Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36DBB05/0747436C195511F1A17147BCDAE4EC9C/3DF747BE342011F1A6EBDFE5CE1D38B0.roa
File: 3DF747BE342011F1A6EBDFE5CE1D38B0.roa (raw, json)
Hash identifier: 2JX7YfxLCoLtjBk/3MPBmLjpXRWBo37oy7tpgRQ6qiw=
Subject key identifier: 2D:29:B8:E8:60:85:CC:C9:34:AB:D1:01:AA:98:BC:1E:43:D1:6A:BB
Certificate issuer: /CN=F36DBB05AF/serialNumber=BEB0586FD6E2073BDF97C4FEF56AF9C5A09BF452
Certificate serial: 36
Authority key identifier: BE:B0:58:6F:D6:E2:07:3B:DF:97:C4:FE:F5:6A:F9:C5:A0:9B:F4:52
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/vrBYb9biBzvfl8T-9Wr5xaCb9FI.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36DBB05/0747436C195511F1A17147BCDAE4EC9C/3DF747BE342011F1A6EBDFE5CE1D38B0.roa
Signing time: Thu 09 Apr 2026 14:27:31 +0000
ROA not before: Thu 09 Apr 2026 14:27:27 +0000
ROA not after: Wed 09 Apr 2036 14:27:27 +0000
asID: 329648
IP address blocks: 2c0f:7dc0:300::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36DBB05/0747436C195511F1A17147BCDAE4EC9C/vrBYb9biBzvfl8T-9Wr5xaCb9FI.crl
rsync://rpki.afrinic.net/repository/member_repository/F36DBB05/0747436C195511F1A17147BCDAE4EC9C/vrBYb9biBzvfl8T-9Wr5xaCb9FI.mft
rsync://rpki.afrinic.net/repository/afrinic/vrBYb9biBzvfl8T-9Wr5xaCb9FI.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 21 Apr 2026 00:07:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 54 (0x36)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36DBB05AF, serialNumber=BEB0586FD6E2073BDF97C4FEF56AF9C5A09BF452
Validity
Not Before: Apr 9 14:27:27 2026 GMT
Not After : Apr 9 14:27:27 2036 GMT
Subject: CN=69d7b753-ce0c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:f4:e4:74:8c:b7:d4:e9:a0:8b:84:c5:05:22:
90:83:b0:72:44:77:a6:a6:bf:b9:46:49:34:67:f3:
ca:c0:a8:cd:44:81:ec:3e:cc:55:a7:e1:2f:b9:0d:
ab:45:81:de:1d:49:ea:1e:1f:fd:04:0b:18:9d:c1:
42:e3:21:3a:6b:90:fc:a5:a0:24:41:71:d9:d9:f5:
87:a4:60:e6:a6:5d:bf:51:9e:53:d9:0e:b9:b0:8e:
92:98:62:c2:ce:ec:cc:bb:a2:6d:76:2c:16:61:a7:
17:8a:6a:e6:90:46:d0:f8:60:0f:90:7e:a3:ac:5a:
1c:69:4e:2e:6d:9b:4a:c9:c8:4d:e0:8b:e8:fb:56:
5a:4d:eb:4c:76:e7:8c:1f:e1:bc:b5:30:b2:3b:1a:
59:87:e1:b5:97:22:d8:f6:d3:2c:38:75:fc:10:ed:
7c:fe:8b:e1:5d:f1:ae:56:58:94:62:ff:4f:4b:8f:
9d:5f:4e:d7:f2:fa:1c:37:cf:5f:00:03:85:e5:4d:
19:25:00:bc:1a:eb:e8:d9:c5:77:aa:24:83:ec:56:
bc:66:70:89:23:eb:96:0e:69:d8:0a:cc:bc:58:a5:
a2:ce:03:5b:0f:44:cb:4b:66:43:8a:2b:05:54:05:
74:18:be:e3:8a:70:d0:66:5c:7f:bb:09:ad:6c:65:
5b:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:29:B8:E8:60:85:CC:C9:34:AB:D1:01:AA:98:BC:1E:43:D1:6A:BB
X509v3 Authority Key Identifier:
keyid:BE:B0:58:6F:D6:E2:07:3B:DF:97:C4:FE:F5:6A:F9:C5:A0:9B:F4:52
