Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36D3930/63C46EC8A0F311EC946EDA945A40D577/139A49B660AE11F1B99DE7D5CE1D38B0.roa
File: 139A49B660AE11F1B99DE7D5CE1D38B0.roa (raw, json)
Hash identifier: rarFIEocrc0sUeZ7yyVNoX9GlR16ogXiHgAmgUr4kRc=
Subject key identifier: D2:DB:C4:63:1A:25:72:E8:72:B8:BF:FB:27:D1:36:CE:AC:48:21:0F
Certificate issuer: /CN=F36D3930AF/serialNumber=35CF067DC26EE4895F4B16AD9BD300FEABC3A353
Certificate serial: 0647
Authority key identifier: 35:CF:06:7D:C2:6E:E4:89:5F:4B:16:AD:9B:D3:00:FE:AB:C3:A3:53
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/Nc8GfcJu5IlfSxatm9MA_qvDo1M.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36D3930/63C46EC8A0F311EC946EDA945A40D577/139A49B660AE11F1B99DE7D5CE1D38B0.roa
Signing time: Fri 05 Jun 2026 07:13:40 +0000
ROA not before: Fri 05 Jun 2026 07:13:35 +0000
ROA not after: Wed 31 Dec 2042 07:13:35 +0000
asID: 6453
IP address blocks: 102.112.0.0/13 maxlen: 24
196.20.128.0/17 maxlen: 24
196.192.0.0/20 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36D3930/63C46EC8A0F311EC946EDA945A40D577/Nc8GfcJu5IlfSxatm9MA_qvDo1M.crl
rsync://rpki.afrinic.net/repository/member_repository/F36D3930/63C46EC8A0F311EC946EDA945A40D577/Nc8GfcJu5IlfSxatm9MA_qvDo1M.mft
rsync://rpki.afrinic.net/repository/afrinic/Nc8GfcJu5IlfSxatm9MA_qvDo1M.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 08 Jun 2026 00:08:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1607 (0x647)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36D3930AF, serialNumber=35CF067DC26EE4895F4B16AD9BD300FEABC3A353
Validity
Not Before: Jun 5 07:13:35 2026 GMT
Not After : Dec 31 07:13:35 2042 GMT
Subject: CN=6a227724-5b46
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:58:f0:c8:9b:00:e2:55:84:2e:44:a6:36:13:
88:62:82:19:41:ff:a6:59:a2:0b:f4:e7:8a:2c:be:
24:e4:99:09:84:5c:61:86:84:5f:83:aa:69:12:08:
4d:76:3f:f4:16:27:73:62:af:40:1c:8f:0f:82:aa:
41:20:14:d7:25:11:ac:9e:39:a2:83:51:d1:54:17:
ed:98:44:3a:a1:99:81:e2:a7:4e:a3:f4:a3:9c:ad:
f4:8b:a5:db:a4:dd:ee:ff:85:c1:bc:1b:06:a6:b4:
cc:89:e8:72:d0:ac:33:bd:54:2d:23:f4:c9:db:55:
e4:3c:d9:13:e4:4a:14:8f:1e:8c:1c:04:c7:ce:c9:
3f:13:7d:41:05:10:2e:86:6c:54:47:b3:84:3b:bf:
a3:90:3c:48:db:71:07:60:a9:dd:37:02:60:0c:49:
c0:a9:5b:f4:74:8c:b9:42:68:5c:c4:77:a3:c9:5d:
3f:69:04:17:cb:f1:14:71:b9:13:89:d3:ba:70:47:
a7:b7:48:4c:1f:de:d4:98:f3:61:6a:1f:21:c4:b6:
b8:8e:b8:82:08:cd:5e:9d:02:61:f8:9a:64:84:6d:
08:10:4d:7b:7a:d1:3d:17:49:19:6b:8c:7e:db:c7:
3a:53:62:8d:87:c0:47:17:d1:30:a3:3c:12:be:b4:
5c:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:DB:C4:63:1A:25:72:E8:72:B8:BF:FB:27:D1:36:CE:AC:48:21:0F
X509v3 Authority Key Identifier:
keyid:35:CF:06:7D:C2:6E:E4:89:5F:4B:16:AD:9B:D3:00:FE:AB:C3:A3:53
