Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36FE19E/AB7E78BE48DF11EDA761B29CF1222468/02E2A57C23BA11F1BD7B6798DAE4EC9C.roa
File: 02E2A57C23BA11F1BD7B6798DAE4EC9C.roa (raw, json)
Hash identifier: Yks0DyjCdLquy/2KkugOfEpYouFNGrBjaXW7Ge2n2Ac=
Subject key identifier: D8:E8:23:9E:B5:0F:3C:E3:0E:AB:FA:3B:DA:BB:FF:21:4F:E8:14:8B
Certificate issuer: /CN=F36FE19EAF/serialNumber=C78CDC3B5D4B13675CB48AD3B63BE01EC5A807F8
Certificate serial: 0558
Authority key identifier: C7:8C:DC:3B:5D:4B:13:67:5C:B4:8A:D3:B6:3B:E0:1E:C5:A8:07:F8
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/x4zcO11LE2dctIrTtjvgHsWoB_g.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36FE19E/AB7E78BE48DF11EDA761B29CF1222468/02E2A57C23BA11F1BD7B6798DAE4EC9C.roa
Signing time: Thu 19 Mar 2026 17:35:25 +0000
ROA not before: Thu 19 Mar 2026 17:35:17 +0000
ROA not after: Wed 31 Dec 2036 17:35:17 +0000
asID: 328977
IP address blocks: 102.217.156.0/22 maxlen: 24
2c0f:6300::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36FE19E/AB7E78BE48DF11EDA761B29CF1222468/x4zcO11LE2dctIrTtjvgHsWoB_g.crl
rsync://rpki.afrinic.net/repository/member_repository/F36FE19E/AB7E78BE48DF11EDA761B29CF1222468/x4zcO11LE2dctIrTtjvgHsWoB_g.mft
rsync://rpki.afrinic.net/repository/afrinic/x4zcO11LE2dctIrTtjvgHsWoB_g.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Wed 25 Mar 2026 00:06:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1368 (0x558)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36FE19EAF, serialNumber=C78CDC3B5D4B13675CB48AD3B63BE01EC5A807F8
Validity
Not Before: Mar 19 17:35:17 2026 GMT
Not After : Dec 31 17:35:17 2036 GMT
Subject: CN=69bc33dd-458e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:bb:6e:7c:af:e3:2e:37:72:7b:8a:f2:94:76:
82:cb:5b:fb:15:37:31:c7:e2:8c:79:6b:f8:00:a2:
42:f5:3a:a0:de:e5:db:ae:ee:db:be:ce:de:41:ed:
b6:d7:d1:28:5f:f3:68:fe:34:ce:c9:6a:ea:32:a0:
96:3d:06:5b:c8:aa:4a:b9:26:4f:02:6b:11:71:a1:
7a:a4:6e:8a:97:1e:04:59:d6:f2:d4:30:5f:95:b8:
19:ba:9a:bf:bf:1e:bf:64:b0:23:2c:c1:c8:4a:ae:
27:68:51:10:08:06:42:d7:13:0a:fb:58:11:41:34:
a9:9a:9c:bd:4e:17:34:4d:9a:03:67:30:18:d7:34:
65:c5:3f:fc:c7:53:b1:c4:cf:3c:89:05:92:17:20:
6b:b9:9d:2f:56:0e:50:ef:98:56:2b:2f:5e:d5:1c:
28:d4:7c:3d:4f:b4:80:86:ae:ac:74:93:95:a2:c4:
39:1f:42:f3:3b:73:43:94:14:23:e3:56:91:2e:33:
c7:f3:74:86:9a:f2:40:b2:46:8b:af:f7:17:cc:9b:
0e:14:0b:d7:55:ec:11:20:85:e1:d2:01:09:14:68:
53:4a:85:4f:53:16:2c:7f:70:68:c4:55:b1:de:6f:
b4:13:12:21:a3:6d:c1:c9:36:2c:d1:17:a7:05:a2:
bb:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:E8:23:9E:B5:0F:3C:E3:0E:AB:FA:3B:DA:BB:FF:21:4F:E8:14:8B
X509v3 Authority Key Identifier:
keyid:C7:8C:DC:3B:5D:4B:13:67:5C:B4:8A:D3:B6:3B:E0:1E:C5:A8:07:F8
