Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3669D6B/D24A27B8879A11E983704B51F8AEA228/4623E33A12EB11F1A17749D8DAE4EC9C.roa
File: 4623E33A12EB11F1A17749D8DAE4EC9C.roa (raw, json)
Hash identifier: zJGXjfTsK+Wg4rfLHLzj054wtZZ9kvixSF6CLPDc0kQ=
Subject key identifier: 7B:4F:4D:2F:CB:C8:CC:AA:87:3E:A0:7E:12:F7:D8:AF:E7:40:0C:2A
Certificate issuer: /CN=F3669D6BAR/serialNumber=7CA3542AF087A87BACAB1F866EE5FF5B156FA787
Certificate serial: 0E11
Authority key identifier: 7C:A3:54:2A:F0:87:A8:7B:AC:AB:1F:86:6E:E5:FF:5B:15:6F:A7:87
Authority info access: rsync://rpki.afrinic.net/repository/arin/fKNUKvCHqHusqx-GbuX_WxVvp4c.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3669D6B/D24A27B8879A11E983704B51F8AEA228/4623E33A12EB11F1A17749D8DAE4EC9C.roa
Signing time: Thu 26 Feb 2026 08:15:13 +0000
ROA not before: Thu 26 Feb 2026 08:15:09 +0000
ROA not after: Tue 26 Feb 2036 08:15:09 +0000
asID: 44259
IP address blocks: 192.142.35.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F3669D6B/D24A27B8879A11E983704B51F8AEA228/fKNUKvCHqHusqx-GbuX_WxVvp4c.crl
rsync://rpki.afrinic.net/repository/member_repository/F3669D6B/D24A27B8879A11E983704B51F8AEA228/fKNUKvCHqHusqx-GbuX_WxVvp4c.mft
rsync://rpki.afrinic.net/repository/arin/fKNUKvCHqHusqx-GbuX_WxVvp4c.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 03 Mar 2026 00:26:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3601 (0xe11)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3669D6BAR, serialNumber=7CA3542AF087A87BACAB1F866EE5FF5B156FA787
Validity
Not Before: Feb 26 08:15:09 2026 GMT
Not After : Feb 26 08:15:09 2036 GMT
Subject: CN=69a00111-53df
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:a9:27:b2:e7:65:82:c5:4f:ff:39:6e:45:f3:
0a:d7:92:f3:46:34:13:4b:f2:74:c1:2d:99:1f:8b:
38:75:62:c8:74:8f:65:85:de:7a:8e:d6:8a:7b:e9:
2d:17:3c:5e:7e:2b:a7:d8:9c:b6:2d:42:0d:6e:03:
d2:4c:1f:6a:73:47:b7:ce:c5:df:6c:0a:97:44:36:
ad:be:a6:9d:51:66:9d:af:06:e8:17:11:3b:c3:23:
33:92:23:a3:18:70:39:cc:e1:f6:1f:c9:95:1a:12:
14:1a:3a:cf:be:e0:7f:10:a2:42:99:87:8e:e8:80:
54:10:3d:ac:e6:74:fb:f6:18:fd:95:2a:f1:13:80:
a9:2f:ef:6d:53:d5:db:8d:fd:6e:c4:24:4f:c0:95:
ef:d4:dd:8a:00:f5:7b:ef:dc:19:13:ea:a7:3e:5f:
73:96:f4:65:04:ea:e9:8a:c3:70:49:f9:24:c2:f9:
cb:d8:87:a5:5b:43:cd:53:a1:fd:5b:8a:17:2c:42:
81:65:6f:9c:38:69:f1:67:78:2e:95:d7:8b:ff:10:
d2:65:3e:49:a0:8d:6b:19:a2:eb:72:d2:6a:83:aa:
ec:34:99:96:0e:25:d0:0b:86:e2:13:a8:93:75:4d:
ce:07:4a:cc:13:8b:af:36:84:35:60:d3:30:fe:4a:
57:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7B:4F:4D:2F:CB:C8:CC:AA:87:3E:A0:7E:12:F7:D8:AF:E7:40:0C:2A
X509v3 Authority Key Identifier:
keyid:7C:A3:54:2A:F0:87:A8:7B:AC:AB:1F:86:6E:E5:FF:5B:15:6F:A7:87
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3669D6B/D24A27B8879A11E983704B51F8AEA228/fKNUKvCHqHusqx-GbuX_WxVvp4c.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/fKNUKvCHqHusqx-GbuX_WxVvp4c.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3669D6B/D24A27B8879A11E983704B51F8AEA228/4623E33A12EB11F1A17749D8DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
