Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3660137/341D643E5C1C11ECBD6FEB6D5A40D577/4BF1039E1D2A11F1881091D5DAE4EC9C.roa
File: 4BF1039E1D2A11F1881091D5DAE4EC9C.roa (raw, json)
Hash identifier: Ta3ExWtG/xnsGfr3bzc8pu3vt1ny8YqPsH1y4+jMpic=
Subject key identifier: C6:43:EC:71:8F:54:81:0A:FA:90:A0:B4:26:59:29:29:82:CE:E7:6E
Certificate issuer: /CN=F3660137AR/serialNumber=BF2E51C85A3A817FF6C7FCC693064F8B3C7A99C6
Certificate serial: 063A
Authority key identifier: BF:2E:51:C8:5A:3A:81:7F:F6:C7:FC:C6:93:06:4F:8B:3C:7A:99:C6
Authority info access: rsync://rpki.afrinic.net/repository/arin/vy5RyFo6gX_2x_zGkwZPizx6mcY.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3660137/341D643E5C1C11ECBD6FEB6D5A40D577/4BF1039E1D2A11F1881091D5DAE4EC9C.roa
Signing time: Wed 11 Mar 2026 09:11:33 +0000
ROA not before: Wed 11 Mar 2026 09:11:28 +0000
ROA not after: Sat 10 Mar 2029 09:11:28 +0000
asID: 327900
IP address blocks: 169.239.0.0/24 maxlen: 24
169.239.1.0/24 maxlen: 24
169.239.2.0/24 maxlen: 24
169.239.3.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F3660137/341D643E5C1C11ECBD6FEB6D5A40D577/vy5RyFo6gX_2x_zGkwZPizx6mcY.crl
rsync://rpki.afrinic.net/repository/member_repository/F3660137/341D643E5C1C11ECBD6FEB6D5A40D577/vy5RyFo6gX_2x_zGkwZPizx6mcY.mft
rsync://rpki.afrinic.net/repository/arin/vy5RyFo6gX_2x_zGkwZPizx6mcY.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Wed 25 Mar 2026 00:26:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1594 (0x63a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3660137AR, serialNumber=BF2E51C85A3A817FF6C7FCC693064F8B3C7A99C6
Validity
Not Before: Mar 11 09:11:28 2026 GMT
Not After : Mar 10 09:11:28 2029 GMT
Subject: CN=69b131c5-7dbe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:b2:38:ea:81:60:8c:0e:5b:05:e6:ad:a9:72:
32:2d:b6:9a:a0:63:48:f4:71:bc:f1:e2:27:23:e0:
f5:ad:e1:79:ab:fe:2d:47:fb:3c:7a:86:c5:a4:bc:
79:70:4f:2b:ce:f9:28:1d:4b:2a:59:52:c1:ae:39:
6e:ea:cc:07:ed:93:5e:59:e1:a2:af:38:eb:30:cc:
48:97:4c:0f:2e:67:32:3d:b4:a5:26:2f:b5:86:a0:
46:14:25:ae:7d:f6:c2:94:0b:73:16:ff:61:8a:a1:
e0:39:cd:e6:07:cb:65:60:70:77:02:ea:8f:b0:2a:
b1:87:2c:a9:82:b7:cc:18:78:84:59:20:b5:0a:fa:
ac:85:07:07:01:a6:3f:bf:63:22:68:f3:c0:2f:f8:
19:6c:1f:fe:c8:2a:8e:c2:07:8a:c3:b7:3b:cb:5b:
21:8d:b9:1b:5d:96:62:36:8d:5e:ac:8f:f2:f7:cd:
d9:88:ab:55:62:79:b3:fd:a3:82:ef:67:a9:dc:d1:
3c:82:89:ce:d6:94:4d:0e:19:02:13:85:1f:1b:73:
ab:07:3c:39:33:9a:0c:d2:ee:f0:e6:26:0f:9e:ef:
02:49:aa:d0:36:fe:b7:41:17:d6:b3:df:c0:a3:58:
04:c2:58:67:8e:6a:ad:b0:91:04:f9:ff:7a:53:57:
ac:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:43:EC:71:8F:54:81:0A:FA:90:A0:B4:26:59:29:29:82:CE:E7:6E
X509v3 Authority Key Identifier:
keyid:BF:2E:51:C8:5A:3A:81:7F:F6:C7:FC:C6:93:06:4F:8B:3C:7A:99:C6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3660137/341D643E5C1C11ECBD6FEB6D5A40D577/vy5RyFo6gX_2x_zGkwZPizx6mcY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/vy5RyFo6gX_2x_zGkwZPizx6mcY.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3660137/341D643E5C1C11ECBD6FEB6D5A40D577/4BF1039E1D2A11F1881091D5DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
