Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3627134/10B356BC1CAB11F183CFB2E3DAE4EC9C/983C4B5A1FB411F1812591A5DAE4EC9C.roa
File: 983C4B5A1FB411F1812591A5DAE4EC9C.roa (raw, json)
Hash identifier: KTS5NXcJqrcHx2Os0cQ+8xYZ5R43eh886qLWcXd28MU=
Subject key identifier: E3:F6:06:A6:47:90:24:FC:C3:FD:25:A0:86:EA:3D:02:6E:37:5A:0E
Certificate issuer: /CN=F3627134AF/serialNumber=63A0465E1AB18BAA15DE07F627D9F85CC20C942E
Certificate serial: 0B
Authority key identifier: 63:A0:46:5E:1A:B1:8B:AA:15:DE:07:F6:27:D9:F8:5C:C2:0C:94:2E
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/Y6BGXhqxi6oV3gf2J9n4XMIMlC4.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3627134/10B356BC1CAB11F183CFB2E3DAE4EC9C/983C4B5A1FB411F1812591A5DAE4EC9C.roa
Signing time: Sat 14 Mar 2026 14:46:33 +0000
ROA not before: Sat 14 Mar 2026 14:46:29 +0000
ROA not after: Mon 31 Mar 2036 14:46:29 +0000
asID: 329170
IP address blocks: 102.214.72.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F3627134/10B356BC1CAB11F183CFB2E3DAE4EC9C/Y6BGXhqxi6oV3gf2J9n4XMIMlC4.crl
rsync://rpki.afrinic.net/repository/member_repository/F3627134/10B356BC1CAB11F183CFB2E3DAE4EC9C/Y6BGXhqxi6oV3gf2J9n4XMIMlC4.mft
rsync://rpki.afrinic.net/repository/afrinic/Y6BGXhqxi6oV3gf2J9n4XMIMlC4.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Wed 25 Mar 2026 00:06:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 11 (0xb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3627134AF, serialNumber=63A0465E1AB18BAA15DE07F627D9F85CC20C942E
Validity
Not Before: Mar 14 14:46:29 2026 GMT
Not After : Mar 31 14:46:29 2036 GMT
Subject: CN=69b574c9-3a3c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:e8:86:e9:b5:b6:8a:0e:1b:c3:fd:bd:7a:eb:
b3:18:69:72:02:76:3d:78:ae:08:16:67:3a:49:0d:
38:fa:24:df:01:aa:f9:4b:7e:94:27:ad:d0:68:b4:
d0:2c:3f:36:9a:94:fc:04:15:ce:5f:6a:3a:de:5f:
8b:61:d6:93:a0:90:4f:2f:cd:b9:c7:60:52:8d:68:
8f:39:7c:2b:a4:99:c0:fd:6f:80:13:f8:df:7c:44:
0c:3d:25:6e:d3:93:e8:81:9d:9f:27:f2:a1:20:9f:
7d:72:ae:d1:07:9f:f3:90:36:c9:3d:bb:ef:41:b1:
63:d9:86:5e:5b:8e:74:64:57:5d:ae:83:9c:8a:a4:
bb:4a:88:63:b1:4f:52:d3:1d:16:b0:3e:b7:a1:e4:
c5:93:49:66:7f:6c:14:16:cd:b2:d5:ac:96:0e:76:
c9:52:b5:9d:68:a7:ad:e7:0e:6e:fb:25:de:9e:78:
fa:39:70:5d:13:7b:f4:ae:33:3a:b5:4f:c3:c5:d8:
15:82:ed:16:b4:8f:be:4a:0e:71:a4:97:8e:47:d7:
fb:7f:65:4e:c6:fc:9e:1a:b0:09:89:b9:58:98:59:
37:53:2c:c2:1a:75:27:2d:c1:5c:2a:55:0b:c0:4f:
47:18:c3:fb:a1:04:7f:e8:0f:fb:b2:1d:74:f8:a8:
d7:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:F6:06:A6:47:90:24:FC:C3:FD:25:A0:86:EA:3D:02:6E:37:5A:0E
X509v3 Authority Key Identifier:
keyid:63:A0:46:5E:1A:B1:8B:AA:15:DE:07:F6:27:D9:F8:5C:C2:0C:94:2E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3627134/10B356BC1CAB11F183CFB2E3DAE4EC9C/Y6BGXhqxi6oV3gf2J9n4XMIMlC4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/Y6BGXhqxi6oV3gf2J9n4XMIMlC4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3627134/10B356BC1CAB11F183CFB2E3DAE4EC9C/983C4B5A1FB411F1812591A5DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.214.72.0/22
Signature Algorithm: sha256WithRSAEncryption
4f:b9:d5:6e:b6:e4:1d:f3:b4:0c:6d:db:e6:ff:00:17:39:a2:
62:bd:39:63:02:94:1d:31:e2:2f:c0:45:6f:c9:38:0a:2a:13:
4f:63:c7:6a:b1:6b:f0:3c:66:49:a6:81:0c:a8:d5:81:1c:b8:
df:5c:3e:b0:b7:5e:39:7a:08:72:60:5d:76:d5:36:f1:32:7d:
b6:6a:aa:44:98:df:07:9a:94:0c:93:02:46:d0:41:19:3a:ea:
cb:47:2d:46:f0:c5:ae:41:e4:a4:82:48:4c:4b:d5:f8:ac:37:
e8:b8:7a:41:55:76:de:51:d7:e2:d9:e1:4f:d7:6a:31:f4:da:
07:a8:a8:7a:36:f3:e2:c1:b2:fb:ac:61:79:a0:f5:13:e4:4d:
16:f3:b6:71:ae:64:5f:a0:19:50:21:ee:09:8e:cd:ee:4b:1f:
17:fa:4e:fe:e7:1f:f2:d7:df:5f:f9:f7:24:5c:bc:8b:78:44:
48:f7:e8:e9:08:a8:ba:a0:48:29:90:43:ae:91:da:7a:0e:69:
d4:ab:bc:fd:14:be:54:07:42:3c:28:33:c9:89:c7:f0:5c:2e:
70:89:e1:0a:d5:5e:13:20:d8:19:55:dd:28:94:42:27:23:2e:
02:77:5d:6f:22:63:8c:57:9b:44:40:9f:f1:8c:7c:1c:03:84:
ea:0d:ff:2a
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgIBCzANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzYy
NzEzNEFGMTEwLwYDVQQFEyg2M0EwNDY1RTFBQjE4QkFBMTVERTA3RjYyN0Q5Rjg1
Q0MyMEM5NDJFMB4XDTI2MDMxNDE0NDYyOVoXDTM2MDMzMTE0NDYyOVowGDEWMBQG
A1UEAxMNNjliNTc0YzktM2EzYzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJ7ohum1tooOG8P9vXrrsxhpcgJ2PXiuCBZnOkkNOPok3wGq+Ut+lCet0Gi0
0Cw/NpqU/AQVzl9qOt5fi2HWk6CQTy/NucdgUo1ojzl8K6SZwP1vgBP433xEDD0l
btOT6IGdnyfyoSCffXKu0Qef85A2yT2770GxY9mGXluOdGRXXa6DnIqku0qIY7FP
UtMdFrA+t6HkxZNJZn9sFBbNstWslg52yVK1nWinrecObvsl3p54+jlwXRN79K4z
OrVPw8XYFYLtFrSPvkoOcaSXjkfX+39lTsb8nhqwCYm5WJhZN1Mswhp1Jy3BXCpV
C8BPRxjD+6EEf+gP+7IddPio1zsCAwEAAaOCAqUwggKhMB0GA1UdDgQWBBTj9gam
R5Ak/MP9JaCG6j0CbjdaDjAfBgNVHSMEGDAWgBRjoEZeGrGLqhXeB/Yn2fhcwgyU
LjAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2MjcxMzQvMTBCMzU2QkMxQ0FCMTFGMTgzQ0ZCMkUzREFFNEVDOUMvWTZCR1ho
cXhpNm9WM2dmMko5bjRYTUlNbEM0LmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvWTZCR1hocXhpNm9WM2dmMko5bjRYTUlNbEM0LmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2MjcxMzQvMTBCMzU2QkMxQ0FCMTFGMTgzQ0ZCMkUzREFF
NEVDOUMvOTgzQzRCNUExRkI0MTFGMTgxMjU5MUE1REFFNEVDOUMucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAmbWSDANBgkqhkiG9w0BAQsF
AAOCAQEAT7nVbrbkHfO0DG3b5v8AFzmiYr05YwKUHTHiL8BFb8k4CioTT2PHarFr
8DxmSaaBDKjVgRy431w+sLdeOXoIcmBddtU28TJ9tmqqRJjfB5qUDJMCRtBBGTrq
y0ctRvDFrkHkpIJITEvV+Kw36Lh6QVV23lHX4tnhT9dqMfTaB6ioejbz4sGy+6xh
eaD1E+RNFvO2ca5kX6AZUCHuCY7N7ksfF/pO/ucf8tffX/n3JFy8i3hESPfo6Qio
uqBIKZBDrpHaeg5p1Ku8/RS+VAdCPCgzyYnH8FwucInhCtVeEyDYGVXdKJRCJyMu
AnddbyJjjFebRECf8Yx8HAOE6g3/Kg==
-----END CERTIFICATE-----
Generated at Mon Mar 23 11:54:34 2026 by rpki-client