Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36C58D6/D69A4DFE731611E99133037CF8AEA228/0849B0321C4911F18BE3F5B2DAE4EC9C.roa
File: 0849B0321C4911F18BE3F5B2DAE4EC9C.roa (raw, json)
Hash identifier: vvgaSF8+lGSYR1KNclZfyBp+wLxw4lppzyfZvX4E3Ro=
Subject key identifier: 2A:8E:E5:29:90:52:2E:52:8B:25:4D:77:E0:6F:EB:3D:8B:0D:69:B9
Certificate issuer: /CN=F36C58D6AF/serialNumber=48A2F2C4AA4AEA39BE46BFE5F99C92629BBED8FC
Certificate serial: 179A
Authority key identifier: 48:A2:F2:C4:AA:4A:EA:39:BE:46:BF:E5:F9:9C:92:62:9B:BE:D8:FC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/SKLyxKpK6jm-Rr_l-ZySYpu-2Pw.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36C58D6/D69A4DFE731611E99133037CF8AEA228/0849B0321C4911F18BE3F5B2DAE4EC9C.roa
Signing time: Tue 10 Mar 2026 06:19:03 +0000
ROA not before: Tue 10 Mar 2026 06:18:58 +0000
ROA not after: Fri 10 Mar 2028 06:18:58 +0000
asID: 397423
IP address blocks: 102.129.150.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36C58D6/D69A4DFE731611E99133037CF8AEA228/SKLyxKpK6jm-Rr_l-ZySYpu-2Pw.crl
rsync://rpki.afrinic.net/repository/member_repository/F36C58D6/D69A4DFE731611E99133037CF8AEA228/SKLyxKpK6jm-Rr_l-ZySYpu-2Pw.mft
rsync://rpki.afrinic.net/repository/afrinic/SKLyxKpK6jm-Rr_l-ZySYpu-2Pw.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Thu 26 Mar 2026 01:25:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6042 (0x179a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36C58D6AF, serialNumber=48A2F2C4AA4AEA39BE46BFE5F99C92629BBED8FC
Validity
Not Before: Mar 10 06:18:58 2026 GMT
Not After : Mar 10 06:18:58 2028 GMT
Subject: CN=69afb7d7-ccf6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:ef:ca:d7:ed:5d:96:f1:28:4c:ed:86:fe:f7:
fa:d9:01:3d:ea:1f:24:1b:ac:b1:de:5e:80:d7:6c:
08:a2:b6:6d:85:1c:5e:23:c1:09:16:16:ae:a9:bc:
54:3e:1c:9a:ac:89:5c:39:b5:59:86:25:56:15:ea:
9d:8c:2f:50:62:72:9a:cd:5e:9d:30:bf:30:5b:e3:
22:13:9d:2f:f6:f9:b9:8b:09:a1:66:78:2e:28:52:
f0:d1:92:c5:19:88:9c:ae:8b:ae:69:f4:e9:f8:1e:
70:e4:67:25:2b:3b:94:86:a0:e0:46:05:2a:eb:2e:
bc:a4:af:e9:88:ca:8f:eb:40:c3:f1:28:76:76:b2:
2f:5e:06:fb:34:e6:31:c4:79:16:26:3b:fa:69:24:
ca:4e:c1:35:09:4b:b0:ce:ee:17:1a:78:66:c2:d0:
b4:b6:ee:6a:80:e1:ad:d4:47:db:db:4d:da:3d:5b:
29:45:89:be:4e:19:f7:c4:05:18:1d:f0:6a:f1:8e:
b3:9c:a7:40:85:f2:91:01:86:93:31:2f:15:7f:13:
3f:6a:85:05:db:32:f5:d2:2d:c0:46:63:e2:45:32:
28:8c:a3:16:92:cd:1b:52:cd:92:5e:7a:2c:e6:1c:
65:8b:36:05:f4:e0:46:42:6b:8e:13:fb:79:d9:93:
56:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:8E:E5:29:90:52:2E:52:8B:25:4D:77:E0:6F:EB:3D:8B:0D:69:B9
X509v3 Authority Key Identifier:
keyid:48:A2:F2:C4:AA:4A:EA:39:BE:46:BF:E5:F9:9C:92:62:9B:BE:D8:FC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36C58D6/D69A4DFE731611E99133037CF8AEA228/SKLyxKpK6jm-Rr_l-ZySYpu-2Pw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/SKLyxKpK6jm-Rr_l-ZySYpu-2Pw.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36C58D6/D69A4DFE731611E99133037CF8AEA228/0849B0321C4911F18BE3F5B2DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.129.150.0/24
Signature Algorithm: sha256WithRSAEncryption
8c:ff:b1:02:74:2e:3e:1b:73:42:ed:80:e9:c8:59:e4:72:32:
d5:96:c0:2d:3c:8d:62:1f:be:8e:8b:97:e9:65:33:65:9c:f8:
40:4c:cf:0d:e6:03:fb:9e:96:0e:00:b8:5b:65:62:83:75:40:
f1:9f:b8:a5:e2:53:e6:b9:88:99:ea:ff:3b:dd:ab:fe:6d:01:
07:a1:1b:11:a3:ab:f6:b0:78:7b:c1:06:f3:f3:cb:bc:b9:21:
a0:4f:5d:28:13:82:e3:75:e3:27:c5:83:0f:29:a2:cf:b6:c1:
3d:25:74:66:2d:4a:46:19:13:e5:48:28:af:ed:2d:17:92:f6:
3d:27:14:90:33:8a:0a:ed:34:b7:3d:b5:ac:40:83:68:d8:d3:
20:7c:33:06:a9:1a:64:19:ce:c7:97:5c:dd:1e:f9:4e:ee:ac:
5a:0b:44:83:f7:d2:34:50:5c:a3:cb:6f:7e:f6:90:4c:f5:f1:
6d:2c:29:29:22:98:8a:cf:91:9f:3d:f9:7c:4c:ee:0e:c1:42:
b1:25:15:a2:0a:09:82:af:e0:4b:8c:6f:2f:5e:54:86:90:9a:
e6:4d:0d:85:ec:16:00:f0:be:f1:a5:05:ca:a2:39:a2:6e:dc:
9e:dd:be:09:43:90:f2:66:15:5c:4b:52:aa:c1:28:93:4a:73:
ca:df:01:53
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICF5owDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
QzU4RDZBRjExMC8GA1UEBRMoNDhBMkYyQzRBQTRBRUEzOUJFNDZCRkU1Rjk5Qzky
NjI5QkJFRDhGQzAeFw0yNjAzMTAwNjE4NThaFw0yODAzMTAwNjE4NThaMBgxFjAU
BgNVBAMTDTY5YWZiN2Q3LWNjZjYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQCq78rX7V2W8ShM7Yb+9/rZAT3qHyQbrLHeXoDXbAiitm2FHF4jwQkWFq6p
vFQ+HJqsiVw5tVmGJVYV6p2ML1BicprNXp0wvzBb4yITnS/2+bmLCaFmeC4oUvDR
ksUZiJyui65p9On4HnDkZyUrO5SGoOBGBSrrLrykr+mIyo/rQMPxKHZ2si9eBvs0
5jHEeRYmO/ppJMpOwTUJS7DO7hcaeGbC0LS27mqA4a3UR9vbTdo9WylFib5OGffE
BRgd8GrxjrOcp0CF8pEBhpMxLxV/Ez9qhQXbMvXSLcBGY+JFMiiMoxaSzRtSzZJe
eizmHGWLNgX04EZCa44T+3nZk1brAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUKo7l
KZBSLlKLJU134G/rPYsNabkwHwYDVR0jBBgwFoAUSKLyxKpK6jm+Rr/l+ZySYpu+
2PwwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNkM1OEQ2L0Q2OUE0REZFNzMxNjExRTk5MTMzMDM3Q0Y4QUVBMjI4L1NLTHl4
S3BLNmptLVJyX2wtWnlTWXB1LTJQdy5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL1NLTHl4S3BLNmptLVJyX2wtWnlTWXB1LTJQdy5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNkM1OEQ2L0Q2OUE0REZFNzMxNjExRTk5MTMzMDM3Q0Y4
QUVBMjI4LzA4NDlCMDMyMUM0OTExRjE4QkUzRjVCMkRBRTRFQzlDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABmgZYwDQYJKoZIhvcNAQEL
BQADggEBAIz/sQJ0Lj4bc0LtgOnIWeRyMtWWwC08jWIfvo6Ll+llM2Wc+EBMzw3m
A/uelg4AuFtlYoN1QPGfuKXiU+a5iJnq/zvdq/5tAQehGxGjq/aweHvBBvPzy7y5
IaBPXSgTguN14yfFgw8pos+2wT0ldGYtSkYZE+VIKK/tLReS9j0nFJAzigrtNLc9
taxAg2jY0yB8MwapGmQZzseXXN0e+U7urFoLRIP30jRQXKPLb372kEz18W0sKSki
mIrPkZ89+XxM7g7BQrElFaIKCYKv4EuMby9eVIaQmuZNDYXsFgDwvvGlBcqiOaJu
3J7dvglDkPJmFVxLUqrBKJNKc8rfAVM=
-----END CERTIFICATE-----
Generated at Tue Mar 24 10:22:45 2026 by rpki-client