Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36389A7/817DE7503F0511F1A8B3FDFECE1D38B0/7E30C2D43F0A11F19414901BCF1D38B0.roa
File: 7E30C2D43F0A11F19414901BCF1D38B0.roa (raw, json)
Hash identifier: a3fLxBrz8eR53/R7V1Vq4Dtsvla7z1WL/GBJqhWYWag=
Subject key identifier: A4:5B:31:7A:40:3E:DC:80:44:44:F9:E3:28:22:E8:8A:60:77:00:6B
Certificate issuer: /CN=F36389A7AF/serialNumber=291E8D958C162120443873BE45CA7DA385DEA2DA
Certificate serial: 02
Authority key identifier: 29:1E:8D:95:8C:16:21:20:44:38:73:BE:45:CA:7D:A3:85:DE:A2:DA
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/KR6NlYwWISBEOHO-Rcp9o4Xeoto.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36389A7/817DE7503F0511F1A8B3FDFECE1D38B0/7E30C2D43F0A11F19414901BCF1D38B0.roa
Signing time: Thu 23 Apr 2026 11:49:33 +0000
ROA not before: Thu 23 Apr 2026 11:49:28 +0000
ROA not after: Wed 23 Apr 2036 11:49:28 +0000
asID: 327773
IP address blocks: 196.10.122.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36389A7/817DE7503F0511F1A8B3FDFECE1D38B0/KR6NlYwWISBEOHO-Rcp9o4Xeoto.crl
rsync://rpki.afrinic.net/repository/member_repository/F36389A7/817DE7503F0511F1A8B3FDFECE1D38B0/KR6NlYwWISBEOHO-Rcp9o4Xeoto.mft
rsync://rpki.afrinic.net/repository/afrinic/KR6NlYwWISBEOHO-Rcp9o4Xeoto.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 09 May 2026 00:07:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36389A7AF, serialNumber=291E8D958C162120443873BE45CA7DA385DEA2DA
Validity
Not Before: Apr 23 11:49:28 2026 GMT
Not After : Apr 23 11:49:28 2036 GMT
Subject: CN=69ea074d-3918
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:3d:a7:fa:d1:f3:5d:c9:26:f8:5b:bb:ea:92:
5e:a0:b1:16:b6:92:07:7e:11:3e:03:c1:27:96:0a:
2e:02:9e:b9:0d:47:b9:a3:da:d8:ed:d3:eb:8b:b6:
3f:e2:d2:d9:b8:05:0d:ee:c5:9e:61:63:36:e0:85:
90:07:4b:04:5f:ba:1c:16:3a:7b:82:66:d4:bf:27:
41:8a:d8:99:ee:59:38:89:3e:46:09:f1:8b:ef:dc:
04:31:e0:84:32:41:e5:4b:03:3c:5e:8b:0e:50:95:
25:ec:8d:d9:f8:07:44:86:d8:b7:aa:f0:88:ac:d5:
60:a5:cf:b1:2c:87:8d:1d:f5:08:0c:ff:28:c5:59:
f4:f7:02:5a:30:fa:71:19:dd:3c:e0:d4:f2:5f:24:
1b:4b:62:5b:cc:78:da:bf:6a:f7:4c:75:39:99:b3:
c9:7b:f9:c0:7d:15:09:ca:aa:d2:55:d3:bc:3b:8d:
a7:85:d5:27:01:f0:0d:66:41:b8:a6:8a:ac:9f:68:
69:7e:6b:11:85:f9:b1:a9:f7:1a:23:b1:fb:a4:ad:
59:10:4c:a9:73:62:35:25:ad:18:f1:46:11:bf:be:
69:31:2f:9a:08:a3:6d:84:e9:f9:93:bd:e8:29:13:
9e:f6:bf:24:65:16:75:2d:e7:9d:bd:1d:87:94:7d:
59:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:5B:31:7A:40:3E:DC:80:44:44:F9:E3:28:22:E8:8A:60:77:00:6B
X509v3 Authority Key Identifier:
keyid:29:1E:8D:95:8C:16:21:20:44:38:73:BE:45:CA:7D:A3:85:DE:A2:DA
