Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3660137/4AAF40645C1C11EC954D3D6E5A40D577/F7CDB4281D2A11F1904580D9DAE4EC9C.roa
File: F7CDB4281D2A11F1904580D9DAE4EC9C.roa (raw, json)
Hash identifier: XzMEwwkNS5xxWk1ir2zt5zwbDTlcZzrwuFW8GYrB1JY=
Subject key identifier: 8D:D0:CF:FD:10:D4:56:71:FF:DF:8C:53:B8:F8:81:7D:C7:52:EF:A4
Certificate issuer: /CN=F3660137AF/serialNumber=1406D84B3A22ACF49483972666319CE9893D68C4
Certificate serial: 063B
Authority key identifier: 14:06:D8:4B:3A:22:AC:F4:94:83:97:26:66:31:9C:E9:89:3D:68:C4
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/FAbYSzoirPSUg5cmZjGc6Yk9aMQ.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3660137/4AAF40645C1C11EC954D3D6E5A40D577/F7CDB4281D2A11F1904580D9DAE4EC9C.roa
Signing time: Wed 11 Mar 2026 09:16:21 +0000
ROA not before: Wed 11 Mar 2026 09:16:16 +0000
ROA not after: Sat 10 Mar 2029 09:16:16 +0000
asID: 327900
IP address blocks: 102.217.72.0/24 maxlen: 24
102.217.73.0/24 maxlen: 24
102.217.74.0/24 maxlen: 24
102.217.75.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F3660137/4AAF40645C1C11EC954D3D6E5A40D577/FAbYSzoirPSUg5cmZjGc6Yk9aMQ.crl
rsync://rpki.afrinic.net/repository/member_repository/F3660137/4AAF40645C1C11EC954D3D6E5A40D577/FAbYSzoirPSUg5cmZjGc6Yk9aMQ.mft
rsync://rpki.afrinic.net/repository/afrinic/FAbYSzoirPSUg5cmZjGc6Yk9aMQ.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Wed 25 Mar 2026 10:20:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1595 (0x63b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3660137AF, serialNumber=1406D84B3A22ACF49483972666319CE9893D68C4
Validity
Not Before: Mar 11 09:16:16 2026 GMT
Not After : Mar 10 09:16:16 2029 GMT
Subject: CN=69b132e5-9623
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:d9:30:93:fe:5d:81:bb:be:77:4a:19:ce:90:
61:72:ab:a5:c4:15:c7:fb:31:60:be:f3:dc:11:18:
66:2b:df:0f:d6:24:51:4b:02:46:39:1d:f8:c6:97:
b4:d5:41:29:78:eb:7c:b5:0a:ac:0f:29:4e:13:aa:
52:34:d5:0c:ea:0f:eb:d9:ba:36:72:fc:8e:1d:44:
61:66:72:61:c9:25:4e:31:52:9a:83:08:30:71:06:
49:15:5f:6f:5f:13:54:b0:e7:9a:63:25:68:22:0f:
d8:1e:b8:e8:13:2b:d3:03:16:12:65:30:fc:2f:75:
90:54:22:a3:8d:b5:72:ce:48:73:c3:53:64:f3:bf:
e4:5b:52:b6:95:a1:0f:19:61:bd:5c:21:cb:06:cf:
3c:e6:eb:7f:49:55:5b:55:f6:ec:3a:cf:d7:23:3d:
dc:63:68:e0:1e:5d:43:c5:32:25:ec:6a:55:f2:bd:
88:45:66:79:87:a8:8f:57:07:77:db:0d:fd:bf:c5:
b8:a5:4f:bf:e0:ca:19:69:0a:f4:7a:58:83:cd:59:
f1:c8:e9:ec:0a:50:58:76:0c:77:25:99:52:ad:d5:
ad:20:3e:dd:fd:a7:9a:1e:63:98:11:71:26:6d:19:
a2:bb:22:28:03:58:06:3f:ad:cd:10:3b:19:5a:e8:
ca:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:D0:CF:FD:10:D4:56:71:FF:DF:8C:53:B8:F8:81:7D:C7:52:EF:A4
X509v3 Authority Key Identifier:
keyid:14:06:D8:4B:3A:22:AC:F4:94:83:97:26:66:31:9C:E9:89:3D:68:C4
