Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3641110/59627DEC193711F18063378ADAE4EC9C/70AA590E1E2B11F196DC24ADDAE4EC9C.roa
File: 70AA590E1E2B11F196DC24ADDAE4EC9C.roa (raw, json)
Hash identifier: uMkdtVFtuvQqxiv3P3QzJvhJoUMANuEicE2OUjLsOMI=
Subject key identifier: 41:00:34:04:AD:A6:31:5F:B9:E0:73:26:7B:EA:2B:59:89:34:8F:11
Certificate issuer: /CN=F3641110AF/serialNumber=0F891D2FD154785DC3E6B3C79667646C0BB4F56D
Certificate serial: 17
Authority key identifier: 0F:89:1D:2F:D1:54:78:5D:C3:E6:B3:C7:96:67:64:6C:0B:B4:F5:6D
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/D4kdL9FUeF3D5rPHlmdkbAu09W0.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3641110/59627DEC193711F18063378ADAE4EC9C/70AA590E1E2B11F196DC24ADDAE4EC9C.roa
Signing time: Thu 12 Mar 2026 15:52:15 +0000
ROA not before: Thu 12 Mar 2026 15:52:11 +0000
ROA not after: Mon 31 Mar 2036 15:52:11 +0000
asID: 43256
IP address blocks: 197.215.221.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F3641110/59627DEC193711F18063378ADAE4EC9C/D4kdL9FUeF3D5rPHlmdkbAu09W0.crl
rsync://rpki.afrinic.net/repository/member_repository/F3641110/59627DEC193711F18063378ADAE4EC9C/D4kdL9FUeF3D5rPHlmdkbAu09W0.mft
rsync://rpki.afrinic.net/repository/afrinic/D4kdL9FUeF3D5rPHlmdkbAu09W0.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Wed 25 Mar 2026 00:06:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 23 (0x17)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3641110AF, serialNumber=0F891D2FD154785DC3E6B3C79667646C0BB4F56D
Validity
Not Before: Mar 12 15:52:11 2026 GMT
Not After : Mar 31 15:52:11 2036 GMT
Subject: CN=69b2e12f-51bb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:3e:18:00:b7:e5:1c:a4:9a:93:7e:22:41:cb:
96:24:a0:0d:56:6f:b1:9b:c9:fb:c9:89:5c:14:d4:
5b:14:77:b9:38:2c:d4:73:db:46:e6:0f:7a:77:47:
98:6d:41:38:71:aa:b2:66:67:32:82:e6:23:cf:ef:
b0:8f:cb:0d:11:27:96:54:c9:ad:93:88:62:8f:e7:
41:82:d5:41:dd:a3:da:b3:b6:f6:78:74:a8:12:0c:
5f:a5:52:bb:00:64:e7:ce:35:f8:57:96:cf:1e:2c:
e3:07:ac:86:f6:a1:81:91:1d:89:66:12:b9:41:1d:
65:4f:9a:83:bb:2c:f6:de:37:e4:1d:d5:c5:a1:97:
9d:19:4f:0a:8d:22:e0:84:ae:28:f3:d8:82:ee:c9:
92:a6:f4:61:08:17:94:a4:c7:51:91:16:09:c1:f8:
a4:4a:af:8c:89:b0:64:f6:2d:24:a9:c3:98:7d:ec:
32:1f:44:09:61:5a:56:7f:7f:12:2d:6f:6b:8d:84:
8a:8e:4b:43:b0:9b:ef:73:ad:44:b4:e7:70:1c:03:
de:e6:51:72:7b:71:44:ec:08:63:75:c4:f5:a8:c7:
e3:52:d5:9b:fd:33:80:1e:06:72:d9:d4:02:0d:77:
59:17:14:76:af:65:83:c3:32:45:35:7a:e1:5c:ea:
04:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:00:34:04:AD:A6:31:5F:B9:E0:73:26:7B:EA:2B:59:89:34:8F:11
X509v3 Authority Key Identifier:
