Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36FE1EA/0781C770806F11EEADC9ED584AD9E6FC/907AE44E372911F19B1EF3D5CE1D38B0.roa
File: 907AE44E372911F19B1EF3D5CE1D38B0.roa (raw, json)
Hash identifier: MqVhSCk+71RqhtaG0S/MMVRPLx0GRDBOkhxj/0JtTTE=
Subject key identifier: 25:5E:1F:68:78:1D:AC:3E:16:A6:BC:80:3A:62:B6:93:15:B5:99:92
Certificate issuer: /CN=F36FE1EAAF/serialNumber=07B87D94F04489356641339DE69164477D8FFA43
Certificate serial: 039C
Authority key identifier: 07:B8:7D:94:F0:44:89:35:66:41:33:9D:E6:91:64:47:7D:8F:FA:43
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/B7h9lPBEiTVmQTOd5pFkR32P-kM.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36FE1EA/0781C770806F11EEADC9ED584AD9E6FC/907AE44E372911F19B1EF3D5CE1D38B0.roa
Signing time: Mon 13 Apr 2026 11:11:48 +0000
ROA not before: Mon 13 Apr 2026 11:11:44 +0000
ROA not after: Wed 31 Dec 2036 11:11:44 +0000
asID: 328427
IP address blocks: 102.68.136.0/22 maxlen: 32
2c0f:16c0::/32 maxlen: 128
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36FE1EA/0781C770806F11EEADC9ED584AD9E6FC/B7h9lPBEiTVmQTOd5pFkR32P-kM.crl
rsync://rpki.afrinic.net/repository/member_repository/F36FE1EA/0781C770806F11EEADC9ED584AD9E6FC/B7h9lPBEiTVmQTOd5pFkR32P-kM.mft
rsync://rpki.afrinic.net/repository/afrinic/B7h9lPBEiTVmQTOd5pFkR32P-kM.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 19 Apr 2026 03:48:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 924 (0x39c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36FE1EAAF, serialNumber=07B87D94F04489356641339DE69164477D8FFA43
Validity
Not Before: Apr 13 11:11:44 2026 GMT
Not After : Dec 31 11:11:44 2036 GMT
Subject: CN=69dccf74-550c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:c6:93:7a:71:52:dc:7a:37:f0:23:08:e8:09:
c8:e7:86:e8:83:95:30:51:a0:1d:e3:d2:05:dc:9d:
94:22:4a:1b:f7:8c:0d:21:a7:c4:eb:20:5e:a9:41:
ee:08:d2:8c:58:83:c6:96:37:97:01:6a:a2:fb:b0:
85:d1:bf:db:d7:85:c4:9f:98:d4:cb:64:0f:a9:f2:
47:91:f6:de:16:4d:cd:cc:b2:a7:a2:0d:a1:fc:b6:
6a:5b:d8:3e:c5:ba:0c:63:37:d9:40:d2:fb:33:ea:
75:ae:ab:6f:18:45:7c:80:ca:be:d4:58:29:75:ca:
e3:9c:ba:da:d8:99:8f:b1:9f:71:6d:0a:b2:3b:0f:
10:27:d0:b8:99:75:4b:72:4b:8c:79:24:e8:d2:ee:
1b:63:fb:93:c4:6b:30:ea:81:91:9c:1a:92:69:02:
3d:41:e4:19:f4:b7:df:8f:ae:5f:4a:aa:fd:f6:ab:
fa:f5:0c:24:bf:e4:00:bc:a3:77:ac:94:1b:9b:22:
6e:70:56:7b:36:a7:75:d8:5b:02:41:51:25:a8:62:
ba:63:32:07:2a:0a:bc:2f:b1:fc:44:f9:80:56:22:
7a:a5:c7:13:06:41:8f:91:20:96:f0:41:b6:1c:6f:
4b:cd:3e:67:51:c7:eb:6b:0a:a0:17:4d:f2:e8:d5:
25:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:5E:1F:68:78:1D:AC:3E:16:A6:BC:80:3A:62:B6:93:15:B5:99:92
X509v3 Authority Key Identifier:
keyid:07:B8:7D:94:F0:44:89:35:66:41:33:9D:E6:91:64:47:7D:8F:FA:43
