Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F364D69A/91FBCD3C3B4E11F18CA44FA5CE1D38B0/082253FA3B4F11F1A4BA6CA9CE1D38B0.roa
File: 082253FA3B4F11F1A4BA6CA9CE1D38B0.roa (raw, json)
Hash identifier: NTpx6G+cMs+f6u/Q9FU/pP+/e9jJ3Xpl2Q1ITLoQGJg=
Subject key identifier: 63:5B:B1:73:C4:E7:02:BD:AC:40:93:3B:39:8B:61:B2:6A:5E:DB:04
Certificate issuer: /CN=F364D69AAF/serialNumber=7D26F5430A0CD2C903B57C4A663762ACBC359990
Certificate serial: 02
Authority key identifier: 7D:26:F5:43:0A:0C:D2:C9:03:B5:7C:4A:66:37:62:AC:BC:35:99:90
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/fSb1QwoM0skDtXxKZjdirLw1mZA.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F364D69A/91FBCD3C3B4E11F18CA44FA5CE1D38B0/082253FA3B4F11F1A4BA6CA9CE1D38B0.roa
Signing time: Sat 18 Apr 2026 17:50:05 +0000
ROA not before: Sat 18 Apr 2026 17:50:00 +0000
ROA not after: Wed 30 Apr 2036 17:50:00 +0000
asID: 329714
IP address blocks: 102.203.3.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F364D69A/91FBCD3C3B4E11F18CA44FA5CE1D38B0/fSb1QwoM0skDtXxKZjdirLw1mZA.crl
rsync://rpki.afrinic.net/repository/member_repository/F364D69A/91FBCD3C3B4E11F18CA44FA5CE1D38B0/fSb1QwoM0skDtXxKZjdirLw1mZA.mft
rsync://rpki.afrinic.net/repository/afrinic/fSb1QwoM0skDtXxKZjdirLw1mZA.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 09 May 2026 00:07:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F364D69AAF, serialNumber=7D26F5430A0CD2C903B57C4A663762ACBC359990
Validity
Not Before: Apr 18 17:50:00 2026 GMT
Not After : Apr 30 17:50:00 2036 GMT
Subject: CN=69e3c44d-8a7c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:5d:0b:6e:72:91:d9:bd:35:8f:0d:d8:f2:bd:
8e:26:57:bf:ce:5f:d0:e6:5d:00:5e:4f:63:91:1f:
7a:32:02:fd:61:e5:40:7a:47:7d:86:9c:7e:3f:cb:
8e:10:23:4d:b2:27:a2:2e:21:4e:66:f6:21:d9:c4:
bb:dd:4a:cf:3f:af:ac:62:3e:42:84:03:8a:4b:89:
f6:77:67:12:62:54:be:c1:59:a7:05:e0:7e:81:9f:
99:6a:f5:91:cb:f6:a6:f6:04:bb:9e:85:6d:d5:df:
6f:1c:dc:ed:86:9d:65:46:7f:47:d3:73:b1:75:f9:
07:e4:2a:d6:7b:d3:c9:73:4d:6f:2d:11:a0:44:9b:
76:08:29:b5:6d:c6:17:9b:2e:8e:de:54:66:5f:4a:
3b:c0:c5:ab:28:94:39:21:60:4e:96:3a:ad:6f:bf:
e3:62:b5:0a:e3:22:9b:73:a9:d0:d9:08:d0:d4:c5:
d8:ec:15:fe:8e:b7:82:fc:ae:0c:26:21:e1:00:57:
af:66:c3:27:ad:76:03:68:98:84:dc:0e:19:16:97:
9f:c1:7d:ba:22:7e:2f:a5:ed:45:f9:39:34:87:14:
ba:ef:7a:04:ad:73:33:24:a7:7c:cc:4a:d3:8d:c7:
40:ec:34:34:66:d8:96:12:ea:c3:26:8b:f3:58:b5:
74:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:5B:B1:73:C4:E7:02:BD:AC:40:93:3B:39:8B:61:B2:6A:5E:DB:04
X509v3 Authority Key Identifier:
keyid:7D:26:F5:43:0A:0C:D2:C9:03:B5:7C:4A:66:37:62:AC:BC:35:99:90
