Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36389A7/817DE7503F0511F1A8B3FDFECE1D38B0/CCFE35183F0A11F181E5E91BCF1D38B0.roa
File: CCFE35183F0A11F181E5E91BCF1D38B0.roa (raw, json)
Hash identifier: E47585gvu1JN7Cv2RL9H7/HF9eVQoG0TjloqbMPCF0I=
Subject key identifier: 51:AC:9E:16:09:40:5F:23:36:BE:72:C6:1A:8D:B9:18:96:47:3B:0E
Certificate issuer: /CN=F36389A7AF/serialNumber=291E8D958C162120443873BE45CA7DA385DEA2DA
Certificate serial: 04
Authority key identifier: 29:1E:8D:95:8C:16:21:20:44:38:73:BE:45:CA:7D:A3:85:DE:A2:DA
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/KR6NlYwWISBEOHO-Rcp9o4Xeoto.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36389A7/817DE7503F0511F1A8B3FDFECE1D38B0/CCFE35183F0A11F181E5E91BCF1D38B0.roa
Signing time: Thu 23 Apr 2026 11:51:45 +0000
ROA not before: Thu 23 Apr 2026 11:51:40 +0000
ROA not after: Wed 23 Apr 2036 11:51:40 +0000
asID: 327773
IP address blocks: 102.223.252.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36389A7/817DE7503F0511F1A8B3FDFECE1D38B0/KR6NlYwWISBEOHO-Rcp9o4Xeoto.crl
rsync://rpki.afrinic.net/repository/member_repository/F36389A7/817DE7503F0511F1A8B3FDFECE1D38B0/KR6NlYwWISBEOHO-Rcp9o4Xeoto.mft
rsync://rpki.afrinic.net/repository/afrinic/KR6NlYwWISBEOHO-Rcp9o4Xeoto.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 09 May 2026 00:07:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4 (0x4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36389A7AF, serialNumber=291E8D958C162120443873BE45CA7DA385DEA2DA
Validity
Not Before: Apr 23 11:51:40 2026 GMT
Not After : Apr 23 11:51:40 2036 GMT
Subject: CN=69ea07d1-e990
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:21:3b:ed:e8:df:04:fd:b4:31:52:fc:7c:22:
cc:f6:f0:58:a5:e5:11:02:66:40:bf:1a:b5:65:23:
05:81:00:e0:e5:3a:30:56:23:53:c2:4d:c6:52:97:
cf:b8:b1:88:6c:dc:be:30:b5:dd:e9:d1:26:32:29:
a7:58:4b:67:66:b9:b7:84:53:ef:7b:39:31:eb:19:
1a:b5:0f:71:5c:7e:0c:b9:d9:ae:b7:bc:c6:9c:c8:
23:16:5b:fa:64:2b:3f:91:36:c6:51:56:70:a4:2c:
6a:88:c2:a4:87:89:ec:fe:7c:48:0f:33:48:27:c6:
60:68:77:73:2b:da:0d:73:6b:2b:fa:e3:d0:3e:57:
f0:48:40:f7:dd:6b:4e:aa:ac:37:ad:75:f9:69:72:
5d:70:cc:ea:c0:c1:04:88:79:27:31:a6:29:ee:71:
40:e6:5e:83:70:01:55:52:c8:d4:01:c9:c5:1e:1a:
49:12:e2:2b:6a:81:71:bd:cc:f4:f9:c7:62:71:44:
d4:a4:a9:6d:b0:02:2c:78:d7:92:3a:d1:79:cf:f4:
75:1a:fa:50:b0:02:a8:11:9a:34:7c:c2:5b:46:4e:
9e:55:78:db:3f:b0:a4:1e:a2:78:50:ba:8e:5c:c4:
95:51:20:4d:f9:dc:cf:a8:06:28:98:fa:8d:b8:56:
df:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:AC:9E:16:09:40:5F:23:36:BE:72:C6:1A:8D:B9:18:96:47:3B:0E
X509v3 Authority Key Identifier:
keyid:29:1E:8D:95:8C:16:21:20:44:38:73:BE:45:CA:7D:A3:85:DE:A2:DA
