Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36E3D7F/B705EAF241A611EA881A6728F8AEA228/CD539CA4195F11F1A93F757FDAE4EC9C.roa
File: CD539CA4195F11F1A93F757FDAE4EC9C.roa (raw, json)
Hash identifier: 72eww79c1LhxX88JJHRLGmkQ6SgWbuwwLn91Yhwl3OM=
Subject key identifier: 9E:B3:E7:66:01:D3:1D:F4:CB:7B:99:CB:62:50:23:BE:3B:4E:20:0E
Certificate issuer: /CN=F36E3D7FAF/serialNumber=965C8C35B0F10F8EA5DBDA544F291B6CA9283B5D
Certificate serial: 0922
Authority key identifier: 96:5C:8C:35:B0:F1:0F:8E:A5:DB:DA:54:4F:29:1B:6C:A9:28:3B:5D
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/llyMNbDxD46l29pUTykbbKkoO10.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36E3D7F/B705EAF241A611EA881A6728F8AEA228/CD539CA4195F11F1A93F757FDAE4EC9C.roa
Signing time: Fri 06 Mar 2026 13:24:29 +0000
ROA not before: Fri 06 Mar 2026 13:24:24 +0000
ROA not after: Tue 06 Mar 2046 13:24:24 +0000
asID: 3491
IP address blocks: 41.221.208.0/20 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36E3D7F/B705EAF241A611EA881A6728F8AEA228/llyMNbDxD46l29pUTykbbKkoO10.crl
rsync://rpki.afrinic.net/repository/member_repository/F36E3D7F/B705EAF241A611EA881A6728F8AEA228/llyMNbDxD46l29pUTykbbKkoO10.mft
rsync://rpki.afrinic.net/repository/afrinic/llyMNbDxD46l29pUTykbbKkoO10.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 09 Mar 2026 00:06:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2338 (0x922)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36E3D7FAF, serialNumber=965C8C35B0F10F8EA5DBDA544F291B6CA9283B5D
Validity
Not Before: Mar 6 13:24:24 2026 GMT
Not After : Mar 6 13:24:24 2046 GMT
Subject: CN=69aad58d-fdd3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:fe:5d:da:f4:85:23:ff:9f:d6:ac:26:a4:b5:
cd:d6:9a:06:14:2c:f2:85:5e:54:98:36:e9:72:88:
03:84:cf:08:37:a2:84:b6:d3:a2:6b:87:f7:41:e8:
c9:be:c2:17:74:7c:75:52:38:69:d7:98:89:42:46:
e9:c1:4f:02:e5:7c:07:c5:c3:1f:03:e0:a6:47:88:
a8:e6:6b:6a:88:73:84:30:d3:e4:33:ca:d1:9f:32:
cf:08:fd:35:e5:c8:9d:9a:5b:ca:76:a6:11:48:84:
e9:d2:38:67:a6:c9:c7:a6:c8:2f:bc:98:d0:b3:43:
b4:79:1c:88:6a:36:7e:e9:35:35:e8:b2:ef:09:5f:
b2:ac:93:c0:b3:30:86:13:aa:d9:41:0b:0d:61:39:
ec:4a:8c:26:f4:3e:a4:9d:68:54:bb:49:91:24:56:
b8:0b:e7:b4:f7:fe:eb:bf:a8:bc:5b:ef:cb:1c:86:
18:72:26:fb:ac:7b:f2:e1:4f:4b:4c:1f:29:a9:21:
85:a8:88:b4:c6:c2:66:c8:ab:29:c2:b3:15:f8:89:
16:cf:a3:a9:77:97:bf:6c:62:cd:15:16:c7:7a:d2:
89:06:a0:55:58:ba:7f:6e:17:31:6f:86:85:d5:cd:
b0:8b:8a:ba:98:f3:8e:2c:98:2a:89:e6:ca:63:f1:
51:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:B3:E7:66:01:D3:1D:F4:CB:7B:99:CB:62:50:23:BE:3B:4E:20:0E
X509v3 Authority Key Identifier:
keyid:96:5C:8C:35:B0:F1:0F:8E:A5:DB:DA:54:4F:29:1B:6C:A9:28:3B:5D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36E3D7F/B705EAF241A611EA881A6728F8AEA228/llyMNbDxD46l29pUTykbbKkoO10.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/llyMNbDxD46l29pUTykbbKkoO10.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36E3D7F/B705EAF241A611EA881A6728F8AEA228/CD539CA4195F11F1A93F757FDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
41.221.208.0/20
Signature Algorithm: sha256WithRSAEncryption
cb:15:97:78:b8:6e:cf:58:98:04:1c:2d:0d:02:38:65:64:a4:
60:0b:3d:4f:0f:b1:c9:3b:90:80:04:5b:91:f1:e6:39:ff:6d:
73:96:da:e5:b6:4a:0f:a4:83:28:e0:04:13:01:d2:30:88:94:
97:5c:76:1b:43:83:87:db:1f:29:6f:02:49:57:10:c2:d2:21:
57:d8:6a:22:3d:63:97:72:e0:ef:9c:1e:10:f3:c8:6b:f4:d8:
f7:1f:09:2c:86:4e:35:39:fc:73:2c:15:5b:52:55:56:f4:d8:
26:53:05:84:f9:91:a3:15:4e:59:26:62:c8:15:60:81:76:e9:
a7:f2:2a:50:b2:cf:d7:23:1f:6d:9e:f5:bd:cd:f8:72:d9:a7:
69:03:b1:e0:ac:f4:99:71:25:32:c3:c5:10:e0:0c:16:34:68:
c5:06:6f:90:22:01:ee:f3:d6:b1:ac:66:d2:0f:93:69:54:da:
97:e1:d8:1a:97:73:f5:70:e7:90:46:f1:51:92:20:ce:ae:82:
df:1f:24:c6:88:14:4b:11:2c:22:af:a4:cf:0b:0a:eb:39:87:
9f:af:c6:a7:80:bf:6e:e5:75:bb:e7:d9:95:d4:8a:67:28:c7:
6e:a5:94:bd:db:1e:2a:ad:3d:cb:65:e3:5a:17:46:10:dc:23:
17:13:dd:9b
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICCSIwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
RTNEN0ZBRjExMC8GA1UEBRMoOTY1QzhDMzVCMEYxMEY4RUE1REJEQTU0NEYyOTFC
NkNBOTI4M0I1RDAeFw0yNjAzMDYxMzI0MjRaFw00NjAzMDYxMzI0MjRaMBgxFjAU
BgNVBAMTDTY5YWFkNThkLWZkZDMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQCg/l3a9IUj/5/WrCaktc3WmgYULPKFXlSYNulyiAOEzwg3ooS206Jrh/dB
6Mm+whd0fHVSOGnXmIlCRunBTwLlfAfFwx8D4KZHiKjma2qIc4Qw0+QzytGfMs8I
/TXlyJ2aW8p2phFIhOnSOGemycemyC+8mNCzQ7R5HIhqNn7pNTXosu8JX7Ksk8Cz
MIYTqtlBCw1hOexKjCb0PqSdaFS7SZEkVrgL57T3/uu/qLxb78schhhyJvuse/Lh
T0tMHympIYWoiLTGwmbIqynCsxX4iRbPo6l3l79sYs0VFsd60okGoFVYun9uFzFv
hoXVzbCLirqY844smCqJ5spj8VFJAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUnrPn
ZgHTHfTLe5nLYlAjvjtOIA4wHwYDVR0jBBgwFoAUllyMNbDxD46l29pUTykbbKko
O10wDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNkUzRDdGL0I3MDVFQUYyNDFBNjExRUE4ODFBNjcyOEY4QUVBMjI4L2xseU1O
YkR4RDQ2bDI5cFVUeWtiYktrb08xMC5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL2xseU1OYkR4RDQ2bDI5cFVUeWtiYktrb08xMC5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNkUzRDdGL0I3MDVFQUYyNDFBNjExRUE4ODFBNjcyOEY4
QUVBMjI4L0NENTM5Q0E0MTk1RjExRjFBOTNGNzU3RkRBRTRFQzlDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAQp3dAwDQYJKoZIhvcNAQEL
BQADggEBAMsVl3i4bs9YmAQcLQ0COGVkpGALPU8Psck7kIAEW5Hx5jn/bXOW2uW2
Sg+kgyjgBBMB0jCIlJdcdhtDg4fbHylvAklXEMLSIVfYaiI9Y5dy4O+cHhDzyGv0
2PcfCSyGTjU5/HMsFVtSVVb02CZTBYT5kaMVTlkmYsgVYIF26afyKlCyz9cjH22e
9b3N+HLZp2kDseCs9JlxJTLDxRDgDBY0aMUGb5AiAe7z1rGsZtIPk2lU2pfh2BqX
c/Vw55BG8VGSIM6ugt8fJMaIFEsRLCKvpM8LCus5h5+vxqeAv27ldbvn2ZXUimco
x26llL3bHiqtPctl41oXRhDcIxcT3Zs=
-----END CERTIFICATE-----
Generated at Sat Mar 7 19:14:28 2026 by rpki-client