Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F364E8BF/7F6043A63D9211E790533747F8AEA228/32720D1C6AF211F19B2DC7BACE1D38B0.roa
File: 32720D1C6AF211F19B2DC7BACE1D38B0.roa (raw, json)
Hash identifier: 57MSafPJa+7Hjem/DSmJdXxlyf5Oy9Kb9QPkIp7WExA=
Subject key identifier: 8D:9A:DF:2C:40:D0:13:BE:FF:78:48:3E:03:E9:A5:55:D7:B9:27:40
Certificate issuer: /CN=F364E8BFAF/serialNumber=40451923052FB4BDA83A928F5F2E2646B3038F5E
Certificate serial: 02
Authority key identifier: 40:45:19:23:05:2F:B4:BD:A8:3A:92:8F:5F:2E:26:46:B3:03:8F:5E
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/QEUZIwUvtL2oOpKPXy4mRrMDj14.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F364E8BF/7F6043A63D9211E790533747F8AEA228/32720D1C6AF211F19B2DC7BACE1D38B0.roa
Signing time: Thu 18 Jun 2026 08:46:29 +0000
ROA not before: Thu 18 Jun 2026 08:46:24 +0000
ROA not after: Fri 31 Jul 2026 08:46:24 +0000
asID: 37095
IP address blocks: 102.204.128.0/22 maxlen: 22
2001:43f8:d0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F364E8BF/7F6043A63D9211E790533747F8AEA228/QEUZIwUvtL2oOpKPXy4mRrMDj14.crl
rsync://rpki.afrinic.net/repository/member_repository/F364E8BF/7F6043A63D9211E790533747F8AEA228/QEUZIwUvtL2oOpKPXy4mRrMDj14.mft
rsync://rpki.afrinic.net/repository/afrinic/QEUZIwUvtL2oOpKPXy4mRrMDj14.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 23 Jun 2026 00:07:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F364E8BFAF, serialNumber=40451923052FB4BDA83A928F5F2E2646B3038F5E
Validity
Not Before: Jun 18 08:46:24 2026 GMT
Not After : Jul 31 08:46:24 2026 GMT
Subject: CN=6a33b065-6ca0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:10:e3:a4:24:2d:30:6c:68:7c:57:89:42:ff:
47:e5:4e:81:91:c7:95:52:e2:c5:e3:cd:da:ea:9e:
94:4c:e9:f1:a9:04:e3:60:3e:ff:e2:ff:31:a8:49:
89:01:22:8e:66:e7:1b:5d:1e:54:bb:85:bf:bf:be:
0c:9f:56:62:0a:53:d4:37:55:78:5e:29:84:cc:3c:
9e:6d:05:0f:10:67:45:96:1b:86:e9:cd:f9:c9:2f:
2f:2d:8e:52:5e:70:33:a1:1b:04:21:f4:1a:1a:56:
e3:e2:48:b4:58:87:9f:5e:28:4f:76:a3:af:e6:a5:
e9:0b:bf:d2:69:da:08:92:cc:29:81:6c:3a:ea:d3:
23:76:53:cb:c4:80:63:3d:c5:ab:e0:28:90:f8:a7:
1a:f3:5c:6b:8a:af:db:2d:15:14:b2:6b:6c:dc:b0:
8d:a6:24:52:18:aa:2d:d5:c5:b2:de:c7:6b:7b:16:
fc:64:25:51:5e:07:7c:91:ab:6b:f8:2f:91:83:26:
ce:8a:0b:93:f5:cd:4c:ad:90:69:76:d9:26:bb:cc:
27:28:0c:82:5b:13:65:5b:7d:3c:4c:c1:6d:70:5a:
a5:fd:54:f5:00:b5:68:66:07:75:90:35:73:84:01:
df:37:9e:db:32:6b:04:13:59:6e:28:45:88:43:eb:
5a:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:9A:DF:2C:40:D0:13:BE:FF:78:48:3E:03:E9:A5:55:D7:B9:27:40
X509v3 Authority Key Identifier:
keyid:40:45:19:23:05:2F:B4:BD:A8:3A:92:8F:5F:2E:26:46:B3:03:8F:5E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F364E8BF/7F6043A63D9211E790533747F8AEA228/QEUZIwUvtL2oOpKPXy4mRrMDj14.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/QEUZIwUvtL2oOpKPXy4mRrMDj14.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F364E8BF/7F6043A63D9211E790533747F8AEA228/32720D1C6AF211F19B2DC7BACE1D38B0.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.204.128.0/22