keyid:0F:89:1D:2F:D1:54:78:5D:C3:E6:B3:C7:96:67:64:6C:0B:B4:F5:6D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3641110/59627DEC193711F18063378ADAE4EC9C/D4kdL9FUeF3D5rPHlmdkbAu09W0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/D4kdL9FUeF3D5rPHlmdkbAu09W0.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3641110/59627DEC193711F18063378ADAE4EC9C/70AA590E1E2B11F196DC24ADDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
197.215.221.0/24
Signature Algorithm: sha256WithRSAEncryption
7b:56:c3:f3:e2:a4:f5:08:ef:a8:fa:22:f7:1e:c1:1f:85:7a:
fa:90:99:1d:b6:49:f9:c2:25:20:c3:d9:bb:56:7e:fc:6f:e6:
1e:a7:98:f6:06:0f:30:e1:8d:6b:b5:ac:02:16:fe:91:8b:78:
da:93:32:dc:ac:d5:16:94:31:65:cc:08:87:d8:cb:7b:1f:72:
2d:66:f5:88:a8:17:52:a0:75:9d:4b:93:ca:a6:01:f6:52:ca:
ab:0d:bc:5c:86:9a:ef:28:2d:e7:3d:c8:db:f8:a2:38:44:88:
d0:b5:c9:e3:91:32:b6:ce:b2:b4:70:a4:6c:6d:db:d2:62:78:
fd:72:f3:1c:68:18:d4:56:3c:51:e6:01:65:b3:28:e9:e9:4e:
8b:3e:99:11:a6:16:a8:02:d2:22:78:03:4a:68:c2:63:a6:85:
94:76:1c:fc:fd:53:46:9a:49:5b:63:64:7f:ba:c2:32:9c:d9:
53:11:df:0f:82:e4:ce:81:e4:4f:08:33:50:e3:12:76:0b:cd:
1c:43:7a:a9:6d:68:f1:57:e0:d9:f8:33:1c:80:7a:d2:7f:ab:
7d:af:fa:99:26:4c:94:d6:e2:8c:8a:b0:e1:80:6c:87:56:a2:
aa:72:f2:da:f9:63:40:32:30:b2:e1:d6:31:89:0b:b2:0e:7d:
92:f9:06:21
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgIBFzANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzY0
MTExMEFGMTEwLwYDVQQFEygwRjg5MUQyRkQxNTQ3ODVEQzNFNkIzQzc5NjY3NjQ2
QzBCQjRGNTZEMB4XDTI2MDMxMjE1NTIxMVoXDTM2MDMzMTE1NTIxMVowGDEWMBQG
A1UEAxMNNjliMmUxMmYtNTFiYjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMs+GAC35RykmpN+IkHLliSgDVZvsZvJ+8mJXBTUWxR3uTgs1HPbRuYPendH
mG1BOHGqsmZnMoLmI8/vsI/LDREnllTJrZOIYo/nQYLVQd2j2rO29nh0qBIMX6VS
uwBk5841+FeWzx4s4weshvahgZEdiWYSuUEdZU+ag7ss9t435B3VxaGXnRlPCo0i
4ISuKPPYgu7Jkqb0YQgXlKTHUZEWCcH4pEqvjImwZPYtJKnDmH3sMh9ECWFaVn9/
Ei1va42Eio5LQ7Cb73OtRLTncBwD3uZRcntxROwIY3XE9ajH41LVm/0zgB4GctnU
Ag13WRcUdq9lg8MyRTV64VzqBBcCAwEAAaOCAqUwggKhMB0GA1UdDgQWBBRBADQE
raYxX7ngcyZ76itZiTSPETAfBgNVHSMEGDAWgBQPiR0v0VR4XcPms8eWZ2RsC7T1
bTAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2NDExMTAvNTk2MjdERUMxOTM3MTFGMTgwNjMzNzhBREFFNEVDOUMvRDRrZEw5
RlVlRjNENXJQSGxtZGtiQXUwOVcwLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvRDRrZEw5RlVlRjNENXJQSGxtZGtiQXUwOVcwLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2NDExMTAvNTk2MjdERUMxOTM3MTFGMTgwNjMzNzhBREFF
NEVDOUMvNzBBQTU5MEUxRTJCMTFGMTk2REMyNEFEREFFNEVDOUMucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMXX3TANBgkqhkiG9w0BAQsF
AAOCAQEAe1bD8+Kk9QjvqPoi9x7BH4V6+pCZHbZJ+cIlIMPZu1Z+/G/mHqeY9gYP
MOGNa7WsAhb+kYt42pMy3KzVFpQxZcwIh9jLex9yLWb1iKgXUqB1nUuTyqYB9lLK
qw28XIaa7ygt5z3I2/iiOESI0LXJ45Eyts6ytHCkbG3b0mJ4/XLzHGgY1FY8UeYB
ZbMo6elOiz6ZEaYWqALSIngDSmjCY6aFlHYc/P1TRppJW2Nkf7rCMpzZUxHfD4Lk
zoHkTwgzUOMSdgvNHEN6qW1o8Vfg2fgzHIB60n+rfa/6mSZMlNbijIqw4YBsh1ai
qnLy2vljQDIwsuHWMYkLsg59kvkGIQ==
-----END CERTIFICATE-----
Generated at Mon Mar 23 11:48:02 2026 by rpki-client