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36DBB05/0747436C195511F1A17147BCDAE4EC9C/vrBYb9biBzvfl8T-9Wr5xaCb9FI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/vrBYb9biBzvfl8T-9Wr5xaCb9FI.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36DBB05/0747436C195511F1A17147BCDAE4EC9C/3DF747BE342011F1A6EBDFE5CE1D38B0.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv6:
2c0f:7dc0:300::/48
Signature Algorithm: sha256WithRSAEncryption
3e:1f:b9:ed:f2:36:21:e2:f5:2b:ff:c4:5d:16:b5:85:be:28:
61:1f:47:3a:5a:78:0c:6a:6e:be:72:df:06:d3:d6:b7:8c:a4:
3c:9b:27:9b:8a:29:71:8a:7a:11:c9:95:82:dd:6b:86:2d:24:
0c:a7:60:80:14:6d:ca:7f:08:fe:88:12:fa:7e:bd:30:d0:f2:
51:a0:59:21:eb:2c:56:61:a8:92:90:ba:33:6c:ec:d7:cc:ca:
96:d8:13:b2:61:ee:62:78:c2:64:6d:e5:33:08:81:bc:ec:d6:
2c:27:b6:9e:49:12:84:ee:d9:56:30:a5:6f:5e:5b:d0:f1:2d:
40:93:18:9f:cb:9b:8a:21:9f:a1:4c:50:76:38:d5:70:61:6e:
b1:e6:31:3c:11:aa:0a:f4:45:a1:1a:f0:0d:1c:15:b6:67:10:
7f:bd:8e:b2:71:54:8f:c9:23:e5:c6:4d:9d:61:c0:78:65:1a:
a7:06:24:75:fd:44:91:9b:b6:97:79:b5:aa:9e:85:03:01:3a:
5b:ce:b6:e2:d9:4b:97:b4:db:f8:a7:8d:e9:3e:d9:51:a8:44:
6b:0b:2f:c8:a3:ee:ad:56:cc:e3:75:e7:31:f3:1b:57:32:f7:
f7:cf:19:99:02:cc:ee:7d:da:da:3f:17:f5:02:a4:2f:14:ae:
04:d7:d4:18
-----BEGIN CERTIFICATE-----
MIIFhTCCBG2gAwIBAgIBNjANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzZE
QkIwNUFGMTEwLwYDVQQFEyhCRUIwNTg2RkQ2RTIwNzNCREY5N0M0RkVGNTZBRjlD
NUEwOUJGNDUyMB4XDTI2MDQwOTE0MjcyN1oXDTM2MDQwOTE0MjcyN1owGDEWMBQG
A1UEAxMNNjlkN2I3NTMtY2UwYzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMP05HSMt9TpoIuExQUikIOwckR3pqa/uUZJNGfzysCozUSB7D7MVafhL7kN
q0WB3h1J6h4f/QQLGJ3BQuMhOmuQ/KWgJEFx2dn1h6Rg5qZdv1GeU9kOubCOkphi
ws7szLuibXYsFmGnF4pq5pBG0PhgD5B+o6xaHGlOLm2bSsnITeCL6PtWWk3rTHbn
jB/hvLUwsjsaWYfhtZci2PbTLDh1/BDtfP6L4V3xrlZYlGL/T0uPnV9O1/L6HDfP
XwADheVNGSUAvBrr6NnFd6okg+xWvGZwiSPrlg5p2ArMvFilos4DWw9Ey0tmQ4or
BVQFdBi+44pw0GZcf7sJrWxlWycCAwEAAaOCAqgwggKkMB0GA1UdDgQWBBQtKbjo
YIXMyTSr0QGqmLweQ9FquzAfBgNVHSMEGDAWgBS+sFhv1uIHO9+XxP71avnFoJv0
UjAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2REJCMDUvMDc0NzQzNkMxOTU1MTFGMUExNzE0N0JDREFFNEVDOUMvdnJCWWI5
YmlCenZmbDhULTlXcjV4YUNiOUZJLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvdnJCWWI5YmlCenZmbDhULTlXcjV4YUNiOUZJLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2REJCMDUvMDc0NzQzNkMxOTU1MTFGMUExNzE0N0JDREFF
NEVDOUMvM0RGNzQ3QkUzNDIwMTFGMUE2RUJERkU1Q0UxRDM4QjAucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACwPfcADADANBgkqhkiG9w0B
AQsFAAOCAQEAPh+57fI2IeL1K//EXRa1hb4oYR9HOlp4DGpuvnLfBtPWt4ykPJsn
m4opcYp6EcmVgt1rhi0kDKdggBRtyn8I/ogS+n69MNDyUaBZIessVmGokpC6M2zs
18zKltgTsmHuYnjCZG3lMwiBvOzWLCe2nkkShO7ZVjClb15b0PEtQJMYn8ubiiGf
oUxQdjjVcGFuseYxPBGqCvRFoRrwDRwVtmcQf72OsnFUj8kj5cZNnWHAeGUapwYk
df1EkZu2l3m1qp6FAwE6W8624tlLl7Tb+KeN6T7ZUahEawsvyKPurVbM43XnMfMb
VzL3988ZmQLM7n3a2j8X9QKkLxSuBNfUGA==
-----END CERTIFICATE-----
Generated at Sun Apr 19 10:50:24 2026 by rpki-client