Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F366372C/5F217C34657F11ED964AEF85F1222468/95AFAC66427711F184D9F8FACE1D38B0.roa
File: 95AFAC66427711F184D9F8FACE1D38B0.roa (raw, json)
Hash identifier: 0vUwbMIiWuntX3tsjOeOoDZZ0A9t4Qs6SQHIOpOvD/U=
Subject key identifier: F9:35:48:D6:5A:1B:9C:B3:EC:86:74:C0:74:CA:98:EA:A8:89:91:69
Certificate issuer: /CN=F366372CAF/serialNumber=B1A1AA72C9657B40E616BC373E13CF93B229EB3F
Certificate serial: 051B
Authority key identifier: B1:A1:AA:72:C9:65:7B:40:E6:16:BC:37:3E:13:CF:93:B2:29:EB:3F
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/saGqcslle0DmFrw3PhPPk7Ip6z8.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F366372C/5F217C34657F11ED964AEF85F1222468/95AFAC66427711F184D9F8FACE1D38B0.roa
Signing time: Mon 27 Apr 2026 20:28:01 +0000
ROA not before: Mon 27 Apr 2026 20:27:56 +0000
ROA not after: Fri 30 Apr 2027 20:27:56 +0000
asID: 328676
IP address blocks: 102.214.44.0/24 maxlen: 24
102.214.45.0/24 maxlen: 24
102.223.7.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F366372C/5F217C34657F11ED964AEF85F1222468/saGqcslle0DmFrw3PhPPk7Ip6z8.crl
rsync://rpki.afrinic.net/repository/member_repository/F366372C/5F217C34657F11ED964AEF85F1222468/saGqcslle0DmFrw3PhPPk7Ip6z8.mft
rsync://rpki.afrinic.net/repository/afrinic/saGqcslle0DmFrw3PhPPk7Ip6z8.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 09 May 2026 00:07:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1307 (0x51b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F366372CAF, serialNumber=B1A1AA72C9657B40E616BC373E13CF93B229EB3F
Validity
Not Before: Apr 27 20:27:56 2026 GMT
Not After : Apr 30 20:27:56 2027 GMT
Subject: CN=69efc6d1-9bc5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:6c:9a:ec:cc:57:30:a0:96:c2:59:11:ce:1c:
d3:f3:f5:dd:9c:0e:de:43:90:7d:9b:a2:f7:a8:73:
67:3b:09:68:c6:40:8a:8d:5d:18:b2:de:2c:43:ef:
8a:a6:eb:51:46:5a:07:22:e7:27:ae:a3:2c:23:75:
04:0f:52:40:70:03:5c:d9:14:e0:bc:6e:b5:da:0d:
52:e4:e3:b3:a1:f2:2b:3f:0c:0a:02:68:a2:4a:ac:
27:3b:44:99:c1:81:fe:64:b7:2b:f9:25:83:9d:e1:
76:c1:3e:1d:d2:de:fd:39:30:4e:7b:88:cd:30:8f:
22:b0:3f:a8:46:5a:70:62:73:be:e2:33:23:97:86:
0b:81:25:e6:98:44:f2:0c:db:6b:6f:43:0b:bc:4e:
c9:76:4a:23:d4:d7:60:1a:6a:fa:c8:d6:8e:21:0c:
f5:38:16:ce:55:f4:d1:0e:ea:08:62:d6:0e:17:6d:
45:dc:35:d9:7c:c0:19:64:78:d9:49:c5:67:09:9b:
a0:88:a1:de:a6:29:98:b7:3a:56:72:b9:31:82:9a:
7e:22:45:bc:b8:6f:ef:b0:f3:87:88:97:ac:f8:15:
fc:0f:5b:70:50:52:62:c4:22:e6:d2:b6:51:a6:4d:
84:67:b9:b5:38:91:88:e5:7a:59:ba:ab:73:11:92:
ad:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:35:48:D6:5A:1B:9C:B3:EC:86:74:C0:74:CA:98:EA:A8:89:91:69
X509v3 Authority Key Identifier:
keyid:B1:A1:AA:72:C9:65:7B:40:E6:16:BC:37:3E:13:CF:93:B2:29:EB:3F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F366372C/5F217C34657F11ED964AEF85F1222468/saGqcslle0DmFrw3PhPPk7Ip6z8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/saGqcslle0DmFrw3PhPPk7Ip6z8.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F366372C/5F217C34657F11ED964AEF85F1222468/95AFAC66427711F184D9F8FACE1D38B0.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.214.44.0/23
102.223.7.0/24
Signature Algorithm: sha256WithRSAEncryption
de:92:75:1a:c4:17:ad:f7:a1:c7:af:07:df:36:0a:dd:fe:27:
01:66:4d:ee:cd:9b:a7:b7:79:69:5f:15:77:27:17:23:2f:45:
25:b5:f0:20:22:d8:72:bc:d9:42:cc:f9:a5:32:0f:d5:bc:f1:
2a:e2:99:ef:f1:0b:ff:25:f9:fc:36:17:ab:d9:9c:89:e6:4b:
ad:55:5f:1d:d3:75:b4:84:65:63:3c:18:99:a0:d7:03:8e:d1:
a9:32:be:c4:67:73:26:d1:2c:4f:dd:48:46:e8:27:94:6e:58:
b1:ce:55:79:d3:eb:30:11:e5:1b:d3:05:eb:90:f1:19:2f:29:
8d:68:c9:a5:66:9d:4d:04:3e:dd:e4:6f:1d:76:12:30:d8:17:
1e:85:f5:0a:2d:06:6a:aa:9a:5c:4b:d7:a4:4b:0d:70:7d:7a:
b2:fa:1f:be:13:f0:f0:8e:c3:18:d2:d1:c3:c9:e9:54:e8:d7:
8f:6a:bd:ae:50:ab:8a:6e:fb:98:f7:c3:f1:fd:70:ac:50:3c:
fd:6e:ad:9d:16:27:e2:09:3c:4c:3e:4e:19:a8:b0:3c:4d:fe:
f6:84:88:ce:42:58:5b:78:58:33:80:91:eb:e7:3c:f5:68:36:
37:06:7b:d5:53:6c:87:e8:a1:50:06:93:0b:89:30:97:7c:fc:
fa:17:60:f8
-----BEGIN CERTIFICATE-----
MIIFiTCCBHGgAwIBAgICBRswDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
NjM3MkNBRjExMC8GA1UEBRMoQjFBMUFBNzJDOTY1N0I0MEU2MTZCQzM3M0UxM0NG
OTNCMjI5RUIzRjAeFw0yNjA0MjcyMDI3NTZaFw0yNzA0MzAyMDI3NTZaMBgxFjAU
BgNVBAMTDTY5ZWZjNmQxLTliYzUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDVbJrszFcwoJbCWRHOHNPz9d2cDt5DkH2boveoc2c7CWjGQIqNXRiy3ixD
74qm61FGWgci5yeuoywjdQQPUkBwA1zZFOC8brXaDVLk47Oh8is/DAoCaKJKrCc7
RJnBgf5ktyv5JYOd4XbBPh3S3v05ME57iM0wjyKwP6hGWnBic77iMyOXhguBJeaY
RPIM22tvQwu8Tsl2SiPU12AaavrI1o4hDPU4Fs5V9NEO6ghi1g4XbUXcNdl8wBlk
eNlJxWcJm6CIod6mKZi3OlZyuTGCmn4iRby4b++w84eIl6z4FfwPW3BQUmLEIubS
tlGmTYRnubU4kYjlelm6q3MRkq1fAgMBAAGjggKrMIICpzAdBgNVHQ4EFgQU+TVI
1lobnLPshnTAdMqY6qiJkWkwHwYDVR0jBBgwFoAUsaGqcslle0DmFrw3PhPPk7Ip
6z8wDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjYzNzJDLzVGMjE3QzM0NjU3RjExRUQ5NjRBRUY4NUYxMjIyNDY4L3NhR3Fj
c2xsZTBEbUZydzNQaFBQazdJcDZ6OC5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL3NhR3Fjc2xsZTBEbUZydzNQaFBQazdJcDZ6OC5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjYzNzJDLzVGMjE3QzM0NjU3RjExRUQ5NjRBRUY4NUYx
MjIyNDY4Lzk1QUZBQzY2NDI3NzExRjE4NEQ5RjhGQUNFMUQzOEIwLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwJQYIKwYBBQUHAQcBAf8EFjAUMBIEAgABMAwDBAFm1iwDBABm3wcwDQYJKoZI
hvcNAQELBQADggEBAN6SdRrEF633ocevB982Ct3+JwFmTe7Nm6e3eWlfFXcnFyMv
RSW18CAi2HK82ULM+aUyD9W88Srime/xC/8l+fw2F6vZnInmS61VXx3TdbSEZWM8
GJmg1wOO0akyvsRncybRLE/dSEboJ5RuWLHOVXnT6zAR5RvTBeuQ8RkvKY1oyaVm
nU0EPt3kbx12EjDYFx6F9QotBmqqmlxL16RLDXB9erL6H74T8PCOwxjS0cPJ6VTo
149qva5Qq4pu+5j3w/H9cKxQPP1urZ0WJ+IJPEw+ThmosDxN/vaEiM5CWFt4WDOA
kevnPPVoNjcGe9VTbIfooVAGkwuJMJd8/PoXYPg=
-----END CERTIFICATE-----
Generated at Thu May 7 22:15:58 2026 by rpki-client