Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36B4949/854F78DE42D011F18D6F7EA9CE1D38B0/3A43E14442D111F1B4A897ADCE1D38B0.roa
File: 3A43E14442D111F1B4A897ADCE1D38B0.roa (raw, json)
Hash identifier: 6ccqNU9fvFt23MyoJpiG4IaGTHsOHYm+SFX3Z5h56wk=
Subject key identifier: 68:13:51:F2:0D:30:20:D6:03:95:E5:13:8E:1C:DF:04:F9:0F:CC:0C
Certificate issuer: /CN=F36B4949AF/serialNumber=295874E9F2D7DAC05AA2EFB8309F7A0AF47040DA
Certificate serial: 02
Authority key identifier: 29:58:74:E9:F2:D7:DA:C0:5A:A2:EF:B8:30:9F:7A:0A:F4:70:40:DA
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/KVh06fLX2sBaou-4MJ96CvRwQNo.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36B4949/854F78DE42D011F18D6F7EA9CE1D38B0/3A43E14442D111F1B4A897ADCE1D38B0.roa
Signing time: Tue 28 Apr 2026 07:09:42 +0000
ROA not before: Tue 28 Apr 2026 07:09:38 +0000
ROA not after: Fri 28 Apr 2028 07:09:38 +0000
asID: 329581
IP address blocks: 102.205.122.0/24 maxlen: 24
2001:43f8:17c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36B4949/854F78DE42D011F18D6F7EA9CE1D38B0/KVh06fLX2sBaou-4MJ96CvRwQNo.crl
rsync://rpki.afrinic.net/repository/member_repository/F36B4949/854F78DE42D011F18D6F7EA9CE1D38B0/KVh06fLX2sBaou-4MJ96CvRwQNo.mft
rsync://rpki.afrinic.net/repository/afrinic/KVh06fLX2sBaou-4MJ96CvRwQNo.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Thu 07 May 2026 00:07:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36B4949AF, serialNumber=295874E9F2D7DAC05AA2EFB8309F7A0AF47040DA
Validity
Not Before: Apr 28 07:09:38 2026 GMT
Not After : Apr 28 07:09:38 2028 GMT
Subject: CN=69f05d36-659d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:fb:c9:c0:5e:de:0d:dc:42:c9:56:a0:1b:5f:
4b:c0:d4:74:0e:2d:fe:2a:00:62:1f:76:94:75:a9:
21:f1:0d:c4:59:2b:9f:a3:28:07:b9:64:24:78:46:
83:c8:41:c2:42:ef:04:43:80:ae:0c:7b:d0:d8:9f:
13:93:ee:22:aa:3c:2b:07:ed:56:c6:41:50:b5:69:
79:a9:3b:87:a7:b5:f7:c2:29:fb:81:c1:60:61:57:
c9:51:41:99:33:78:bb:0b:97:64:f5:f7:14:af:90:
ce:a1:49:92:59:52:b6:eb:65:02:6d:f5:b5:90:d0:
87:aa:83:98:b4:1b:cb:eb:8e:91:40:9e:94:31:2b:
ff:37:52:f8:5f:d5:8d:8d:61:1b:64:25:5e:00:82:
4c:ec:50:36:a0:a5:c5:a4:95:fa:ed:90:f8:6e:d4:
9b:18:8c:a3:c0:db:f9:38:b9:d0:10:2c:bd:7f:01:
c4:22:c1:6d:0c:3e:dd:13:c0:11:12:ad:7c:c1:4f:
20:30:b0:ea:fa:a9:fd:69:b6:09:cf:a6:5b:86:48:
56:0a:ac:f3:eb:a4:f0:35:29:62:81:84:b6:ed:bf:
f5:6b:92:72:da:69:00:b8:6f:34:e8:5e:4f:34:57:
d0:57:a3:cf:7f:bc:9d:09:c7:dc:76:af:69:71:0d:
79:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:13:51:F2:0D:30:20:D6:03:95:E5:13:8E:1C:DF:04:F9:0F:CC:0C
X509v3 Authority Key Identifier:
keyid:29:58:74:E9:F2:D7:DA:C0:5A:A2:EF:B8:30:9F:7A:0A:F4:70:40:DA
