Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3614659/6656DE746DF811ECBCC210765A40D577/97CCC2681C5C11F1AE1F85A3DAE4EC9C.roa
File: 97CCC2681C5C11F1AE1F85A3DAE4EC9C.roa (raw, json)
Hash identifier: DsBjO5rK+mU2qS73wFVI/SMQlpsQmkwrtPwNgodDHRk=
Subject key identifier: DA:E8:C5:F8:20:F0:CB:5B:83:FF:38:3D:7E:F7:EC:5A:E2:B9:68:D4
Certificate issuer: /CN=F3614659AF/serialNumber=60A0E5D1AC66C8AE3B7C9E6A8EF5BC04B8BBB88E
Certificate serial: 07ED
Authority key identifier: 60:A0:E5:D1:AC:66:C8:AE:3B:7C:9E:6A:8E:F5:BC:04:B8:BB:B8:8E
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/YKDl0axmyK47fJ5qjvW8BLi7uI4.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3614659/6656DE746DF811ECBCC210765A40D577/97CCC2681C5C11F1AE1F85A3DAE4EC9C.roa
Signing time: Tue 10 Mar 2026 08:39:04 +0000
ROA not before: Tue 10 Mar 2026 08:38:59 +0000
ROA not after: Sun 10 Mar 2030 08:38:59 +0000
asID: 834
IP address blocks: 102.216.81.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F3614659/6656DE746DF811ECBCC210765A40D577/YKDl0axmyK47fJ5qjvW8BLi7uI4.crl
rsync://rpki.afrinic.net/repository/member_repository/F3614659/6656DE746DF811ECBCC210765A40D577/YKDl0axmyK47fJ5qjvW8BLi7uI4.mft
rsync://rpki.afrinic.net/repository/afrinic/YKDl0axmyK47fJ5qjvW8BLi7uI4.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Wed 18 Mar 2026 02:21:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2029 (0x7ed)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3614659AF, serialNumber=60A0E5D1AC66C8AE3B7C9E6A8EF5BC04B8BBB88E
Validity
Not Before: Mar 10 08:38:59 2026 GMT
Not After : Mar 10 08:38:59 2030 GMT
Subject: CN=69afd8a8-b2cc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:b5:ef:e5:a9:3b:de:ff:b7:ff:d2:2a:86:c9:
6c:37:88:ad:25:4f:f2:c5:c8:5a:cc:67:70:99:7e:
a7:bf:bf:4a:7c:2d:98:b3:8b:5e:46:fc:8c:eb:c7:
ab:0d:70:eb:e3:f9:12:07:17:fb:04:92:0f:f9:cb:
34:08:11:bb:0c:8e:6a:a3:46:56:a3:d0:28:91:9c:
d5:13:58:ad:20:60:98:cd:68:45:e9:61:9c:41:74:
ac:c1:51:35:cf:dc:2b:b9:fe:62:c3:d8:73:8d:a2:
75:3d:a4:ff:d0:ea:aa:1b:4a:f8:47:12:74:ce:79:
a5:a0:1f:b2:d3:0e:cd:e5:cc:1c:e6:98:4b:ef:f0:
df:51:9b:fb:bb:1b:02:e4:f2:54:0e:88:c5:41:e7:
72:c8:04:45:70:62:3e:ce:ce:6b:f5:be:86:6b:f1:
1d:07:31:64:61:3f:91:e5:6d:4c:e3:e3:83:d7:36:
fe:1f:10:50:ad:24:a4:ca:42:21:93:ab:64:30:86:
c5:16:ef:3e:8b:4a:10:15:70:94:82:28:52:6d:ca:
1d:54:82:5c:0d:7e:95:ea:cc:80:e3:0a:7f:64:fe:
bc:e5:c8:9c:e2:70:77:ee:12:3e:2e:4b:63:7c:dc:
c9:a6:69:af:30:95:58:b5:43:0f:b4:d3:74:2a:c6:
13:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:E8:C5:F8:20:F0:CB:5B:83:FF:38:3D:7E:F7:EC:5A:E2:B9:68:D4
X509v3 Authority Key Identifier:
