6a:48:7b:
db:c4:3c:e9:ec:8a:da:bd:12:54:a1:d3:19:a8:91:e0:35:4f:
14:b4:5d:02:7f:95:0f:6a:11:3d:e9:47:2a:ef:99:40:32:33:
f1:71:3a:49:e4:2b:f2:c0:f6:16:8b:40:3c:b4:8f:2c:35:ba:
35:be:be:fa
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgIBCzANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzZE
OTkyN0FGMTEwLwYDVQQFEyg5RDZGODE3Q0ZFREY2QkQwOUQ5QTRBOTY1RTE0OEU2
MDUwNkYzQTZFMB4XDTI2MDQwODE0NTUwOVoXDTMwMDQzMDE0NTUwOVowGDEWMBQG
A1UEAxMNNjlkNjZjNTEtMjQyNjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAODk5Zm1+Ip6/d4KxriR4HEicC922+QF8iOQ2zkJ7Qe6P0NEBIyLFNEO4MTn
tfJ6O5ucr8TBjL1+74LTl/ZfGhzx+9optODvexO+LcbpwSDNq5zw/wCAIu8fVl44
xP51UrsLYYSlmnWS7nDT6Opib7aJyFMKl5eIB0vzz7Nr/5Avj3BWrQoPExg7YGQD
1e1fBKxgXEbyc4z4TdAIT7l03YHj2g84/sujRWWvcsM/kd6YTQLq/hgMSxQtTlhX
/BqTpazSUFZzEhNzydGZHgVCc/17kaYcsjsBa4B1gWPz/pnzbwRRX92RmOAIYb5y
1x99yt+jl1/kMg98OFzcixj4fK8CAwEAAaOCAqYwggKiMB0GA1UdDgQWBBTaCqeI
2AMQSQ242O7EVdAZxa3INzAfBgNVHSMEGDAWgBSdb4F8/t9r0J2aSpZeFI5gUG86
bjAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2RDk5MjcvNzBDMzdERTQzMzI1MTFGMUI3OEQzMkYzQ0UxRDM4QjAvblctQmZQ
N2ZhOUNkbWtxV1hoU09ZRkJ2T200LmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvblctQmZQN2ZhOUNkbWtxV1hoU09ZRkJ2T200LmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2RDk5MjcvNzBDMzdERTQzMzI1MTFGMUI3OEQzMkYzQ0Ux
RDM4QjAvRjI3OEE5QzQzMzVBMTFGMTk2MzlFNEIxQ0UxRDM4QjAucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACwPCaAwDQYJKoZIhvcNAQEL
BQADggEBABhShoufkT2vmtLFsopX+wGdb3z0DvS7QK3XQAhhK4dYMH3mCwCErx1z
nncDPXiJW7dt/PUHqSt4k6XtUC4KVgcQwF/wPBSGoEhs8pYjhSlZYMS6RnGGzLNF
HAExTbSgLgVEfwaOhQCswiZdiYrWFVjQqN5oEZlMWztumVW4G1D/ntJNzEP7syzw
hwXhWC2HBRov1Zy/8EaosZSUm/LFdSbZWqO485f5ZvgcXeSgP0DWf+75Y+u9fg8e
KsC/PF2/HPxDr2pIe9vEPOnsitq9ElSh0xmokeA1TxS0XQJ/lQ9qET3pRyrvmUAy
M/FxOknkK/LA9haLQDy0jyw1ujW+vvo=
-----END CERTIFICATE-----
Generated at Fri Apr 17 15:55:36 2026 by rpki-client