Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F369E735/7BC5D4801CD711F1B9A0DDDFDAE4EC9C/8DE4B02A1CDA11F1B51079F1DAE4EC9C.roa
File: 8DE4B02A1CDA11F1B51079F1DAE4EC9C.roa (raw, json)
Hash identifier: ki1Y7U8ceJ4uu+WWwIuci/NWldaq2lAVwWjFI1+0Btg=
Subject key identifier: C0:9A:F5:AE:55:93:EA:8B:64:6F:10:E0:E9:5A:AE:30:FE:E3:BC:D3
Certificate issuer: /CN=F369E735AF/serialNumber=6F8526DCEB5AA824071447D1DEB41CEC806B4A81
Certificate serial: 02
Authority key identifier: 6F:85:26:DC:EB:5A:A8:24:07:14:47:D1:DE:B4:1C:EC:80:6B:4A:81
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/b4Um3OtaqCQHFEfR3rQc7IBrSoE.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F369E735/7BC5D4801CD711F1B9A0DDDFDAE4EC9C/8DE4B02A1CDA11F1B51079F1DAE4EC9C.roa
Signing time: Tue 10 Mar 2026 23:40:44 +0000
ROA not before: Wed 11 Mar 2026 23:40:38 +0000
ROA not after: Thu 11 Mar 2027 23:40:38 +0000
asID: 329252
IP address blocks: 102.213.188.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F369E735/7BC5D4801CD711F1B9A0DDDFDAE4EC9C/b4Um3OtaqCQHFEfR3rQc7IBrSoE.crl
rsync://rpki.afrinic.net/repository/member_repository/F369E735/7BC5D4801CD711F1B9A0DDDFDAE4EC9C/b4Um3OtaqCQHFEfR3rQc7IBrSoE.mft
rsync://rpki.afrinic.net/repository/afrinic/b4Um3OtaqCQHFEfR3rQc7IBrSoE.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Wed 25 Mar 2026 00:06:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F369E735AF, serialNumber=6F8526DCEB5AA824071447D1DEB41CEC806B4A81
Validity
Not Before: Mar 11 23:40:38 2026 GMT
Not After : Mar 11 23:40:38 2027 GMT
Subject: CN=69b0abfc-786c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:ac:cf:5c:6a:46:7d:16:45:be:a3:bb:5f:36:
c9:b0:e3:53:47:78:94:5d:fc:10:30:55:1c:ee:21:
33:32:3d:06:3a:6c:8a:d4:3f:7d:6d:d7:44:28:ef:
7b:14:78:c2:2f:3d:d5:9b:05:20:1c:08:4f:cd:62:
fd:11:07:ea:f8:97:84:66:fa:8e:d2:24:5b:8a:32:
30:f0:38:c1:f2:8a:78:c5:99:12:fe:58:d5:ee:d3:
6f:83:59:e5:73:0f:bd:7b:33:e2:b8:6b:e8:64:6d:
b1:cd:06:34:dd:5f:65:57:99:eb:c1:bf:d0:18:bd:
66:2e:fe:a0:85:ff:7e:23:89:ed:17:91:57:bb:eb:
02:94:0f:dc:7a:fc:0e:d1:ff:70:38:4b:c6:91:a8:
70:0f:1d:14:e9:d7:72:6c:22:69:e3:f3:a9:42:aa:
9d:e0:b6:68:c4:c0:d3:1e:88:35:05:2c:3d:2f:c4:
b2:cd:e1:64:ab:82:19:68:60:b1:fd:ff:d2:aa:34:
ce:48:16:60:0d:58:af:4d:6f:96:11:4b:ef:93:8b:
b7:a8:e6:bd:9d:06:4c:54:24:0b:72:5a:a9:e4:7d:
85:be:59:bc:bd:6e:5a:35:fe:3c:22:45:3d:03:d4:
b5:f0:3c:42:27:1f:b6:2a:1f:f9:cc:1e:2c:6e:00:
c4:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:9A:F5:AE:55:93:EA:8B:64:6F:10:E0:E9:5A:AE:30:FE:E3:BC:D3
X509v3 Authority Key Identifier:
keyid:6F:85:26:DC:EB:5A:A8:24:07:14:47:D1:DE:B4:1C:EC:80:6B:4A:81