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3660137/4AAF40645C1C11EC954D3D6E5A40D577/FAbYSzoirPSUg5cmZjGc6Yk9aMQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/FAbYSzoirPSUg5cmZjGc6Yk9aMQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3660137/4AAF40645C1C11EC954D3D6E5A40D577/F7CDB4281D2A11F1904580D9DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.217.72.0/22
Signature Algorithm: sha256WithRSAEncryption
37:54:7d:fa:01:43:a1:f5:58:1f:b0:4a:35:1d:ff:a0:28:f0:
0e:ad:91:33:ae:e3:4a:60:30:27:e9:cb:3a:75:03:e4:85:06:
3d:5e:9b:4c:4f:9d:59:5d:53:39:59:ce:2f:75:07:52:b0:eb:
2a:f0:04:70:21:b5:4f:e9:34:9e:fc:15:9b:03:ca:1c:de:ba:
fc:fc:e2:30:b0:9a:48:ea:8d:23:20:14:eb:e6:68:87:f4:c7:
83:5d:66:93:24:7e:c7:e2:0d:f3:56:d4:8d:9a:83:a6:2f:4c:
4e:ec:a7:22:5e:6d:e8:4f:75:38:1a:b6:ba:9a:2c:f3:72:df:
64:92:74:7e:7d:2c:50:6e:69:5f:c4:84:3a:2e:61:e9:4c:3b:
a1:47:b8:79:42:95:f7:d7:ba:82:3b:33:65:17:8b:2b:a7:66:
78:ba:71:fa:26:d4:28:19:24:03:e3:32:f8:9a:a7:b3:c6:ee:
aa:3f:8b:cd:78:84:fa:3c:cb:c0:63:aa:a0:a8:37:53:f1:d8:
c2:68:e7:f5:5c:6f:d6:76:83:cc:dc:8f:88:2f:dc:db:13:0f:
e5:35:2f:3f:94:07:57:72:79:b1:31:e0:ff:19:55:4a:07:9f:
e9:46:a0:fe:77:b6:7b:87:13:f5:26:f3:e4:de:f1:41:d0:fc:
de:f7:0d:90
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICBjswDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
NjAxMzdBRjExMC8GA1UEBRMoMTQwNkQ4NEIzQTIyQUNGNDk0ODM5NzI2NjYzMTlD
RTk4OTNENjhDNDAeFw0yNjAzMTEwOTE2MTZaFw0yOTAzMTAwOTE2MTZaMBgxFjAU
BgNVBAMTDTY5YjEzMmU1LTk2MjMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQC72TCT/l2Bu753ShnOkGFyq6XEFcf7MWC+89wRGGYr3w/WJFFLAkY5HfjG
l7TVQSl463y1CqwPKU4TqlI01QzqD+vZujZy/I4dRGFmcmHJJU4xUpqDCDBxBkkV
X29fE1Sw55pjJWgiD9geuOgTK9MDFhJlMPwvdZBUIqONtXLOSHPDU2Tzv+RbUraV
oQ8ZYb1cIcsGzzzm639JVVtV9uw6z9cjPdxjaOAeXUPFMiXsalXyvYhFZnmHqI9X
B3fbDf2/xbilT7/gyhlpCvR6WIPNWfHI6ewKUFh2DHclmVKt1a0gPt39p5oeY5gR
cSZtGaK7IigDWAY/rc0QOxla6MpzAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUjdDP
/RDUVnH/34xTuPiBfcdS76QwHwYDVR0jBBgwFoAUFAbYSzoirPSUg5cmZjGc6Yk9
aMQwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjYwMTM3LzRBQUY0MDY0NUMxQzExRUM5NTREM0Q2RTVBNDBENTc3L0ZBYllT
em9pclBTVWc1Y21aakdjNllrOWFNUS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0ZBYllTem9pclBTVWc1Y21aakdjNllrOWFNUS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjYwMTM3LzRBQUY0MDY0NUMxQzExRUM5NTREM0Q2RTVB
NDBENTc3L0Y3Q0RCNDI4MUQyQTExRjE5MDQ1ODBEOURBRTRFQzlDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAJm2UgwDQYJKoZIhvcNAQEL
BQADggEBADdUffoBQ6H1WB+wSjUd/6Ao8A6tkTOu40pgMCfpyzp1A+SFBj1em0xP
nVldUzlZzi91B1Kw6yrwBHAhtU/pNJ78FZsDyhzeuvz84jCwmkjqjSMgFOvmaIf0
x4NdZpMkfsfiDfNW1I2ag6YvTE7spyJebehPdTgatrqaLPNy32SSdH59LFBuaV/E
hDouYelMO6FHuHlClffXuoI7M2UXiyunZni6cfom1CgZJAPjMviap7PG7qo/i814
hPo8y8BjqqCoN1Px2MJo5/Vcb9Z2g8zcj4gv3NsTD+U1Lz+UB1dyebEx4P8ZVUoH
n+lGoP53tnuHE/Um8+Te8UHQ/N73DZA=
-----END CERTIFICATE-----
Generated at Tue Mar 24 00:10:35 2026 by rpki-client