192.142.35.0/24
Signature Algorithm: sha256WithRSAEncryption
70:16:a5:8d:3c:c7:9c:6f:75:3a:e2:cb:02:d0:71:eb:a0:08:
39:7a:1d:08:9c:eb:ef:f2:9f:b7:f0:cd:0d:d6:e2:c4:8a:83:
a7:7f:14:1f:9a:2d:f1:ae:09:13:07:57:ab:e7:3a:cf:da:df:
39:6c:e5:eb:78:9f:b6:bd:b8:8f:73:54:2d:71:3e:69:8d:14:
cc:a4:d4:98:a4:09:8b:1d:3d:eb:ef:cd:df:18:76:e3:2f:99:
1c:dd:c7:7f:29:0d:da:4b:ca:41:1c:7a:89:34:83:ad:4c:fc:
65:92:54:c4:5d:9c:c1:4d:d7:ce:3b:e3:19:d0:4e:83:53:36:
3b:b2:e0:e9:67:44:02:38:ae:6f:cc:6e:97:b9:9c:68:44:00:
8a:86:99:d7:e2:7f:e8:9c:c8:40:47:ce:97:18:37:40:36:f3:
74:d0:50:d9:e2:70:53:9d:5d:32:35:b9:af:af:26:5b:04:a5:
fa:7a:39:cf:74:ea:31:18:fb:02:50:df:29:84:15:02:cc:75:
44:5d:79:0d:38:be:5a:23:95:4c:0d:ad:d2:c8:30:ab:44:74:
40:43:c7:9a:1e:fa:0b:6f:a7:00:07:bd:96:61:50:5c:33:ea:
dd:44:c8:66:06:7f:e4:a8:8a:51:68:0d:2d:05:ff:4f:4e:3a:
c5:2f:36:7d
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICDhEwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
NjlENkJBUjExMC8GA1UEBRMoN0NBMzU0MkFGMDg3QTg3QkFDQUIxRjg2NkVFNUZG
NUIxNTZGQTc4NzAeFw0yNjAyMjYwODE1MDlaFw0zNjAyMjYwODE1MDlaMBgxFjAU
BgNVBAMTDTY5YTAwMTExLTUzZGYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQCiqSey52WCxU//OW5F8wrXkvNGNBNL8nTBLZkfizh1Ysh0j2WF3nqO1op7
6S0XPF5+K6fYnLYtQg1uA9JMH2pzR7fOxd9sCpdENq2+pp1RZp2vBugXETvDIzOS
I6MYcDnM4fYfyZUaEhQaOs++4H8QokKZh47ogFQQPazmdPv2GP2VKvETgKkv721T
1duN/W7EJE/Ale/U3YoA9Xvv3BkT6qc+X3OW9GUE6umKw3BJ+STC+cvYh6VbQ81T
of1bihcsQoFlb5w4afFneC6V14v/ENJlPkmgjWsZouty0mqDquw0mZYOJdALhuIT
qJN1Tc4HSswTi682hDVg0zD+Slc7AgMBAAGjggKiMIICnjAdBgNVHQ4EFgQUe09N
L8vIzKqHPqB+EvfYr+dADCowHwYDVR0jBBgwFoAUfKNUKvCHqHusqx+GbuX/WxVv
p4cwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjY5RDZCL0QyNEEyN0I4ODc5QTExRTk4MzcwNEI1MUY4QUVBMjI4L2ZLTlVL
dkNIcUh1c3F4LUdidVhfV3hWdnA0Yy5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hcmlu
L2ZLTlVLdkNIcUh1c3F4LUdidVhfV3hWdnA0Yy5jZXIwTwYDVR0gAQH/BEUwQzBB
BggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5pYy5u
ZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEFBQcw
C4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9y
ZXBvc2l0b3J5L0YzNjY5RDZCL0QyNEEyN0I4ODc5QTExRTk4MzcwNEI1MUY4QUVB
MjI4LzQ2MjNFMzNBMTJFQjExRjFBMTc3NDlEOERBRTRFQzlDLnJvYTA1BggrBgEF
BQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54bWww
HwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADAjiMwDQYJKoZIhvcNAQELBQAD
ggEBAHAWpY08x5xvdTriywLQceugCDl6HQic6+/yn7fwzQ3W4sSKg6d/FB+aLfGu
CRMHV6vnOs/a3zls5et4n7a9uI9zVC1xPmmNFMyk1JikCYsdPevvzd8YduMvmRzd
x38pDdpLykEceok0g61M/GWSVMRdnMFN18474xnQToNTNjuy4OlnRAI4rm/Mbpe5
nGhEAIqGmdfif+icyEBHzpcYN0A283TQUNnicFOdXTI1ua+vJlsEpfp6Oc906jEY
+wJQ3ymEFQLMdURdeQ04vlojlUwNrdLIMKtEdEBDx5oe+gtvpwAHvZZhUFwz6t1E
yGYGf+SoilFoDS0F/09OOsUvNn0=
-----END CERTIFICATE-----
Generated at Sun Mar 1 19:35:42 2026 by rpki-client