Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36C58D6/D69A4DFE731611E99133037CF8AEA228/E49D273A236F11F1B505C3EEDAE4EC9C.roa
File: E49D273A236F11F1B505C3EEDAE4EC9C.roa (raw, json)
Hash identifier: kJ2wL47tBex48wRBzsqDYHM00IFX2r7+AqOsEK9CRNM=
Subject key identifier: A8:A3:7B:29:75:85:34:A0:0A:6E:32:79:A7:53:DF:51:FF:4B:1B:2B
Certificate issuer: /CN=F36C58D6AF/serialNumber=48A2F2C4AA4AEA39BE46BFE5F99C92629BBED8FC
Certificate serial: 17D5
Authority key identifier: 48:A2:F2:C4:AA:4A:EA:39:BE:46:BF:E5:F9:9C:92:62:9B:BE:D8:FC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/SKLyxKpK6jm-Rr_l-ZySYpu-2Pw.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36C58D6/D69A4DFE731611E99133037CF8AEA228/E49D273A236F11F1B505C3EEDAE4EC9C.roa
Signing time: Thu 19 Mar 2026 08:44:51 +0000
ROA not before: Thu 19 Mar 2026 08:44:47 +0000
ROA not after: Sun 19 Mar 2028 08:44:47 +0000
asID: 209697
IP address blocks: 102.129.157.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36C58D6/D69A4DFE731611E99133037CF8AEA228/SKLyxKpK6jm-Rr_l-ZySYpu-2Pw.crl
rsync://rpki.afrinic.net/repository/member_repository/F36C58D6/D69A4DFE731611E99133037CF8AEA228/SKLyxKpK6jm-Rr_l-ZySYpu-2Pw.mft
rsync://rpki.afrinic.net/repository/afrinic/SKLyxKpK6jm-Rr_l-ZySYpu-2Pw.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 22 Mar 2026 00:06:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6101 (0x17d5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36C58D6AF, serialNumber=48A2F2C4AA4AEA39BE46BFE5F99C92629BBED8FC
Validity
Not Before: Mar 19 08:44:47 2026 GMT
Not After : Mar 19 08:44:47 2028 GMT
Subject: CN=69bbb783-9978
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:7c:fa:30:29:30:50:46:f1:45:6c:1b:ed:6e:
ef:ad:94:54:42:ef:f8:67:4b:2c:a8:39:a1:70:15:
23:f7:0c:67:d0:85:a0:b2:3f:84:c5:69:ab:df:f4:
3b:7a:c3:1d:4d:6b:89:79:a0:74:7a:f8:21:ff:f8:
49:80:5f:fa:f3:63:fa:94:89:1e:56:65:df:90:3f:
6c:b4:66:b4:8d:cb:18:f1:29:e9:bf:4d:c1:48:3c:
1b:d8:79:f3:fe:de:a5:07:0f:a9:a5:4a:08:74:ec:
fb:97:77:93:f2:91:f9:de:c0:c6:b5:c8:ab:17:14:
f7:9f:c2:73:e9:5c:22:bd:ca:2c:b7:07:44:5f:85:
69:ff:1b:dc:8b:93:84:6c:a6:9e:90:3c:a0:17:e5:
7c:dc:a6:09:54:eb:62:a4:2d:04:91:eb:80:0f:15:
59:fb:a0:4d:1b:38:2d:20:21:e6:f8:c5:e5:0f:70:
0c:d3:72:70:df:8b:f1:25:0b:82:eb:e6:c4:6a:76:
d1:b7:fa:a9:e2:14:9c:04:ef:1d:25:5d:da:28:dd:
f8:1c:e3:88:92:a1:1b:09:17:93:73:b2:ac:f3:6d:
73:cf:99:63:ef:a1:6c:d3:f1:a2:49:42:f1:d1:64:
ce:d3:22:b4:dc:f6:32:08:2b:fa:e4:d2:0e:54:e8:
50:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:A3:7B:29:75:85:34:A0:0A:6E:32:79:A7:53:DF:51:FF:4B:1B:2B
X509v3 Authority Key Identifier:
keyid:48:A2:F2:C4:AA:4A:EA:39:BE:46:BF:E5:F9:9C:92:62:9B:BE:D8:FC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36C58D6/D69A4DFE731611E99133037CF8AEA228/SKLyxKpK6jm-Rr_l-ZySYpu-2Pw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/SKLyxKpK6jm-Rr_l-ZySYpu-2Pw.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36C58D6/D69A4DFE731611E99133037CF8AEA228/E49D273A236F11F1B505C3EEDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.129.157.0/24
Signature Algorithm: sha256WithRSAEncryption
23:4f:7f:43:45:70:28:d1:2d:71:6c:39:91:c1:a9:61:5d:96:
1b:de:66:83:f6:67:21:ee:67:ee:d5:62:e1:bc:37:87:7b:3a:
08:49:08:d3:69:7c:d0:06:07:98:5e:39:bb:8b:d8:71:5d:04:
65:d0:9d:78:28:9c:bf:fd:ed:f8:4b:14:a8:12:c4:db:d0:cf:
ff:65:f7:b5:31:39:a8:3b:74:2d:bc:e5:fd:0d:7c:12:a3:b2:
bb:8e:47:b1:ab:14:2b:a5:f5:99:bd:b1:ab:46:bd:60:30:e3:
b8:ce:a5:e3:e0:6d:5b:a1:59:72:1e:6e:73:41:df:50:b6:5f:
85:60:bb:ca:49:77:f8:60:ff:1f:65:84:83:e0:d2:94:f2:98:
66:57:3a:17:6d:cf:ea:40:c1:48:7f:b8:ec:c3:86:82:25:cc:
2c:30:c6:6a:97:62:f9:d4:05:4a:a2:eb:00:63:80:df:f2:fb:
d4:97:f1:14:db:75:00:a7:a9:db:1a:73:44:07:43:cf:bc:8d:
33:be:a4:fa:3c:6f:31:1b:ff:dd:32:7a:3a:1d:c2:b0:f1:8d:
55:06:2b:41:c1:65:49:7b:6f:87:cb:60:71:78:5f:90:09:91:
96:ce:0a:f5:87:30:3b:30:1b:c9:03:6d:ac:80:e4:62:dd:9b:
ef:62:70:e7
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICF9UwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
QzU4RDZBRjExMC8GA1UEBRMoNDhBMkYyQzRBQTRBRUEzOUJFNDZCRkU1Rjk5Qzky
NjI5QkJFRDhGQzAeFw0yNjAzMTkwODQ0NDdaFw0yODAzMTkwODQ0NDdaMBgxFjAU
BgNVBAMTDTY5YmJiNzgzLTk5NzgwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQChfPowKTBQRvFFbBvtbu+tlFRC7/hnSyyoOaFwFSP3DGfQhaCyP4TFaavf
9Dt6wx1Na4l5oHR6+CH/+EmAX/rzY/qUiR5WZd+QP2y0ZrSNyxjxKem/TcFIPBvY
efP+3qUHD6mlSgh07PuXd5PykfnewMa1yKsXFPefwnPpXCK9yiy3B0RfhWn/G9yL
k4Rspp6QPKAX5XzcpglU62KkLQSR64APFVn7oE0bOC0gIeb4xeUPcAzTcnDfi/El
C4Lr5sRqdtG3+qniFJwE7x0lXdoo3fgc44iSoRsJF5NzsqzzbXPPmWPvoWzT8aJJ
QvHRZM7TIrTc9jIIK/rk0g5U6FDlAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUqKN7
KXWFNKAKbjJ5p1PfUf9LGyswHwYDVR0jBBgwFoAUSKLyxKpK6jm+Rr/l+ZySYpu+
2PwwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNkM1OEQ2L0Q2OUE0REZFNzMxNjExRTk5MTMzMDM3Q0Y4QUVBMjI4L1NLTHl4
S3BLNmptLVJyX2wtWnlTWXB1LTJQdy5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL1NLTHl4S3BLNmptLVJyX2wtWnlTWXB1LTJQdy5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNkM1OEQ2L0Q2OUE0REZFNzMxNjExRTk5MTMzMDM3Q0Y4
QUVBMjI4L0U0OUQyNzNBMjM2RjExRjFCNTA1QzNFRURBRTRFQzlDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABmgZ0wDQYJKoZIhvcNAQEL
BQADggEBACNPf0NFcCjRLXFsOZHBqWFdlhveZoP2ZyHuZ+7VYuG8N4d7OghJCNNp
fNAGB5heObuL2HFdBGXQnXgonL/97fhLFKgSxNvQz/9l97UxOag7dC285f0NfBKj
sruOR7GrFCul9Zm9satGvWAw47jOpePgbVuhWXIebnNB31C2X4Vgu8pJd/hg/x9l
hIPg0pTymGZXOhdtz+pAwUh/uOzDhoIlzCwwxmqXYvnUBUqi6wBjgN/y+9SX8RTb
dQCnqdsac0QHQ8+8jTO+pPo8bzEb/90yejodwrDxjVUGK0HBZUl7b4fLYHF4X5AJ
kZbOCvWHMDswG8kDbayA5GLdm+9icOc=
-----END CERTIFICATE-----
Generated at Fri Mar 20 16:01:54 2026 by rpki-client