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36FE1EA/0781C770806F11EEADC9ED584AD9E6FC/B7h9lPBEiTVmQTOd5pFkR32P-kM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/B7h9lPBEiTVmQTOd5pFkR32P-kM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36FE1EA/0781C770806F11EEADC9ED584AD9E6FC/907AE44E372911F19B1EF3D5CE1D38B0.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.68.136.0/22
IPv6:
2c0f:16c0::/32
Signature Algorithm: sha256WithRSAEncryption
96:d1:a4:f9:08:eb:7c:fc:90:27:a8:84:95:12:df:bf:25:ae:
98:0d:82:ae:d7:b5:4e:3a:3e:74:95:69:d1:61:ba:0d:97:e4:
6b:1a:e2:81:99:31:3e:07:d5:f9:09:54:1a:15:52:57:36:5c:
05:5d:e9:5f:ad:9a:03:5c:02:ca:c0:c6:15:4b:e7:04:3b:61:
ba:47:96:fb:1e:d5:5a:df:1f:37:28:e0:94:bc:66:92:44:68:
bb:39:24:16:bd:75:96:29:96:ee:db:08:2c:64:c1:17:37:74:
2b:a4:10:d4:7b:dc:86:5d:24:7d:ec:d7:59:4d:b2:db:81:75:
39:11:52:8b:9c:e9:66:af:38:9b:04:10:8c:cd:0f:c7:da:9c:
ee:2e:7f:1d:4b:37:3b:ad:84:f1:47:3e:f6:a2:31:74:8e:4c:
42:22:da:b9:56:2e:9f:f0:3e:08:14:c2:d5:82:4c:bd:1a:84:
c0:c1:3e:40:88:5e:75:67:a9:25:1a:49:52:cf:b9:37:74:ed:
8f:5d:93:5c:fd:e7:48:6a:ca:3e:48:70:da:d5:b2:ec:59:77:
81:36:00:ec:eb:90:e9:00:de:dd:34:7f:3b:d3:5d:d2:15:8e:
2a:5c:8d:b7:f9:fd:8c:6d:1b:07:5b:6b:e4:5d:c1:ed:41:c6:
24:4d:34:0f
-----BEGIN CERTIFICATE-----
MIIFkjCCBHqgAwIBAgICA5wwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
RkUxRUFBRjExMC8GA1UEBRMoMDdCODdEOTRGMDQ0ODkzNTY2NDEzMzlERTY5MTY0
NDc3RDhGRkE0MzAeFw0yNjA0MTMxMTExNDRaFw0zNjEyMzExMTExNDRaMBgxFjAU
BgNVBAMTDTY5ZGNjZjc0LTU1MGMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQCnxpN6cVLcejfwIwjoCcjnhuiDlTBRoB3j0gXcnZQiShv3jA0hp8TrIF6p
Qe4I0oxYg8aWN5cBaqL7sIXRv9vXhcSfmNTLZA+p8keR9t4WTc3MsqeiDaH8tmpb
2D7FugxjN9lA0vsz6nWuq28YRXyAyr7UWCl1yuOcutrYmY+xn3FtCrI7DxAn0LiZ
dUtyS4x5JOjS7htj+5PEazDqgZGcGpJpAj1B5Bn0t9+Prl9Kqv32q/r1DCS/5AC8
o3eslBubIm5wVns2p3XYWwJBUSWoYrpjMgcqCrwvsfxE+YBWInqlxxMGQY+RIJbw
QbYcb0vNPmdRx+trCqAXTfLo1SWDAgMBAAGjggK0MIICsDAdBgNVHQ4EFgQUJV4f
aHgdrD4WpryAOmK2kxW1mZIwHwYDVR0jBBgwFoAUB7h9lPBEiTVmQTOd5pFkR32P
+kMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNkZFMUVBLzA3ODFDNzcwODA2RjExRUVBREM5RUQ1ODRBRDlFNkZDL0I3aDls
UEJFaVRWbVFUT2Q1cEZrUjMyUC1rTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0I3aDlsUEJFaVRWbVFUT2Q1cEZrUjMyUC1rTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNkZFMUVBLzA3ODFDNzcwODA2RjExRUVBREM5RUQ1ODRB
RDlFNkZDLzkwN0FFNDRFMzcyOTExRjE5QjFFRjNENUNFMUQzOEIwLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwLgYIKwYBBQUHAQcBAf8EHzAdMAwEAgABMAYDBAJmRIgwDQQCAAIwBwMFACwP
FsAwDQYJKoZIhvcNAQELBQADggEBAJbRpPkI63z8kCeohJUS378lrpgNgq7XtU46
PnSVadFhug2X5Gsa4oGZMT4H1fkJVBoVUlc2XAVd6V+tmgNcAsrAxhVL5wQ7YbpH
lvse1VrfHzco4JS8ZpJEaLs5JBa9dZYplu7bCCxkwRc3dCukENR73IZdJH3s11lN
stuBdTkRUouc6WavOJsEEIzND8fanO4ufx1LNzuthPFHPvaiMXSOTEIi2rlWLp/w
PggUwtWCTL0ahMDBPkCIXnVnqSUaSVLPuTd07Y9dk1z950hqyj5IcNrVsuxZd4E2
AOzrkOkA3t00fzvTXdIVjipcjbf5/YxtGwdba+Rdwe1BxiRNNA8=
-----END CERTIFICATE-----
Generated at Fri Apr 17 17:28:28 2026 by rpki-client