keyid:60:A0:E5:D1:AC:66:C8:AE:3B:7C:9E:6A:8E:F5:BC:04:B8:BB:B8:8E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3614659/6656DE746DF811ECBCC210765A40D577/YKDl0axmyK47fJ5qjvW8BLi7uI4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/YKDl0axmyK47fJ5qjvW8BLi7uI4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3614659/6656DE746DF811ECBCC210765A40D577/97CCC2681C5C11F1AE1F85A3DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.216.81.0/24
Signature Algorithm: sha256WithRSAEncryption
75:82:22:af:25:91:8f:22:f8:95:50:7c:d0:78:aa:a7:f0:b2:
79:1a:02:07:8b:dd:f9:73:30:ca:74:86:3d:ae:59:b4:43:4b:
b7:ed:0b:72:c1:98:60:68:01:4b:9f:1c:23:a8:b5:fe:d0:1f:
80:7f:a5:71:cf:f9:d0:5d:15:57:17:ef:11:1f:df:9c:28:ad:
98:9e:7d:c1:ae:1b:84:78:7d:b0:f2:ee:05:71:d2:9a:4d:fa:
82:58:64:23:63:fe:98:d7:70:55:aa:5c:72:15:7b:1e:f2:f1:
e3:d9:41:d3:b9:3e:ab:0d:8a:f8:3a:33:cf:16:6e:24:5c:25:
37:0c:75:83:74:2a:5e:b2:0f:b3:8f:04:33:f5:5b:73:a8:5b:
71:eb:17:1b:7a:d1:ba:8b:48:b8:b0:a5:6f:88:22:2b:b7:67:
e9:94:5e:47:74:74:fe:5d:77:81:da:aa:d4:09:56:ca:d0:bd:
a7:e9:57:7f:6a:f4:7f:2c:70:04:ec:dc:49:68:5f:4d:da:a5:
be:62:fb:8d:4d:3f:40:03:48:b9:5f:b2:50:3d:11:64:7c:9e:
9d:7d:43:db:68:c6:63:7c:83:9c:19:aa:01:c3:c2:ba:6a:f4:
a1:c2:9c:c9:cd:1d:8e:58:e5:b7:8a:fd:1d:48:64:f8:0d:cd:
52:f6:9f:94
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICB+0wDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
MTQ2NTlBRjExMC8GA1UEBRMoNjBBMEU1RDFBQzY2QzhBRTNCN0M5RTZBOEVGNUJD
MDRCOEJCQjg4RTAeFw0yNjAzMTAwODM4NTlaFw0zMDAzMTAwODM4NTlaMBgxFjAU
BgNVBAMTDTY5YWZkOGE4LWIyY2MwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDcte/lqTve/7f/0iqGyWw3iK0lT/LFyFrMZ3CZfqe/v0p8LZizi15G/Izr
x6sNcOvj+RIHF/sEkg/5yzQIEbsMjmqjRlaj0CiRnNUTWK0gYJjNaEXpYZxBdKzB
UTXP3Cu5/mLD2HONonU9pP/Q6qobSvhHEnTOeaWgH7LTDs3lzBzmmEvv8N9Rm/u7
GwLk8lQOiMVB53LIBEVwYj7Ozmv1voZr8R0HMWRhP5HlbUzj44PXNv4fEFCtJKTK
QiGTq2QwhsUW7z6LShAVcJSCKFJtyh1UglwNfpXqzIDjCn9k/rzlyJzicHfuEj4u
S2N83Mmmaa8wlVi1Qw+003QqxhP3AgMBAAGjggKlMIICoTAdBgNVHQ4EFgQU2ujF
+CDwy1uD/zg9fvfsWuK5aNQwHwYDVR0jBBgwFoAUYKDl0axmyK47fJ5qjvW8BLi7
uI4wDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjE0NjU5LzY2NTZERTc0NkRGODExRUNCQ0MyMTA3NjVBNDBENTc3L1lLRGww
YXhteUs0N2ZKNXFqdlc4QkxpN3VJNC5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL1lLRGwwYXhteUs0N2ZKNXFqdlc4QkxpN3VJNC5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjE0NjU5LzY2NTZERTc0NkRGODExRUNCQ0MyMTA3NjVB
NDBENTc3Lzk3Q0NDMjY4MUM1QzExRjFBRTFGODVBM0RBRTRFQzlDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABm2FEwDQYJKoZIhvcNAQEL
BQADggEBAHWCIq8lkY8i+JVQfNB4qqfwsnkaAgeL3flzMMp0hj2uWbRDS7ftC3LB
mGBoAUufHCOotf7QH4B/pXHP+dBdFVcX7xEf35worZiefcGuG4R4fbDy7gVx0ppN
+oJYZCNj/pjXcFWqXHIVex7y8ePZQdO5PqsNivg6M88WbiRcJTcMdYN0Kl6yD7OP
BDP1W3OoW3HrFxt60bqLSLiwpW+IIiu3Z+mUXkd0dP5dd4HaqtQJVsrQvafpV39q
9H8scATs3EloX03apb5i+41NP0ADSLlfslA9EWR8np19Q9toxmN8g5wZqgHDwrpq
9KHCnMnNHY5Y5beK/R1IZPgNzVL2n5Q=
-----END CERTIFICATE-----
Generated at Tue Mar 17 04:45:22 2026 by rpki-client