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36FE19E/AB7E78BE48DF11EDA761B29CF1222468/x4zcO11LE2dctIrTtjvgHsWoB_g.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/x4zcO11LE2dctIrTtjvgHsWoB_g.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36FE19E/AB7E78BE48DF11EDA761B29CF1222468/02E2A57C23BA11F1BD7B6798DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.217.156.0/22
IPv6:
2c0f:6300::/32
Signature Algorithm: sha256WithRSAEncryption
2f:d9:58:47:ea:ea:b4:7f:fb:f6:4d:79:e4:2d:0b:10:9e:60:
a1:86:8c:3a:3a:c2:89:f3:2b:d8:86:c9:2e:9a:f6:45:e2:2e:
05:3c:b7:c2:e5:1a:b5:ce:1e:e2:b6:a6:75:4d:8f:8a:3b:bb:
8e:b4:ea:68:b7:ae:fd:1c:90:f0:a4:c3:7f:c8:fd:cd:0a:5c:
fb:2a:af:68:c3:4f:4d:58:4a:fd:88:f4:24:a6:49:da:d4:81:
bf:f8:ad:66:24:d9:83:7f:0d:38:e9:84:da:10:0b:b1:39:84:
33:dc:be:19:b6:8a:24:b6:29:80:e7:18:dc:cf:23:2f:dd:08:
f9:a0:33:17:f5:16:85:c2:72:00:3e:5b:dd:c4:1f:ee:64:2e:
2c:7e:90:83:1f:44:16:e8:4c:ef:c7:12:1e:43:52:c6:2f:6f:
c5:55:e3:32:a8:37:fe:69:d3:a6:58:1b:82:3d:6b:ce:4c:ab:
a4:66:ce:4b:43:73:f2:fd:15:ca:31:3d:92:e3:6d:74:ad:af:
be:ac:1d:20:78:c8:69:5d:be:8f:a9:90:12:41:f9:d6:bd:b8:
2f:b1:60:c8:79:f1:db:b8:30:27:01:5d:c3:07:ac:c5:02:d8:
a3:83:36:87:1c:d1:af:4d:b4:2c:a9:2e:bc:da:9f:c8:d5:47:
8b:e9:ab:34
-----BEGIN CERTIFICATE-----
MIIFkjCCBHqgAwIBAgICBVgwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
RkUxOUVBRjExMC8GA1UEBRMoQzc4Q0RDM0I1RDRCMTM2NzVDQjQ4QUQzQjYzQkUw
MUVDNUE4MDdGODAeFw0yNjAzMTkxNzM1MTdaFw0zNjEyMzExNzM1MTdaMBgxFjAU
BgNVBAMTDTY5YmMzM2RkLTQ1OGUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQC+u258r+MuN3J7ivKUdoLLW/sVNzHH4ox5a/gAokL1OqDe5duu7tu+zt5B
7bbX0Shf82j+NM7JauoyoJY9BlvIqkq5Jk8CaxFxoXqkboqXHgRZ1vLUMF+VuBm6
mr+/Hr9ksCMswchKridoURAIBkLXEwr7WBFBNKmanL1OFzRNmgNnMBjXNGXFP/zH
U7HEzzyJBZIXIGu5nS9WDlDvmFYrL17VHCjUfD1PtICGrqx0k5WixDkfQvM7c0OU
FCPjVpEuM8fzdIaa8kCyRouv9xfMmw4UC9dV7BEgheHSAQkUaFNKhU9TFix/cGjE
VbHeb7QTEiGjbcHJNizRF6cFortHAgMBAAGjggK0MIICsDAdBgNVHQ4EFgQU2Ogj
nrUPPOMOq/o72rv/IU/oFIswHwYDVR0jBBgwFoAUx4zcO11LE2dctIrTtjvgHsWo
B/gwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNkZFMTlFL0FCN0U3OEJFNDhERjExRURBNzYxQjI5Q0YxMjIyNDY4L3g0emNP
MTFMRTJkY3RJclR0anZnSHNXb0JfZy5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL3g0emNPMTFMRTJkY3RJclR0anZnSHNXb0JfZy5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNkZFMTlFL0FCN0U3OEJFNDhERjExRURBNzYxQjI5Q0Yx
MjIyNDY4LzAyRTJBNTdDMjNCQTExRjFCRDdCNjc5OERBRTRFQzlDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwLgYIKwYBBQUHAQcBAf8EHzAdMAwEAgABMAYDBAJm2ZwwDQQCAAIwBwMFACwP
YwAwDQYJKoZIhvcNAQELBQADggEBAC/ZWEfq6rR/+/ZNeeQtCxCeYKGGjDo6wonz
K9iGyS6a9kXiLgU8t8LlGrXOHuK2pnVNj4o7u4606mi3rv0ckPCkw3/I/c0KXPsq
r2jDT01YSv2I9CSmSdrUgb/4rWYk2YN/DTjphNoQC7E5hDPcvhm2iiS2KYDnGNzP
Iy/dCPmgMxf1FoXCcgA+W93EH+5kLix+kIMfRBboTO/HEh5DUsYvb8VV4zKoN/5p
06ZYG4I9a85Mq6RmzktDc/L9FcoxPZLjbXStr76sHSB4yGldvo+pkBJB+da9uC+x
YMh58du4MCcBXcMHrMUC2KODNocc0a9NtCypLrzan8jVR4vpqzQ=
-----END CERTIFICATE-----
Generated at Mon Mar 23 11:54:19 2026 by rpki-client