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F364D69A/91FBCD3C3B4E11F18CA44FA5CE1D38B0/fSb1QwoM0skDtXxKZjdirLw1mZA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/fSb1QwoM0skDtXxKZjdirLw1mZA.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F364D69A/91FBCD3C3B4E11F18CA44FA5CE1D38B0/082253FA3B4F11F1A4BA6CA9CE1D38B0.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.203.3.0/24
Signature Algorithm: sha256WithRSAEncryption
bd:1a:7c:78:f9:8c:83:9c:73:1c:78:f7:74:57:db:a5:ea:ea:
bf:c1:be:db:02:ee:a5:d0:d1:68:8e:5f:f2:94:b8:04:91:ca:
6f:de:b4:7d:fa:91:99:7d:98:bf:e6:3b:0b:d6:1c:3d:88:31:
e4:da:03:49:66:70:47:bf:01:82:c0:c5:4f:d8:34:00:70:be:
e2:f5:04:be:c3:1b:5f:1f:9d:c8:06:e5:59:9d:bd:bd:30:36:
3b:66:af:3f:bf:f8:48:3b:88:ad:4e:4a:5f:7c:79:ea:44:1f:
51:6f:8a:ee:7c:33:13:e6:2c:eb:ca:3c:45:27:d5:64:cb:f7:
8c:95:29:98:4a:d7:dd:09:df:01:e3:85:92:af:ef:c9:c1:53:
06:8c:84:92:72:97:7e:67:ba:73:82:d0:62:88:f3:6d:33:b1:
29:23:65:33:a6:51:df:b9:da:e6:8b:9c:36:e9:86:cb:48:a4:
a2:07:65:2c:81:1f:d5:6f:17:45:cd:c1:fb:75:3b:05:05:ed:
a0:2c:c9:43:70:84:94:51:d8:dd:39:12:22:2b:7f:1d:8e:a9:
44:b5:07:cd:13:4f:7b:f0:b7:f4:b1:3a:45:42:c2:df:79:6c:
a7:55:db:b1:bb:14:1f:5d:75:81:9a:aa:11:3e:4a:0d:34:8a:
ee:d4:00:14
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgIBAjANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzY0
RDY5QUFGMTEwLwYDVQQFEyg3RDI2RjU0MzBBMENEMkM5MDNCNTdDNEE2NjM3NjJB
Q0JDMzU5OTkwMB4XDTI2MDQxODE3NTAwMFoXDTM2MDQzMDE3NTAwMFowGDEWMBQG
A1UEAxMNNjllM2M0NGQtOGE3YzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKxdC25ykdm9NY8N2PK9jiZXv85f0OZdAF5PY5EfejIC/WHlQHpHfYacfj/L
jhAjTbInoi4hTmb2IdnEu91Kzz+vrGI+QoQDikuJ9ndnEmJUvsFZpwXgfoGfmWr1
kcv2pvYEu56FbdXfbxzc7YadZUZ/R9NzsXX5B+Qq1nvTyXNNby0RoESbdggptW3G
F5sujt5UZl9KO8DFqyiUOSFgTpY6rW+/42K1CuMim3Op0NkI0NTF2OwV/o63gvyu
DCYh4QBXr2bDJ612A2iYhNwOGRaXn8F9uiJ+L6XtRfk5NIcUuu96BK1zMySnfMxK
043HQOw0NGbYlhLqwyaL81i1dIMCAwEAAaOCAqUwggKhMB0GA1UdDgQWBBRjW7Fz
xOcCvaxAkzs5i2Gyal7bBDAfBgNVHSMEGDAWgBR9JvVDCgzSyQO1fEpmN2KsvDWZ
kDAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2NEQ2OUEvOTFGQkNEM0MzQjRFMTFGMThDQTQ0RkE1Q0UxRDM4QjAvZlNiMVF3
b00wc2tEdFh4S1pqZGlyTHcxbVpBLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvZlNiMVF3b00wc2tEdFh4S1pqZGlyTHcxbVpBLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2NEQ2OUEvOTFGQkNEM0MzQjRFMTFGMThDQTQ0RkE1Q0Ux
RDM4QjAvMDgyMjUzRkEzQjRGMTFGMUE0QkE2Q0E5Q0UxRDM4QjAucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAGbLAzANBgkqhkiG9w0BAQsF
AAOCAQEAvRp8ePmMg5xzHHj3dFfbperqv8G+2wLupdDRaI5f8pS4BJHKb960ffqR
mX2Yv+Y7C9YcPYgx5NoDSWZwR78BgsDFT9g0AHC+4vUEvsMbXx+dyAblWZ29vTA2
O2avP7/4SDuIrU5KX3x56kQfUW+K7nwzE+Ys68o8RSfVZMv3jJUpmErX3QnfAeOF
kq/vycFTBoyEknKXfme6c4LQYojzbTOxKSNlM6ZR37na5oucNumGy0ikogdlLIEf
1W8XRc3B+3U7BQXtoCzJQ3CElFHY3TkSIit/HY6pRLUHzRNPe/C39LE6RULC33ls
p1XbsbsUH111gZqqET5KDTSK7tQAFA==
-----END CERTIFICATE-----
Generated at Thu May 7 22:11:53 2026 by rpki-client