Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36DBB05/0747436C195511F1A17147BCDAE4EC9C/5F3F870C33ED11F180E878B3CE1D38B0.roa
File: 5F3F870C33ED11F180E878B3CE1D38B0.roa (raw, json)
Hash identifier: 7xialWnZN8O/jx++FVBr1LOwRlL8Ft6W6YRIeco4BCA=
Subject key identifier: 43:F7:DB:34:9D:3C:58:6B:B0:82:63:BB:4C:4C:EF:8B:5C:21:EA:A5
Certificate issuer: /CN=F36DBB05AF/serialNumber=BEB0586FD6E2073BDF97C4FEF56AF9C5A09BF452
Certificate serial: 28
Authority key identifier: BE:B0:58:6F:D6:E2:07:3B:DF:97:C4:FE:F5:6A:F9:C5:A0:9B:F4:52
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/vrBYb9biBzvfl8T-9Wr5xaCb9FI.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36DBB05/0747436C195511F1A17147BCDAE4EC9C/5F3F870C33ED11F180E878B3CE1D38B0.roa
Signing time: Thu 09 Apr 2026 08:23:23 +0000
ROA not before: Thu 09 Apr 2026 08:23:18 +0000
ROA not after: Wed 09 Apr 2036 08:23:18 +0000
asID: 329648
IP address blocks: 102.204.36.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36DBB05/0747436C195511F1A17147BCDAE4EC9C/vrBYb9biBzvfl8T-9Wr5xaCb9FI.crl
rsync://rpki.afrinic.net/repository/member_repository/F36DBB05/0747436C195511F1A17147BCDAE4EC9C/vrBYb9biBzvfl8T-9Wr5xaCb9FI.mft
rsync://rpki.afrinic.net/repository/afrinic/vrBYb9biBzvfl8T-9Wr5xaCb9FI.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 21 Apr 2026 00:07:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 40 (0x28)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36DBB05AF, serialNumber=BEB0586FD6E2073BDF97C4FEF56AF9C5A09BF452
Validity
Not Before: Apr 9 08:23:18 2026 GMT
Not After : Apr 9 08:23:18 2036 GMT
Subject: CN=69d761fa-937d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:7a:1a:bf:b8:9c:a4:23:66:2d:4e:86:9e:39:
fe:cb:7a:f9:03:5c:de:2d:74:cd:ce:88:80:3f:bb:
e3:65:b7:45:55:f5:17:ec:9b:b3:85:d1:92:50:ad:
ee:61:cb:f1:b7:86:a4:ba:11:8a:4e:53:32:4e:47:
32:67:63:89:23:49:82:98:e7:9a:b8:09:ec:84:d4:
36:b3:e1:37:c5:e4:ac:dd:32:38:d7:1e:07:ff:c4:
a1:2e:2c:d4:2b:35:f2:d7:f3:f8:69:ad:f4:07:72:
be:3c:c8:69:8a:11:99:49:c8:5b:f0:97:49:3b:8d:
9d:8c:e3:64:3c:48:5f:04:9b:c8:4b:1a:16:59:7c:
ed:0b:a4:2a:9a:d7:bc:ad:d7:42:82:a4:89:69:84:
e9:ba:1a:a4:4a:ed:a6:94:fe:e3:4f:c5:a0:55:86:
8d:2a:1e:d9:ba:45:12:1b:28:61:a4:cf:5a:e1:89:
52:b8:0b:ae:38:b8:ec:f6:12:54:30:45:65:9a:09:
d3:59:b0:15:71:bd:05:f8:6e:9e:83:6a:1a:4c:ba:
84:51:09:0d:d2:e3:7a:75:a3:b0:47:ae:b3:1e:e6:
24:1c:bd:58:79:71:7f:2c:34:aa:b5:a9:75:e3:21:
cd:9e:95:e4:7a:5b:2b:3c:39:86:ea:a5:66:51:e2:
4a:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:F7:DB:34:9D:3C:58:6B:B0:82:63:BB:4C:4C:EF:8B:5C:21:EA:A5
X509v3 Authority Key Identifier:
keyid:BE:B0:58:6F:D6:E2:07:3B:DF:97:C4:FE:F5:6A:F9:C5:A0:9B:F4:52
