Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36DBB05/0747436C195511F1A17147BCDAE4EC9C/12854A54342011F1B1B3FEE3CE1D38B0.roa
File: 12854A54342011F1B1B3FEE3CE1D38B0.roa (raw, json)
Hash identifier: pT0m2gWKIGIqpxCq5RWYoGgM1OEZ3jmMFyars3Vkhlo=
Subject key identifier: E2:10:68:72:1F:1D:8C:63:3A:20:9B:1D:21:E2:A3:11:E4:25:B3:F9
Certificate issuer: /CN=F36DBB05AF/serialNumber=BEB0586FD6E2073BDF97C4FEF56AF9C5A09BF452
Certificate serial: 34
Authority key identifier: BE:B0:58:6F:D6:E2:07:3B:DF:97:C4:FE:F5:6A:F9:C5:A0:9B:F4:52
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/vrBYb9biBzvfl8T-9Wr5xaCb9FI.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36DBB05/0747436C195511F1A17147BCDAE4EC9C/12854A54342011F1B1B3FEE3CE1D38B0.roa
Signing time: Thu 09 Apr 2026 14:26:18 +0000
ROA not before: Thu 09 Apr 2026 14:26:14 +0000
ROA not after: Wed 09 Apr 2036 14:26:14 +0000
asID: 329648
IP address blocks: 2c0f:7dc0:200::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36DBB05/0747436C195511F1A17147BCDAE4EC9C/vrBYb9biBzvfl8T-9Wr5xaCb9FI.crl
rsync://rpki.afrinic.net/repository/member_repository/F36DBB05/0747436C195511F1A17147BCDAE4EC9C/vrBYb9biBzvfl8T-9Wr5xaCb9FI.mft
rsync://rpki.afrinic.net/repository/afrinic/vrBYb9biBzvfl8T-9Wr5xaCb9FI.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 21 Apr 2026 00:07:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 52 (0x34)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36DBB05AF, serialNumber=BEB0586FD6E2073BDF97C4FEF56AF9C5A09BF452
Validity
Not Before: Apr 9 14:26:14 2026 GMT
Not After : Apr 9 14:26:14 2036 GMT
Subject: CN=69d7b70a-a129
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:6e:07:ca:58:4e:2c:86:7e:b6:ef:d5:d0:5f:
b4:61:01:6e:5c:c1:be:99:48:ec:8e:4c:0d:c8:87:
96:4f:5b:f6:0d:42:f4:78:83:31:cc:3b:cc:c2:a8:
0f:2b:79:8d:71:ae:99:7e:7c:41:c7:fd:f2:d1:c5:
bb:be:3c:8d:47:43:af:de:f0:ad:75:48:1c:4c:d5:
76:be:d2:32:0a:f0:a4:c3:77:54:e9:7b:b9:82:20:
82:45:76:39:85:16:47:cb:d4:35:81:11:ef:13:5d:
db:79:56:93:16:f8:8b:c5:93:55:c3:81:11:81:0c:
88:c9:55:96:ee:6e:25:10:c0:25:c1:13:77:2d:51:
df:12:4a:1d:c8:e5:2a:fc:7f:d9:0d:cf:21:28:32:
1d:45:60:93:52:ff:44:5a:30:6f:e3:a5:cc:6a:76:
44:c3:0c:2c:e8:31:e3:63:6e:97:ca:7e:44:bb:38:
78:ae:16:23:ce:44:12:5c:eb:d6:65:5e:79:f5:30:
7c:fe:f4:b1:0c:cb:10:c9:dd:5f:4c:d6:66:62:5a:
8d:53:24:1a:f1:6a:46:4f:8b:69:6b:72:00:7d:d2:
82:fd:b1:c3:a7:45:24:0c:de:0f:bd:6a:6f:ea:5f:
40:e0:1f:b8:b8:37:c5:ce:fc:12:3b:8c:53:b9:1f:
cf:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:10:68:72:1F:1D:8C:63:3A:20:9B:1D:21:E2:A3:11:E4:25:B3:F9
X509v3 Authority Key Identifier:
keyid:BE:B0:58:6F:D6:E2:07:3B:DF:97:C4:FE:F5:6A:F9:C5:A0:9B:F4:52