IPv6:
2001:43f8:d0::/48
Signature Algorithm: sha256WithRSAEncryption
4f:05:52:07:00:02:ba:ac:ff:da:90:e2:93:ce:f5:39:69:a6:
8c:3b:98:9a:98:83:72:d0:4f:a3:59:37:16:63:9e:06:32:1d:
0d:97:1b:4a:3f:fb:3e:82:22:55:0f:76:67:e3:7a:71:69:04:
0b:ab:50:1a:12:f5:84:fc:ad:fc:f3:10:f3:2e:57:0b:c8:60:
0c:85:2b:b4:b8:80:6e:55:b8:2d:8e:f1:1b:0f:e9:c7:06:81:
12:74:4b:c7:d8:b4:3d:fc:95:c7:86:de:51:89:8b:b0:af:a0:
fb:52:89:81:03:0e:70:71:12:95:02:70:d1:6d:3d:62:e1:17:
2c:c0:f7:6f:c2:e7:b7:25:fa:5e:7d:8a:be:31:41:40:18:8a:
e5:ad:72:1a:37:9b:22:96:d7:bd:40:1b:e2:aa:99:38:f5:ef:
79:ec:52:d5:31:d2:d3:52:8d:98:ec:ee:77:01:d2:1e:e9:f0:
70:fd:77:4f:1e:48:a9:16:4f:04:da:fb:57:bf:c4:50:9f:bc:
94:c7:91:04:69:98:d8:4a:4d:81:55:e4:03:b0:62:55:e7:ac:
a7:cc:d7:66:62:e6:b7:c2:c6:36:24:b5:24:8f:2a:95:40:10:
ee:f6:f4:46:09:8a:6c:39:af:4e:d6:aa:09:62:cc:61:6a:ab:
c1:23:83:b2
-----BEGIN CERTIFICATE-----
MIIFkzCCBHugAwIBAgIBAjANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzY0
RThCRkFGMTEwLwYDVQQFEyg0MDQ1MTkyMzA1MkZCNEJEQTgzQTkyOEY1RjJFMjY0
NkIzMDM4RjVFMB4XDTI2MDYxODA4NDYyNFoXDTI2MDczMTA4NDYyNFowGDEWMBQG
A1UEAxMNNmEzM2IwNjUtNmNhMDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL4Q46QkLTBsaHxXiUL/R+VOgZHHlVLixePN2uqelEzp8akE42A+/+L/MahJ
iQEijmbnG10eVLuFv7++DJ9WYgpT1DdVeF4phMw8nm0FDxBnRZYbhunN+ckvLy2O
Ul5wM6EbBCH0GhpW4+JItFiHn14oT3ajr+al6Qu/0mnaCJLMKYFsOurTI3ZTy8SA
Yz3Fq+AokPinGvNca4qv2y0VFLJrbNywjaYkUhiqLdXFst7Ha3sW/GQlUV4HfJGr
a/gvkYMmzooLk/XNTK2QaXbZJrvMJygMglsTZVt9PEzBbXBapf1U9QC1aGYHdZA1
c4QB3zee2zJrBBNZbihFiEPrWqsCAwEAAaOCArYwggKyMB0GA1UdDgQWBBSNmt8s
QNATvv94SD4D6aVV17knQDAfBgNVHSMEGDAWgBRARRkjBS+0vag6ko9fLiZGswOP
XjAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2NEU4QkYvN0Y2MDQzQTYzRDkyMTFFNzkwNTMzNzQ3RjhBRUEyMjgvUUVVWkl3
VXZ0TDJvT3BLUFh5NG1Sck1EajE0LmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvUUVVWkl3VXZ0TDJvT3BLUFh5NG1Sck1EajE0LmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2NEU4QkYvN0Y2MDQzQTYzRDkyMTFFNzkwNTMzNzQ3RjhB
RUEyMjgvMzI3MjBEMUM2QUYyMTFGMTlCMkRDN0JBQ0UxRDM4QjAucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAwBggrBgEFBQcBBwEB/wQhMB8wDAQCAAEwBgMEAmbMgDAPBAIAAjAJAwcAIAFD
+ADQMA0GCSqGSIb3DQEBCwUAA4IBAQBPBVIHAAK6rP/akOKTzvU5aaaMO5iamINy
0E+jWTcWY54GMh0NlxtKP/s+giJVD3Zn43pxaQQLq1AaEvWE/K388xDzLlcLyGAM
hSu0uIBuVbgtjvEbD+nHBoESdEvH2LQ9/JXHht5RiYuwr6D7UomBAw5wcRKVAnDR
bT1i4RcswPdvwue3JfpefYq+MUFAGIrlrXIaN5silte9QBviqpk49e957FLVMdLT
Uo2Y7O53AdIe6fBw/XdPHkipFk8E2vtXv8RQn7yUx5EEaZjYSk2BVeQDsGJV56yn
zNdmYua3wsY2JLUkjyqVQBDu9vRGCYpsOa9O1qoJYsxhaqvBI4Oy
-----END CERTIFICATE-----
Generated at Mon Jun 22 00:30:43 2026 by rpki-client