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36DBB05/0747436C195511F1A17147BCDAE4EC9C/vrBYb9biBzvfl8T-9Wr5xaCb9FI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/vrBYb9biBzvfl8T-9Wr5xaCb9FI.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36DBB05/0747436C195511F1A17147BCDAE4EC9C/5F3F870C33ED11F180E878B3CE1D38B0.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.204.36.0/24
Signature Algorithm: sha256WithRSAEncryption
a9:44:16:77:df:73:82:ff:05:a0:17:c4:62:c7:e0:85:4d:fe:
3f:cf:26:5e:29:32:25:46:c9:c6:30:03:01:26:60:15:67:3a:
fd:e7:ed:f4:ca:b4:78:ec:e6:e7:96:ab:1e:5c:66:f0:89:c0:
5d:6d:dd:11:01:5e:89:d4:98:be:84:d7:40:1d:d2:1b:26:2c:
88:b6:d0:b7:5a:a5:25:84:9c:f3:8c:42:4f:e2:9c:9e:ef:ce:
72:ff:34:89:98:52:74:de:8e:46:fa:99:99:ee:bd:4a:e5:7b:
d9:54:8b:ef:48:e8:4b:38:d2:28:34:12:92:a8:0a:22:5e:77:
f0:aa:14:0d:1d:1a:84:d7:a4:b8:06:9a:4d:38:8c:1e:ec:cb:
75:c8:b8:f7:42:fb:cf:05:6c:7f:3b:7f:3a:7c:57:d1:9a:f5:
5b:7e:46:8a:a3:32:ba:19:ff:90:9f:b6:54:ad:e0:67:c9:84:
f1:b9:81:b7:b3:ec:c0:3b:02:65:ea:8f:8c:c3:21:72:07:7d:
ba:ae:f5:0f:00:f3:f6:e8:62:3e:84:47:09:19:5f:fc:b4:19:
b8:23:3e:be:1a:c2:ef:05:77:c7:2f:54:e9:4d:4f:a6:7b:1c:
be:71:e7:0a:11:a3:6e:11:a1:5b:e8:6e:a3:39:6a:6f:d3:07:
f5:5c:8c:a2
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgIBKDANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzZE
QkIwNUFGMTEwLwYDVQQFEyhCRUIwNTg2RkQ2RTIwNzNCREY5N0M0RkVGNTZBRjlD
NUEwOUJGNDUyMB4XDTI2MDQwOTA4MjMxOFoXDTM2MDQwOTA4MjMxOFowGDEWMBQG
A1UEAxMNNjlkNzYxZmEtOTM3ZDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMB6Gr+4nKQjZi1Ohp45/st6+QNc3i10zc6IgD+742W3RVX1F+ybs4XRklCt
7mHL8beGpLoRik5TMk5HMmdjiSNJgpjnmrgJ7ITUNrPhN8XkrN0yONceB//EoS4s
1Cs18tfz+Gmt9AdyvjzIaYoRmUnIW/CXSTuNnYzjZDxIXwSbyEsaFll87QukKprX
vK3XQoKkiWmE6boapErtppT+40/FoFWGjSoe2bpFEhsoYaTPWuGJUrgLrji47PYS
VDBFZZoJ01mwFXG9BfhunoNqGky6hFEJDdLjenWjsEeusx7mJBy9WHlxfyw0qrWp
deMhzZ6V5HpbKzw5huqlZlHiSg8CAwEAAaOCAqUwggKhMB0GA1UdDgQWBBRD99s0
nTxYa7CCY7tMTO+LXCHqpTAfBgNVHSMEGDAWgBS+sFhv1uIHO9+XxP71avnFoJv0
UjAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2REJCMDUvMDc0NzQzNkMxOTU1MTFGMUExNzE0N0JDREFFNEVDOUMvdnJCWWI5
YmlCenZmbDhULTlXcjV4YUNiOUZJLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvdnJCWWI5YmlCenZmbDhULTlXcjV4YUNiOUZJLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2REJCMDUvMDc0NzQzNkMxOTU1MTFGMUExNzE0N0JDREFF
NEVDOUMvNUYzRjg3MEMzM0VEMTFGMTgwRTg3OEIzQ0UxRDM4QjAucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAGbMJDANBgkqhkiG9w0BAQsF
AAOCAQEAqUQWd99zgv8FoBfEYsfghU3+P88mXikyJUbJxjADASZgFWc6/eft9Mq0
eOzm55arHlxm8InAXW3dEQFeidSYvoTXQB3SGyYsiLbQt1qlJYSc84xCT+Kcnu/O
cv80iZhSdN6ORvqZme69SuV72VSL70joSzjSKDQSkqgKIl538KoUDR0ahNekuAaa
TTiMHuzLdci490L7zwVsfzt/OnxX0Zr1W35GiqMyuhn/kJ+2VK3gZ8mE8bmBt7Ps
wDsCZeqPjMMhcgd9uq71DwDz9uhiPoRHCRlf/LQZuCM+vhrC7wV3xy9U6U1Ppnsc
vnHnChGjbhGhW+huozlqb9MH9VyMog==
-----END CERTIFICATE-----
Generated at Sun Apr 19 09:34:34 2026 by rpki-client