Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36C67A4/AD38F85627B011F19CC9CBAEDAE4EC9C/924CE9226B0C11F1BDC870D7CE1D38B0.roa
File: 924CE9226B0C11F1BDC870D7CE1D38B0.roa (raw, json)
Hash identifier: XU+yo9KfYUkFLBQDwyQRQQAYJyKWLNTrj3wgPnpGVIY=
Subject key identifier: C1:A0:5A:30:6C:07:7D:F9:2A:62:14:DE:11:B2:50:A4:7D:DC:B6:C7
Certificate issuer: /CN=F36C67A4AF/serialNumber=35F1275B287E9C0F8EA3A84B8B354AB024B76972
Certificate serial: 5D
Authority key identifier: 35:F1:27:5B:28:7E:9C:0F:8E:A3:A8:4B:8B:35:4A:B0:24:B7:69:72
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/NfEnWyh-nA-Oo6hLizVKsCS3aXI.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36C67A4/AD38F85627B011F19CC9CBAEDAE4EC9C/924CE9226B0C11F1BDC870D7CE1D38B0.roa
Signing time: Thu 18 Jun 2026 11:55:17 +0000
ROA not before: Thu 18 Jun 2026 11:55:11 +0000
ROA not after: Mon 30 Jun 2036 11:55:11 +0000
asID: 329707
IP address blocks: 102.202.48.0/22 maxlen: 22
102.202.48.0/24 maxlen: 24
102.202.49.0/24 maxlen: 24
102.202.50.0/24 maxlen: 24
102.202.51.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36C67A4/AD38F85627B011F19CC9CBAEDAE4EC9C/NfEnWyh-nA-Oo6hLizVKsCS3aXI.crl
rsync://rpki.afrinic.net/repository/member_repository/F36C67A4/AD38F85627B011F19CC9CBAEDAE4EC9C/NfEnWyh-nA-Oo6hLizVKsCS3aXI.mft
rsync://rpki.afrinic.net/repository/afrinic/NfEnWyh-nA-Oo6hLizVKsCS3aXI.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 23 Jun 2026 00:07:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 93 (0x5d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36C67A4AF, serialNumber=35F1275B287E9C0F8EA3A84B8B354AB024B76972
Validity
Not Before: Jun 18 11:55:11 2026 GMT
Not After : Jun 30 11:55:11 2036 GMT
Subject: CN=6a33dca4-b928
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:0b:af:5c:75:4b:91:cb:12:fe:5b:df:26:0f:
d5:1e:4f:f8:f0:f8:5f:db:fe:d0:da:a7:cc:6a:cb:
b0:19:90:b7:d1:c6:d1:98:56:67:21:34:fd:11:c2:
05:7c:08:b7:6c:9f:af:c9:0c:f8:78:96:ff:0e:d8:
01:6e:e6:fb:98:f5:ad:f6:af:f4:c3:7e:17:65:c7:
b2:88:30:bd:94:e8:a0:64:8f:a3:26:45:a4:9b:0f:
a6:76:ba:9e:86:93:47:19:f2:25:2c:cc:f3:bc:4d:
d8:7a:eb:90:32:78:41:99:ca:ba:5d:02:3c:3b:84:
90:a1:60:e0:28:b5:e1:2a:0d:4f:52:7d:3d:f8:c9:
e3:18:4a:d1:05:cf:57:1d:c1:ee:08:f4:88:e5:53:
bb:ef:e4:02:12:b1:de:da:d3:49:b3:4a:73:e1:d7:
63:e1:66:dd:73:01:0f:6a:fc:4a:51:53:a9:26:09:
cd:0d:53:25:80:5c:28:f1:c5:c3:9d:b8:79:c1:cf:
83:36:a1:48:40:1f:72:f8:3f:3d:92:0a:4c:8b:de:
d1:1d:0c:55:66:18:21:5e:15:43:bf:86:46:e5:dc:
7e:88:3f:ee:f6:99:fc:3f:39:58:6a:65:5c:3e:70:
9d:04:ce:79:80:08:e0:a9:f7:c0:f9:13:2c:30:6c:
1c:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:A0:5A:30:6C:07:7D:F9:2A:62:14:DE:11:B2:50:A4:7D:DC:B6:C7
X509v3 Authority Key Identifier:
keyid:35:F1:27:5B:28:7E:9C:0F:8E:A3:A8:4B:8B:35:4A:B0:24:B7:69:72