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36B4949/854F78DE42D011F18D6F7EA9CE1D38B0/KVh06fLX2sBaou-4MJ96CvRwQNo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/KVh06fLX2sBaou-4MJ96CvRwQNo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36B4949/854F78DE42D011F18D6F7EA9CE1D38B0/3A43E14442D111F1B4A897ADCE1D38B0.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.205.122.0/24
IPv6:
2001:43f8:17c0::/48
Signature Algorithm: sha256WithRSAEncryption
e5:65:7e:2a:4b:fc:d4:48:77:88:0f:9c:ad:83:d9:b4:1e:b2:
7f:01:ea:61:e5:86:72:54:c2:6b:69:6d:c4:98:16:bf:65:fb:
d7:80:d7:48:69:1a:39:53:72:0b:12:31:fd:5f:8c:60:36:48:
df:bb:8e:2a:2b:cf:10:b5:b2:b0:a9:f7:01:03:50:17:26:5b:
c9:b9:e5:14:8c:62:3b:21:cc:4e:99:48:d6:46:aa:f7:38:2b:
da:5d:8e:1d:bd:74:d0:29:dd:ab:3e:4e:cb:86:38:c3:b9:22:
32:a1:ee:82:ce:11:59:90:d6:66:20:b9:5f:56:75:6d:d9:d6:
b0:6a:9e:80:cf:01:51:f2:16:df:e0:7d:ba:34:20:8f:f3:9a:
99:9e:f1:ff:50:25:35:d8:55:25:6f:f1:c0:29:55:2b:9f:f1:
78:26:4f:22:e9:40:63:1f:db:e3:fa:10:57:f9:79:04:b1:31:
c6:78:ca:2b:2c:d6:bf:60:0f:bd:34:2b:c4:44:9a:ba:7b:08:
93:0f:45:b8:f3:0b:8f:5f:13:16:a9:90:ca:b8:41:96:96:2e:
02:ac:ec:df:db:17:c6:be:38:57:39:4a:9b:e8:3d:a8:e2:be:
ef:79:61:82:f3:33:fd:7c:c1:03:c2:dd:92:69:7f:79:42:76:
58:62:7f:9f
-----BEGIN CERTIFICATE-----
MIIFkzCCBHugAwIBAgIBAjANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzZC
NDk0OUFGMTEwLwYDVQQFEygyOTU4NzRFOUYyRDdEQUMwNUFBMkVGQjgzMDlGN0Ew
QUY0NzA0MERBMB4XDTI2MDQyODA3MDkzOFoXDTI4MDQyODA3MDkzOFowGDEWMBQG
A1UEAxMNNjlmMDVkMzYtNjU5ZDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOL7ycBe3g3cQslWoBtfS8DUdA4t/ioAYh92lHWpIfENxFkrn6MoB7lkJHhG
g8hBwkLvBEOArgx70NifE5PuIqo8KwftVsZBULVpeak7h6e198Ip+4HBYGFXyVFB
mTN4uwuXZPX3FK+QzqFJkllStutlAm31tZDQh6qDmLQby+uOkUCelDEr/zdS+F/V
jY1hG2QlXgCCTOxQNqClxaSV+u2Q+G7UmxiMo8Db+Ti50BAsvX8BxCLBbQw+3RPA
ERKtfMFPIDCw6vqp/Wm2Cc+mW4ZIVgqs8+uk8DUpYoGEtu2/9WuSctppALhvNOhe
TzRX0Fejz3+8nQnH3HavaXENeY8CAwEAAaOCArYwggKyMB0GA1UdDgQWBBRoE1Hy
DTAg1gOV5ROOHN8E+Q/MDDAfBgNVHSMEGDAWgBQpWHTp8tfawFqi77gwn3oK9HBA
2jAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2QjQ5NDkvODU0Rjc4REU0MkQwMTFGMThENkY3RUE5Q0UxRDM4QjAvS1ZoMDZm
TFgyc0Jhb3UtNE1KOTZDdlJ3UU5vLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvS1ZoMDZmTFgyc0Jhb3UtNE1KOTZDdlJ3UU5vLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2QjQ5NDkvODU0Rjc4REU0MkQwMTFGMThENkY3RUE5Q0Ux
RDM4QjAvM0E0M0UxNDQ0MkQxMTFGMUI0QTg5N0FEQ0UxRDM4QjAucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAwBggrBgEFBQcBBwEB/wQhMB8wDAQCAAEwBgMEAGbNejAPBAIAAjAJAwcAIAFD
+BfAMA0GCSqGSIb3DQEBCwUAA4IBAQDlZX4qS/zUSHeID5ytg9m0HrJ/Aeph5YZy
VMJraW3EmBa/ZfvXgNdIaRo5U3ILEjH9X4xgNkjfu44qK88QtbKwqfcBA1AXJlvJ
ueUUjGI7IcxOmUjWRqr3OCvaXY4dvXTQKd2rPk7LhjjDuSIyoe6CzhFZkNZmILlf
VnVt2dawap6AzwFR8hbf4H26NCCP85qZnvH/UCU12FUlb/HAKVUrn/F4Jk8i6UBj
H9vj+hBX+XkEsTHGeMorLNa/YA+9NCvERJq6ewiTD0W48wuPXxMWqZDKuEGWli4C
rOzf2xfGvjhXOUqb6D2o4r7veWGC8zP9fMEDwt2SaX95QnZYYn+f
-----END CERTIFICATE-----
Generated at Wed May 6 02:40:33 2026 by rpki-client