Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3641110/59627DEC193711F18063378ADAE4EC9C/A90F75EA1E2B11F1A74454ADDAE4EC9C.roa
File: A90F75EA1E2B11F1A74454ADDAE4EC9C.roa (raw, json)
Hash identifier: l0pI77i/3rExThBukFhyhrFHwyUmiyAZc83nnRzr++8=
Subject key identifier: 28:1E:04:F4:59:89:62:27:1B:14:0E:B6:0D:A8:2B:CF:46:8B:FD:D8
Certificate issuer: /CN=F3641110AF/serialNumber=0F891D2FD154785DC3E6B3C79667646C0BB4F56D
Certificate serial: 1A
Authority key identifier: 0F:89:1D:2F:D1:54:78:5D:C3:E6:B3:C7:96:67:64:6C:0B:B4:F5:6D
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/D4kdL9FUeF3D5rPHlmdkbAu09W0.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3641110/59627DEC193711F18063378ADAE4EC9C/A90F75EA1E2B11F1A74454ADDAE4EC9C.roa
Signing time: Thu 12 Mar 2026 15:53:49 +0000
ROA not before: Thu 12 Mar 2026 15:53:45 +0000
ROA not after: Mon 31 Mar 2036 15:53:45 +0000
asID: 43256
IP address blocks: 197.215.220.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F3641110/59627DEC193711F18063378ADAE4EC9C/D4kdL9FUeF3D5rPHlmdkbAu09W0.crl
rsync://rpki.afrinic.net/repository/member_repository/F3641110/59627DEC193711F18063378ADAE4EC9C/D4kdL9FUeF3D5rPHlmdkbAu09W0.mft
rsync://rpki.afrinic.net/repository/afrinic/D4kdL9FUeF3D5rPHlmdkbAu09W0.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Wed 25 Mar 2026 00:06:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 26 (0x1a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3641110AF, serialNumber=0F891D2FD154785DC3E6B3C79667646C0BB4F56D
Validity
Not Before: Mar 12 15:53:45 2026 GMT
Not After : Mar 31 15:53:45 2036 GMT
Subject: CN=69b2e18d-baf9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:a1:82:81:fa:36:d3:c7:13:a9:c8:b1:c0:14:
63:1f:48:ee:39:2d:6f:3c:ac:6b:10:54:a4:a7:5c:
3b:8c:8e:50:e7:af:b6:9c:c3:86:49:00:d0:3b:5c:
50:21:3e:df:1a:ae:55:3e:77:5c:19:7b:7b:fc:f4:
a9:bf:cc:86:bf:a4:e9:13:a0:7c:75:37:b1:84:3b:
24:fb:d9:3c:a7:cd:d5:cd:a1:ea:31:fe:c3:bd:c7:
67:bb:4f:58:18:8c:d5:70:f4:4e:53:ce:b8:95:fb:
09:0b:e1:bc:db:33:63:03:87:3c:13:85:b2:88:67:
7c:13:af:fa:f4:1c:02:88:ab:f0:12:33:10:1d:a5:
c1:b5:dc:b8:ae:ee:53:95:7d:84:65:80:5b:90:2b:
c7:e4:a5:8e:a9:f2:26:6c:ed:26:f3:83:6d:5a:6d:
57:a7:10:85:eb:16:c1:41:03:66:6a:11:4b:7a:02:
cb:e2:8b:21:d5:78:bb:32:d3:90:aa:04:38:c9:11:
73:3d:b5:c4:18:a8:34:c6:81:5a:5a:fa:75:f6:06:
f3:d0:93:7a:2a:13:ad:03:22:ca:1b:ad:ed:0c:87:
d7:f4:02:fe:7e:75:2e:69:74:59:c0:63:4b:f4:70:
5f:11:6a:39:27:9e:86:17:aa:59:30:81:37:4d:b7:
5a:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:1E:04:F4:59:89:62:27:1B:14:0E:B6:0D:A8:2B:CF:46:8B:FD:D8
X509v3 Authority Key Identifier:
keyid:0F:89:1D:2F:D1:54:78:5D:C3:E6:B3:C7:96:67:64:6C:0B:B4:F5:6D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3641110/59627DEC193711F18063378ADAE4EC9C/D4kdL9FUeF3D5rPHlmdkbAu09W0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/D4kdL9FUeF3D5rPHlmdkbAu09W0.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3641110/59627DEC193711F18063378ADAE4EC9C/A90F75EA1E2B11F1A74454ADDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
197.215.220.0/24
Signature Algorithm: sha256WithRSAEncryption
37:5b:7f:e5:ec:d5:70:2d:01:6d:83:96:ad:25:51:22:1e:44:
55:ce:e6:15:58:d4:3c:b3:48:a5:94:fb:86:b3:b6:04:43:21:
61:a5:2d:cc:9f:6f:54:3f:0f:98:fe:64:bc:e3:21:b8:34:ad:
40:6c:9c:1e:d7:d1:65:ff:6b:94:40:06:e5:40:6e:d7:b5:d2:
e7:97:db:97:38:a9:8b:76:b7:bf:6a:d7:4d:fa:ca:fa:fc:cc:
c7:db:a6:d7:66:9a:c8:b4:0a:f9:2f:8d:c4:bd:52:c4:ab:53:
f4:0a:f6:ea:7e:2a:16:df:dd:bd:34:75:c6:b3:96:91:62:96:
14:74:eb:f6:37:52:35:d6:dd:25:c9:61:bc:16:36:47:83:38:
5e:f9:bd:33:b0:ac:91:74:2c:ed:24:05:3a:41:f8:eb:bd:86:
42:8c:c4:66:1c:2d:a9:58:12:a1:be:69:48:22:3c:64:aa:c2:
7b:d6:37:13:24:94:4f:1b:e0:51:f4:03:94:02:9d:cd:37:b4:
46:4b:12:ba:63:c2:f9:39:fc:ff:a1:f5:db:70:46:72:c9:1a:
26:2e:5d:fc:d3:f7:3c:c0:9e:fa:a7:0a:1b:ac:dc:6a:ca:f8:
4b:f1:d7:4a:8d:b8:f9:f5:74:bf:f2:df:00:04:d4:32:3d:47:
f6:64:76:90
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgIBGjANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzY0
MTExMEFGMTEwLwYDVQQFEygwRjg5MUQyRkQxNTQ3ODVEQzNFNkIzQzc5NjY3NjQ2
QzBCQjRGNTZEMB4XDTI2MDMxMjE1NTM0NVoXDTM2MDMzMTE1NTM0NVowGDEWMBQG
A1UEAxMNNjliMmUxOGQtYmFmOTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANahgoH6NtPHE6nIscAUYx9I7jktbzysaxBUpKdcO4yOUOevtpzDhkkA0Dtc
UCE+3xquVT53XBl7e/z0qb/Mhr+k6ROgfHU3sYQ7JPvZPKfN1c2h6jH+w73HZ7tP
WBiM1XD0TlPOuJX7CQvhvNszYwOHPBOFsohnfBOv+vQcAoir8BIzEB2lwbXcuK7u
U5V9hGWAW5Arx+SljqnyJmztJvODbVptV6cQhesWwUEDZmoRS3oCy+KLIdV4uzLT
kKoEOMkRcz21xBioNMaBWlr6dfYG89CTeioTrQMiyhut7QyH1/QC/n51Lml0WcBj
S/RwXxFqOSeehheqWTCBN023WikCAwEAAaOCAqUwggKhMB0GA1UdDgQWBBQoHgT0
WYliJxsUDrYNqCvPRov92DAfBgNVHSMEGDAWgBQPiR0v0VR4XcPms8eWZ2RsC7T1
bTAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2NDExMTAvNTk2MjdERUMxOTM3MTFGMTgwNjMzNzhBREFFNEVDOUMvRDRrZEw5
RlVlRjNENXJQSGxtZGtiQXUwOVcwLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvRDRrZEw5RlVlRjNENXJQSGxtZGtiQXUwOVcwLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2NDExMTAvNTk2MjdERUMxOTM3MTFGMTgwNjMzNzhBREFF
NEVDOUMvQTkwRjc1RUExRTJCMTFGMUE3NDQ1NEFEREFFNEVDOUMucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMXX3DANBgkqhkiG9w0BAQsF
AAOCAQEAN1t/5ezVcC0BbYOWrSVRIh5EVc7mFVjUPLNIpZT7hrO2BEMhYaUtzJ9v
VD8PmP5kvOMhuDStQGycHtfRZf9rlEAG5UBu17XS55fblzipi3a3v2rXTfrK+vzM
x9um12aayLQK+S+NxL1SxKtT9Ar26n4qFt/dvTR1xrOWkWKWFHTr9jdSNdbdJclh
vBY2R4M4Xvm9M7CskXQs7SQFOkH4672GQozEZhwtqVgSob5pSCI8ZKrCe9Y3EySU
TxvgUfQDlAKdzTe0RksSumPC+Tn8/6H123BGcskaJi5d/NP3PMCe+qcKG6zcasr4
S/HXSo24+fV0v/LfAATUMj1H9mR2kA==
-----END CERTIFICATE-----
Generated at Mon Mar 23 11:48:04 2026 by rpki-client