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36C67A4/AD38F85627B011F19CC9CBAEDAE4EC9C/NfEnWyh-nA-Oo6hLizVKsCS3aXI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/NfEnWyh-nA-Oo6hLizVKsCS3aXI.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36C67A4/AD38F85627B011F19CC9CBAEDAE4EC9C/924CE9226B0C11F1BDC870D7CE1D38B0.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.202.48.0/22
Signature Algorithm: sha256WithRSAEncryption
2a:9d:3b:2d:cc:b7:dd:38:95:13:70:9b:e8:df:80:7d:a0:43:
9a:8e:ed:e6:32:dc:e6:27:cd:20:b9:cd:5f:d8:b9:f2:a8:9e:
79:6d:26:9b:ca:61:b3:04:2f:70:72:63:46:bf:d8:6b:a8:95:
57:1b:41:0c:f8:99:05:e6:50:9b:69:57:7c:00:cf:75:95:1f:
39:fb:86:bd:58:f8:e3:ac:8a:ac:ec:07:36:66:81:99:9c:87:
1a:cb:19:5a:35:74:88:5e:2f:45:2a:b3:a5:91:65:24:e9:83:
f8:18:84:1b:f5:bc:a4:78:80:ec:5e:b0:91:46:cd:0f:8a:6e:
b9:c6:08:c3:3f:26:7e:00:0a:cc:50:9f:52:a1:87:96:22:be:
33:98:6b:1e:d6:bb:ca:e7:66:1c:2f:f7:5a:4f:a7:2f:37:a6:
bf:29:2d:27:a6:70:d0:73:34:07:d0:8e:59:57:c5:ab:a2:cb:
b2:66:e7:54:5e:0a:88:ac:2a:55:1c:af:a9:aa:8d:55:94:94:
30:c8:af:70:c8:05:8e:6c:84:7b:2c:c8:e1:c4:c1:c2:1f:cd:
a4:51:76:0e:4a:25:43:d8:32:66:94:ef:2c:3b:36:c9:ef:05:
2f:d8:90:0f:17:77:88:3f:61:ff:fb:21:2c:b5:b3:ae:39:3f:
cc:ae:6f:24
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgIBXTANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzZD
NjdBNEFGMTEwLwYDVQQFEygzNUYxMjc1QjI4N0U5QzBGOEVBM0E4NEI4QjM1NEFC
MDI0Qjc2OTcyMB4XDTI2MDYxODExNTUxMVoXDTM2MDYzMDExNTUxMVowGDEWMBQG
A1UEAxMNNmEzM2RjYTQtYjkyODCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOYLr1x1S5HLEv5b3yYP1R5P+PD4X9v+0NqnzGrLsBmQt9HG0ZhWZyE0/RHC
BXwIt2yfr8kM+HiW/w7YAW7m+5j1rfav9MN+F2XHsogwvZTooGSPoyZFpJsPpna6
noaTRxnyJSzM87xN2HrrkDJ4QZnKul0CPDuEkKFg4Ci14SoNT1J9PfjJ4xhK0QXP
Vx3B7gj0iOVTu+/kAhKx3trTSbNKc+HXY+Fm3XMBD2r8SlFTqSYJzQ1TJYBcKPHF
w524ecHPgzahSEAfcvg/PZIKTIve0R0MVWYYIV4VQ7+GRuXcfog/7vaZ/D85WGpl
XD5wnQTOeYAI4Kn3wPkTLDBsHK0CAwEAAaOCAqUwggKhMB0GA1UdDgQWBBTBoFow
bAd9+SpiFN4RslCkfdy2xzAfBgNVHSMEGDAWgBQ18SdbKH6cD46jqEuLNUqwJLdp
cjAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2QzY3QTQvQUQzOEY4NTYyN0IwMTFGMTlDQzlDQkFFREFFNEVDOUMvTmZFbld5
aC1uQS1PbzZoTGl6VktzQ1MzYVhJLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvTmZFbld5aC1uQS1PbzZoTGl6VktzQ1MzYVhJLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2QzY3QTQvQUQzOEY4NTYyN0IwMTFGMTlDQzlDQkFFREFF
NEVDOUMvOTI0Q0U5MjI2QjBDMTFGMUJEQzg3MEQ3Q0UxRDM4QjAucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAmbKMDANBgkqhkiG9w0BAQsF
AAOCAQEAKp07Lcy33TiVE3Cb6N+AfaBDmo7t5jLc5ifNILnNX9i58qieeW0mm8ph
swQvcHJjRr/Ya6iVVxtBDPiZBeZQm2lXfADPdZUfOfuGvVj446yKrOwHNmaBmZyH
GssZWjV0iF4vRSqzpZFlJOmD+BiEG/W8pHiA7F6wkUbND4puucYIwz8mfgAKzFCf
UqGHliK+M5hrHta7yudmHC/3Wk+nLzemvyktJ6Zw0HM0B9COWVfFq6LLsmbnVF4K
iKwqVRyvqaqNVZSUMMivcMgFjmyEeyzI4cTBwh/NpFF2DkolQ9gyZpTvLDs2ye8F
L9iQDxd3iD9h//shLLWzrjk/zK5vJA==
-----END CERTIFICATE-----
Generated at Mon Jun 22 00:45:54 2026 by rpki-client