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F369E735/7BC5D4801CD711F1B9A0DDDFDAE4EC9C/b4Um3OtaqCQHFEfR3rQc7IBrSoE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/b4Um3OtaqCQHFEfR3rQc7IBrSoE.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F369E735/7BC5D4801CD711F1B9A0DDDFDAE4EC9C/8DE4B02A1CDA11F1B51079F1DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.213.188.0/22
Signature Algorithm: sha256WithRSAEncryption
5c:98:1d:06:b4:52:24:f8:04:0b:f9:f1:e5:3a:d6:96:3d:91:
6c:57:c5:42:61:2d:d9:af:ff:b2:b2:1a:c1:17:fe:bd:5e:36:
51:1e:0c:8f:74:7f:35:3e:77:f3:76:68:e5:d1:96:2e:2d:47:
12:0e:da:44:fd:bf:d2:b5:aa:23:15:35:45:3a:7c:58:9f:ba:
76:63:07:64:13:37:7c:48:ca:5b:22:83:e0:74:2d:93:f3:59:
19:75:b4:3b:76:a0:09:40:21:4a:1c:73:c6:b1:65:9e:87:95:
2b:e9:94:f8:aa:20:0a:70:e7:a2:a5:aa:56:64:e1:28:a8:b2:
b9:33:1b:d6:f5:2d:a3:39:c6:a0:f2:ac:b7:84:fe:7b:0d:e7:
8a:7a:34:2b:8b:09:16:14:c2:75:8a:08:7e:35:c5:17:4e:97:
55:46:b5:5a:e5:b5:80:a1:6d:1d:50:aa:45:bb:88:c2:4c:7f:
2c:aa:4e:0a:66:2a:42:c5:c1:95:88:62:0f:e0:03:04:cd:ad:
22:b0:50:af:6a:0f:cb:75:af:48:c3:2c:97:43:20:e1:35:e9:
47:44:42:1a:41:40:99:06:2f:ef:c3:ba:ba:76:2b:5a:f1:05:
c5:3f:76:a8:68:ab:b3:f3:0a:94:64:67:a4:25:c9:c3:42:09:
8a:78:eb:61
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgIBAjANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzY5
RTczNUFGMTEwLwYDVQQFEyg2Rjg1MjZEQ0VCNUFBODI0MDcxNDQ3RDFERUI0MUNF
QzgwNkI0QTgxMB4XDTI2MDMxMTIzNDAzOFoXDTI3MDMxMTIzNDAzOFowGDEWMBQG
A1UEAxMNNjliMGFiZmMtNzg2YzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKesz1xqRn0WRb6ju182ybDjU0d4lF38EDBVHO4hMzI9BjpsitQ/fW3XRCjv
exR4wi891ZsFIBwIT81i/REH6viXhGb6jtIkW4oyMPA4wfKKeMWZEv5Y1e7Tb4NZ
5XMPvXsz4rhr6GRtsc0GNN1fZVeZ68G/0Bi9Zi7+oIX/fiOJ7ReRV7vrApQP3Hr8
DtH/cDhLxpGocA8dFOnXcmwiaePzqUKqneC2aMTA0x6INQUsPS/Ess3hZKuCGWhg
sf3/0qo0zkgWYA1Yr01vlhFL75OLt6jmvZ0GTFQkC3JaqeR9hb5ZvL1uWjX+PCJF
PQPUtfA8Qicftiof+cweLG4AxGUCAwEAAaOCAqUwggKhMB0GA1UdDgQWBBTAmvWu
VZPqi2RvEODpWq4w/uO80zAfBgNVHSMEGDAWgBRvhSbc61qoJAcUR9HetBzsgGtK
gTAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2OUU3MzUvN0JDNUQ0ODAxQ0Q3MTFGMUI5QTBERERGREFFNEVDOUMvYjRVbTNP
dGFxQ1FIRkVmUjNyUWM3SUJyU29FLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvYjRVbTNPdGFxQ1FIRkVmUjNyUWM3SUJyU29FLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2OUU3MzUvN0JDNUQ0ODAxQ0Q3MTFGMUI5QTBERERGREFF
NEVDOUMvOERFNEIwMkExQ0RBMTFGMUI1MTA3OUYxREFFNEVDOUMucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAmbVvDANBgkqhkiG9w0BAQsF
AAOCAQEAXJgdBrRSJPgEC/nx5TrWlj2RbFfFQmEt2a//srIawRf+vV42UR4Mj3R/
NT5383Zo5dGWLi1HEg7aRP2/0rWqIxU1RTp8WJ+6dmMHZBM3fEjKWyKD4HQtk/NZ
GXW0O3agCUAhShxzxrFlnoeVK+mU+KogCnDnoqWqVmThKKiyuTMb1vUtoznGoPKs
t4T+ew3nino0K4sJFhTCdYoIfjXFF06XVUa1WuW1gKFtHVCqRbuIwkx/LKpOCmYq
QsXBlYhiD+ADBM2tIrBQr2oPy3WvSMMsl0Mg4TXpR0RCGkFAmQYv78O6unYrWvEF
xT92qGirs/MKlGRnpCXJw0IJinjrYQ==
-----END CERTIFICATE-----
Generated at Mon Mar 23 11:39:24 2026 by rpki-client