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36389A7/817DE7503F0511F1A8B3FDFECE1D38B0/KR6NlYwWISBEOHO-Rcp9o4Xeoto.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/KR6NlYwWISBEOHO-Rcp9o4Xeoto.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36389A7/817DE7503F0511F1A8B3FDFECE1D38B0/7E30C2D43F0A11F19414901BCF1D38B0.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
196.10.122.0/23
Signature Algorithm: sha256WithRSAEncryption
55:42:23:81:2d:65:84:a8:db:f2:20:9f:43:17:c7:cd:62:d5:
c3:4d:8f:cd:77:33:55:a7:d8:d5:8e:93:9e:bd:e6:2c:b5:58:
8f:65:91:ee:95:ec:de:51:55:29:99:f3:7c:86:ee:bc:29:2e:
4a:64:67:8a:ee:f9:5a:de:37:9d:b7:c7:0b:9a:0f:44:83:5c:
4a:9b:26:a2:1f:66:1b:21:1e:c7:8e:3c:be:cf:2b:08:47:04:
74:cf:52:d7:71:19:9e:23:00:6b:e3:ec:fb:1c:5a:6f:7c:88:
62:af:43:c9:80:e6:3e:47:2a:50:a3:f1:57:aa:85:18:60:b9:
d7:12:98:8e:dd:b1:a7:05:73:39:6f:02:3a:79:2e:0a:90:cf:
06:c2:73:39:6d:72:e7:a8:fe:d2:24:65:c7:b4:3e:14:d9:8e:
a1:70:3c:6a:db:14:f9:61:19:44:81:e1:11:00:73:92:5e:19:
b4:69:e6:de:7d:d3:0e:aa:44:da:07:b5:a8:48:0d:be:34:90:
25:da:1e:3d:62:ba:9b:20:02:61:63:a6:cf:34:3f:c2:e4:92:
4a:7d:2c:34:00:69:cb:a0:03:2b:04:69:48:5c:56:97:3f:9e:
d8:93:c1:6c:ff:61:29:ba:3b:c2:13:06:53:41:a0:54:b6:58:
0e:6f:a6:4d
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgIBAjANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzYz
ODlBN0FGMTEwLwYDVQQFEygyOTFFOEQ5NThDMTYyMTIwNDQzODczQkU0NUNBN0RB
Mzg1REVBMkRBMB4XDTI2MDQyMzExNDkyOFoXDTM2MDQyMzExNDkyOFowGDEWMBQG
A1UEAxMNNjllYTA3NGQtMzkxODCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALc9p/rR813JJvhbu+qSXqCxFraSB34RPgPBJ5YKLgKeuQ1HuaPa2O3T64u2
P+LS2bgFDe7FnmFjNuCFkAdLBF+6HBY6e4Jm1L8nQYrYme5ZOIk+Rgnxi+/cBDHg
hDJB5UsDPF6LDlCVJeyN2fgHRIbYt6rwiKzVYKXPsSyHjR31CAz/KMVZ9PcCWjD6
cRndPODU8l8kG0tiW8x42r9q90x1OZmzyXv5wH0VCcqq0lXTvDuNp4XVJwHwDWZB
uKaKrJ9oaX5rEYX5san3GiOx+6StWRBMqXNiNSWtGPFGEb++aTEvmgijbYTp+ZO9
6CkTnva/JGUWdS3nnb0dh5R9WS0CAwEAAaOCAqUwggKhMB0GA1UdDgQWBBSkWzF6
QD7cgERE+eMoIuiKYHcAazAfBgNVHSMEGDAWgBQpHo2VjBYhIEQ4c75Fyn2jhd6i
2jAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2Mzg5QTcvODE3REU3NTAzRjA1MTFGMUE4QjNGREZFQ0UxRDM4QjAvS1I2TmxZ
d1dJU0JFT0hPLVJjcDlvNFhlb3RvLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvS1I2TmxZd1dJU0JFT0hPLVJjcDlvNFhlb3RvLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2Mzg5QTcvODE3REU3NTAzRjA1MTFGMUE4QjNGREZFQ0Ux
RDM4QjAvN0UzMEMyRDQzRjBBMTFGMTk0MTQ5MDFCQ0YxRDM4QjAucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAcQKejANBgkqhkiG9w0BAQsF
AAOCAQEAVUIjgS1lhKjb8iCfQxfHzWLVw02PzXczVafY1Y6Tnr3mLLVYj2WR7pXs
3lFVKZnzfIbuvCkuSmRniu75Wt43nbfHC5oPRINcSpsmoh9mGyEex448vs8rCEcE
dM9S13EZniMAa+Ps+xxab3yIYq9DyYDmPkcqUKPxV6qFGGC51xKYjt2xpwVzOW8C
OnkuCpDPBsJzOW1y56j+0iRlx7Q+FNmOoXA8atsU+WEZRIHhEQBzkl4ZtGnm3n3T
DqpE2ge1qEgNvjSQJdoePWK6myACYWOmzzQ/wuSSSn0sNABpy6ADKwRpSFxWlz+e
2JPBbP9hKbo7whMGU0GgVLZYDm+mTQ==
-----END CERTIFICATE-----
Generated at Thu May 7 22:27:31 2026 by rpki-client