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36D3930/63C46EC8A0F311EC946EDA945A40D577/Nc8GfcJu5IlfSxatm9MA_qvDo1M.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/Nc8GfcJu5IlfSxatm9MA_qvDo1M.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36D3930/63C46EC8A0F311EC946EDA945A40D577/139A49B660AE11F1B99DE7D5CE1D38B0.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.112.0.0/13
196.20.128.0/17
196.192.0.0/20
Signature Algorithm: sha256WithRSAEncryption
24:55:0c:a4:54:56:f0:7f:08:df:97:7d:33:15:ed:f7:48:20:
69:43:f7:0f:19:b4:44:56:2a:35:f4:71:84:07:49:c4:04:07:
91:5a:1d:9e:b5:d0:82:66:a2:94:75:a3:2d:1f:9a:7d:06:29:
be:35:bb:10:85:b3:9d:cd:bf:38:52:0c:2a:bb:b4:27:5b:7d:
bd:43:d6:92:3e:bd:5c:f2:85:82:c6:bc:e0:6b:69:59:38:8d:
38:35:8f:6a:b4:8e:c6:a8:42:a6:79:1f:76:0a:ea:99:19:4a:
07:3e:52:45:ea:45:ec:fc:b5:e6:8e:64:78:1b:20:b3:15:95:
09:e5:56:93:45:ba:9e:83:98:c2:1d:5c:fd:d9:27:ba:8e:2a:
5e:99:e6:38:e2:f7:f0:95:dc:da:3a:eb:e2:df:4a:fc:cb:16:
45:af:3a:b7:4f:cf:4a:d8:c1:e9:8b:a5:0c:6b:c2:5f:fa:43:
33:9e:6c:29:e6:96:70:55:f3:3e:8c:9a:42:f6:a8:67:bc:ae:
6b:d1:ca:5d:a3:c6:8a:d2:9b:d9:8e:a5:93:6a:3a:92:45:94:
98:66:70:97:97:b0:1f:38:a6:dd:33:c6:48:7d:37:00:fa:0e:
13:09:4c:81:57:e4:45:35:47:d8:c7:35:42:68:39:e7:08:59:
98:a5:be:d2
-----BEGIN CERTIFICATE-----
MIIFjjCCBHagAwIBAgICBkcwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
RDM5MzBBRjExMC8GA1UEBRMoMzVDRjA2N0RDMjZFRTQ4OTVGNEIxNkFEOUJEMzAw
RkVBQkMzQTM1MzAeFw0yNjA2MDUwNzEzMzVaFw00MjEyMzEwNzEzMzVaMBgxFjAU
BgNVBAMTDTZhMjI3NzI0LTViNDYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDMWPDImwDiVYQuRKY2E4highlB/6ZZogv054osviTkmQmEXGGGhF+DqmkS
CE12P/QWJ3Nir0Acjw+CqkEgFNclEayeOaKDUdFUF+2YRDqhmYHip06j9KOcrfSL
pduk3e7/hcG8GwamtMyJ6HLQrDO9VC0j9MnbVeQ82RPkShSPHowcBMfOyT8TfUEF
EC6GbFRHs4Q7v6OQPEjbcQdgqd03AmAMScCpW/R0jLlCaFzEd6PJXT9pBBfL8RRx
uROJ07pwR6e3SEwf3tSY82FqHyHEtriOuIIIzV6dAmH4mmSEbQgQTXt60T0XSRlr
jH7bxzpTYo2HwEcX0TCjPBK+tFyZAgMBAAGjggKwMIICrDAdBgNVHQ4EFgQU0tvE
YxolcuhyuL/7J9E2zqxIIQ8wHwYDVR0jBBgwFoAUNc8GfcJu5IlfSxatm9MA/qvD
o1MwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNkQzOTMwLzYzQzQ2RUM4QTBGMzExRUM5NDZFREE5NDVBNDBENTc3L05jOEdm
Y0p1NUlsZlN4YXRtOU1BX3F2RG8xTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL05jOEdmY0p1NUlsZlN4YXRtOU1BX3F2RG8xTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNkQzOTMwLzYzQzQ2RUM4QTBGMzExRUM5NDZFREE5NDVB
NDBENTc3LzEzOUE0OUI2NjBBRTExRjFCOTlERTdENUNFMUQzOEIwLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwKgYIKwYBBQUHAQcBAf8EGzAZMBcEAgABMBEDAwNmcAMEB8QUgAMEBMTAADAN
BgkqhkiG9w0BAQsFAAOCAQEAJFUMpFRW8H8I35d9MxXt90ggaUP3Dxm0RFYqNfRx
hAdJxAQHkVodnrXQgmailHWjLR+afQYpvjW7EIWznc2/OFIMKru0J1t9vUPWkj69
XPKFgsa84GtpWTiNODWParSOxqhCpnkfdgrqmRlKBz5SRepF7Py15o5keBsgsxWV
CeVWk0W6noOYwh1c/dknuo4qXpnmOOL38JXc2jrr4t9K/MsWRa86t0/PStjB6Yul
DGvCX/pDM55sKeaWcFXzPoyaQvaoZ7yua9HKXaPGitKb2Y6lk2o6kkWUmGZwl5ew
Hzim3TPGSH03APoOEwlMgVfkRTVH2Mc1Qmg55whZmKW+0g==
-----END CERTIFICATE-----
Generated at Sat Jun 6 05:33:39 2026 by rpki-client