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36DBB05/0747436C195511F1A17147BCDAE4EC9C/vrBYb9biBzvfl8T-9Wr5xaCb9FI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/vrBYb9biBzvfl8T-9Wr5xaCb9FI.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36DBB05/0747436C195511F1A17147BCDAE4EC9C/12854A54342011F1B1B3FEE3CE1D38B0.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv6:
2c0f:7dc0:200::/48
Signature Algorithm: sha256WithRSAEncryption
4c:f0:f0:0c:b3:f6:ef:53:94:15:d6:a7:86:01:7f:7d:da:f9:
46:94:77:cf:da:20:12:78:f2:67:23:77:83:5c:74:74:b2:18:
ef:a7:ed:e7:c3:6c:98:ef:8e:54:66:34:fc:83:b1:24:57:0d:
a9:a0:99:14:00:0a:69:e3:ba:3c:75:d4:bc:df:65:86:e2:99:
a3:8e:bc:b6:b9:02:5d:b7:a1:c4:db:6a:c1:ff:9e:52:76:e5:
aa:84:53:f1:27:77:c1:31:33:d0:c5:cd:f7:8b:2f:32:42:14:
4f:31:1b:95:45:f5:74:40:31:d7:8a:e4:7d:54:8f:b9:7e:50:
f0:b5:43:9e:93:5b:0b:65:a9:81:83:10:fb:73:91:80:e1:10:
e5:e2:72:f6:9d:82:77:9c:a9:ab:63:3a:5a:b9:44:cb:9f:88:
74:6b:6d:86:2f:d3:c2:e7:8d:dc:8d:08:61:9f:cf:5c:87:27:
d7:2d:2d:bf:2c:6f:9f:d5:b6:88:cb:f3:c9:a5:61:ac:fd:25:
98:1a:94:c4:e8:f6:66:cf:1e:95:97:8e:d8:37:aa:fa:57:d3:
c6:a0:6e:c1:e0:d1:f7:22:66:7b:08:71:cc:ca:22:62:c9:c8:
8e:c8:c1:b6:d4:1c:ca:01:30:7d:0d:16:26:83:ff:13:05:6b:
c1:26:2f:89
-----BEGIN CERTIFICATE-----
MIIFhTCCBG2gAwIBAgIBNDANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzZE
QkIwNUFGMTEwLwYDVQQFEyhCRUIwNTg2RkQ2RTIwNzNCREY5N0M0RkVGNTZBRjlD
NUEwOUJGNDUyMB4XDTI2MDQwOTE0MjYxNFoXDTM2MDQwOTE0MjYxNFowGDEWMBQG
A1UEAxMNNjlkN2I3MGEtYTEyOTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAN5uB8pYTiyGfrbv1dBftGEBblzBvplI7I5MDciHlk9b9g1C9HiDMcw7zMKo
Dyt5jXGumX58Qcf98tHFu748jUdDr97wrXVIHEzVdr7SMgrwpMN3VOl7uYIggkV2
OYUWR8vUNYER7xNd23lWkxb4i8WTVcOBEYEMiMlVlu5uJRDAJcETdy1R3xJKHcjl
Kvx/2Q3PISgyHUVgk1L/RFowb+OlzGp2RMMMLOgx42Nul8p+RLs4eK4WI85EElzr
1mVeefUwfP70sQzLEMndX0zWZmJajVMkGvFqRk+LaWtyAH3Sgv2xw6dFJAzeD71q
b+pfQOAfuLg3xc78EjuMU7kfz5sCAwEAAaOCAqgwggKkMB0GA1UdDgQWBBTiEGhy
Hx2MYzogmx0h4qMR5CWz+TAfBgNVHSMEGDAWgBS+sFhv1uIHO9+XxP71avnFoJv0
UjAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2REJCMDUvMDc0NzQzNkMxOTU1MTFGMUExNzE0N0JDREFFNEVDOUMvdnJCWWI5
YmlCenZmbDhULTlXcjV4YUNiOUZJLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvdnJCWWI5YmlCenZmbDhULTlXcjV4YUNiOUZJLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2REJCMDUvMDc0NzQzNkMxOTU1MTFGMUExNzE0N0JDREFF
NEVDOUMvMTI4NTRBNTQzNDIwMTFGMUIxQjNGRUUzQ0UxRDM4QjAucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACwPfcACADANBgkqhkiG9w0B
AQsFAAOCAQEATPDwDLP271OUFdanhgF/fdr5RpR3z9ogEnjyZyN3g1x0dLIY76ft
58NsmO+OVGY0/IOxJFcNqaCZFAAKaeO6PHXUvN9lhuKZo468trkCXbehxNtqwf+e
UnblqoRT8Sd3wTEz0MXN94svMkIUTzEblUX1dEAx14rkfVSPuX5Q8LVDnpNbC2Wp
gYMQ+3ORgOEQ5eJy9p2Cd5ypq2M6WrlEy5+IdGtthi/TwueN3I0IYZ/PXIcn1y0t
vyxvn9W2iMvzyaVhrP0lmBqUxOj2Zs8elZeO2Deq+lfTxqBuweDR9yJmewhxzMoi
YsnIjsjBttQcygEwfQ0WJoP/EwVrwSYviQ==
-----END CERTIFICATE-----
Generated at Sun Apr 19 09:34:35 2026 by rpki-client