169.239.0.0/22
Signature Algorithm: sha256WithRSAEncryption
7e:d0:48:96:5f:c8:73:aa:4e:94:8e:45:06:16:dd:4e:c1:d1:
f5:36:34:63:02:2e:de:43:1f:ec:f0:d7:05:69:7e:8e:f6:fb:
47:82:02:26:4c:0a:09:7e:54:f9:e2:6d:45:21:36:81:32:78:
54:80:52:5c:ed:3a:15:9d:e0:05:ef:16:82:55:be:a9:83:76:
d3:21:2a:7f:20:4c:9c:6b:c7:e2:19:2c:da:43:a8:f1:2e:e3:
56:c9:6f:03:94:0d:1b:0b:5a:40:e9:31:00:90:34:77:3d:5a:
00:9f:54:96:8e:fe:d0:c0:1d:9d:ba:94:f9:0e:69:e8:ac:ff:
28:e9:69:5b:42:c7:45:24:c6:f3:cf:80:d9:b8:56:f6:47:63:
6f:33:c8:fb:7d:a6:8c:da:6e:cb:0a:da:64:30:11:4f:4e:f0:
89:42:a7:bf:32:ab:48:68:08:9f:43:59:c2:42:42:a9:96:e2:
44:08:67:66:82:2b:bf:29:9e:13:65:a9:92:3e:e2:3c:b9:ae:
23:68:4c:0e:85:51:b5:ee:f0:54:44:b8:d4:41:42:dd:36:ad:
de:cd:65:4a:98:9b:97:bb:d6:4e:f1:f2:db:bb:65:64:8d:e3:
ac:b2:87:07:fd:cd:45:44:cf:6d:ca:12:22:12:87:a7:9b:3b:
08:03:a0:e7
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICBjowDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
NjAxMzdBUjExMC8GA1UEBRMoQkYyRTUxQzg1QTNBODE3RkY2QzdGQ0M2OTMwNjRG
OEIzQzdBOTlDNjAeFw0yNjAzMTEwOTExMjhaFw0yOTAzMTAwOTExMjhaMBgxFjAU
BgNVBAMTDTY5YjEzMWM1LTdkYmUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQC2sjjqgWCMDlsF5q2pcjIttpqgY0j0cbzx4icj4PWt4Xmr/i1H+zx6hsWk
vHlwTyvO+SgdSypZUsGuOW7qzAftk15Z4aKvOOswzEiXTA8uZzI9tKUmL7WGoEYU
Ja599sKUC3MW/2GKoeA5zeYHy2VgcHcC6o+wKrGHLKmCt8wYeIRZILUK+qyFBwcB
pj+/YyJo88Av+BlsH/7IKo7CB4rDtzvLWyGNuRtdlmI2jV6sj/L3zdmIq1ViebP9
o4LvZ6nc0TyCic7WlE0OGQIThR8bc6sHPDkzmgzS7vDmJg+e7wJJqtA2/rdBF9az
38CjWATCWGeOaq2wkQT5/3pTV6wxAgMBAAGjggKiMIICnjAdBgNVHQ4EFgQUxkPs
cY9UgQr6kKC0JlkpKYLO524wHwYDVR0jBBgwFoAUvy5RyFo6gX/2x/zGkwZPizx6
mcYwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjYwMTM3LzM0MUQ2NDNFNUMxQzExRUNCRDZGRUI2RDVBNDBENTc3L3Z5NVJ5
Rm82Z1hfMnhfekdrd1pQaXp4Nm1jWS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hcmlu
L3Z5NVJ5Rm82Z1hfMnhfekdrd1pQaXp4Nm1jWS5jZXIwTwYDVR0gAQH/BEUwQzBB
BggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5pYy5u
ZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEFBQcw
C4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9y
ZXBvc2l0b3J5L0YzNjYwMTM3LzM0MUQ2NDNFNUMxQzExRUNCRDZGRUI2RDVBNDBE
NTc3LzRCRjEwMzlFMUQyQTExRjE4ODEwOTFENURBRTRFQzlDLnJvYTA1BggrBgEF
BQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54bWww
HwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAKp7wAwDQYJKoZIhvcNAQELBQAD
ggEBAH7QSJZfyHOqTpSORQYW3U7B0fU2NGMCLt5DH+zw1wVpfo72+0eCAiZMCgl+
VPnibUUhNoEyeFSAUlztOhWd4AXvFoJVvqmDdtMhKn8gTJxrx+IZLNpDqPEu41bJ
bwOUDRsLWkDpMQCQNHc9WgCfVJaO/tDAHZ26lPkOaeis/yjpaVtCx0UkxvPPgNm4
VvZHY28zyPt9pozabssK2mQwEU9O8IlCp78yq0hoCJ9DWcJCQqmW4kQIZ2aCK78p
nhNlqZI+4jy5riNoTA6FUbXu8FREuNRBQt02rd7NZUqYm5e71k7x8tu7ZWSN46yy
hwf9zUVEz23KEiISh6ebOwgDoOc=
-----END CERTIFICATE-----
Generated at Tue Mar 24 00:11:19 2026 by rpki-client