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36389A7/817DE7503F0511F1A8B3FDFECE1D38B0/KR6NlYwWISBEOHO-Rcp9o4Xeoto.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/KR6NlYwWISBEOHO-Rcp9o4Xeoto.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36389A7/817DE7503F0511F1A8B3FDFECE1D38B0/CCFE35183F0A11F181E5E91BCF1D38B0.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.223.252.0/23
Signature Algorithm: sha256WithRSAEncryption
40:04:d0:91:a1:31:38:4a:82:a4:89:f4:8f:16:62:c1:01:6b:
a6:f9:e4:ae:44:a7:be:01:12:e2:18:10:c7:d2:21:30:88:3b:
52:f3:ca:d3:30:9c:1f:c5:e6:eb:55:b5:22:2a:62:94:23:39:
7b:5a:22:0a:20:ce:56:ec:10:db:6c:48:e8:9a:c4:bf:2c:58:
8e:cf:69:af:06:9c:d9:87:0b:2b:9e:11:fb:7a:f9:21:85:a0:
53:2a:c8:9d:25:f1:a1:e8:a7:30:c2:38:21:8f:6b:ce:9b:e6:
6a:87:8e:18:ea:b3:0f:ad:3d:73:d0:a1:9d:ee:17:87:a1:ea:
b8:99:a7:26:2a:fd:3b:9d:97:4d:87:ab:88:b6:d4:4a:49:27:
fe:c5:25:27:8d:a8:9e:e0:68:7d:d2:de:32:4d:36:32:67:23:
10:fc:2f:41:35:0e:85:31:a0:35:9d:5d:35:a8:1f:c0:d5:5b:
36:cc:eb:e0:6d:76:22:46:82:93:89:e3:a0:cd:36:c3:5f:de:
50:b2:7e:e8:32:97:5d:74:3f:11:8a:ea:54:8c:bc:0a:51:de:
45:03:20:29:67:b0:eb:aa:11:65:c8:a9:2b:b0:c4:0a:48:f0:
02:53:89:88:14:e1:de:30:e7:40:44:dd:64:19:63:e5:61:db:
28:a7:e1:a9
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgIBBDANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzYz
ODlBN0FGMTEwLwYDVQQFEygyOTFFOEQ5NThDMTYyMTIwNDQzODczQkU0NUNBN0RB
Mzg1REVBMkRBMB4XDTI2MDQyMzExNTE0MFoXDTM2MDQyMzExNTE0MFowGDEWMBQG
A1UEAxMNNjllYTA3ZDEtZTk5MDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALYhO+3o3wT9tDFS/HwizPbwWKXlEQJmQL8atWUjBYEA4OU6MFYjU8JNxlKX
z7ixiGzcvjC13enRJjIpp1hLZ2a5t4RT73s5MesZGrUPcVx+DLnZrre8xpzIIxZb
+mQrP5E2xlFWcKQsaojCpIeJ7P58SA8zSCfGYGh3cyvaDXNrK/rj0D5X8EhA991r
TqqsN611+WlyXXDM6sDBBIh5JzGmKe5xQOZeg3ABVVLI1AHJxR4aSRLiK2qBcb3M
9PnHYnFE1KSpbbACLHjXkjrRec/0dRr6ULACqBGaNHzCW0ZOnlV42z+wpB6ieFC6
jlzElVEgTfncz6gGKJj6jbhW36kCAwEAAaOCAqUwggKhMB0GA1UdDgQWBBRRrJ4W
CUBfIza+csYajbkYlkc7DjAfBgNVHSMEGDAWgBQpHo2VjBYhIEQ4c75Fyn2jhd6i
2jAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2Mzg5QTcvODE3REU3NTAzRjA1MTFGMUE4QjNGREZFQ0UxRDM4QjAvS1I2TmxZ
d1dJU0JFT0hPLVJjcDlvNFhlb3RvLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvS1I2TmxZd1dJU0JFT0hPLVJjcDlvNFhlb3RvLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2Mzg5QTcvODE3REU3NTAzRjA1MTFGMUE4QjNGREZFQ0Ux
RDM4QjAvQ0NGRTM1MTgzRjBBMTFGMTgxRTVFOTFCQ0YxRDM4QjAucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAWbf/DANBgkqhkiG9w0BAQsF
AAOCAQEAQATQkaExOEqCpIn0jxZiwQFrpvnkrkSnvgES4hgQx9IhMIg7UvPK0zCc
H8Xm61W1IipilCM5e1oiCiDOVuwQ22xI6JrEvyxYjs9prwac2YcLK54R+3r5IYWg
UyrInSXxoeinMMI4IY9rzpvmaoeOGOqzD609c9Chne4Xh6HquJmnJir9O52XTYer
iLbUSkkn/sUlJ42onuBofdLeMk02MmcjEPwvQTUOhTGgNZ1dNagfwNVbNszr4G12
IkaCk4njoM02w1/eULJ+6DKXXXQ/EYrqVIy8ClHeRQMgKWew66oRZcipK7DECkjw
AlOJiBTh3jDnQETdZBlj5WHbKKfhqQ==
-----END CERTIFICATE-----
Generated at Thu May 7 22:27:31 2026 by rpki-client