Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/252C7C72277D11F18E7BC787DAE4EC9C.roa
File: 252C7C72277D11F18E7BC787DAE4EC9C.roa (raw, json)
Hash identifier: dsf5h8rVqyQk3m4crL4klyAiakxUhp7wqJ/qVBTN71g=
Subject key identifier: AA:1F:CA:EA:65:E6:4B:98:B1:F2:A9:44:4D:6C:88:92:EE:FE:8F:9C
Certificate issuer: /CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Certificate serial: 1E97
Authority key identifier: 09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/252C7C72277D11F18E7BC787DAE4EC9C.roa
Signing time: Tue 24 Mar 2026 12:29:48 +0000
ROA not before: Tue 24 Mar 2026 12:29:42 +0000
ROA not after: Fri 24 Mar 2028 12:29:42 +0000
asID: 16276
IP address blocks: 154.16.16.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.mft
rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Thu 26 Mar 2026 12:29:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7831 (0x1e97)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3682B65AF, serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Validity
Not Before: Mar 24 12:29:42 2026 GMT
Not After : Mar 24 12:29:42 2028 GMT
Subject: CN=69c283bc-03c3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:61:00:d4:6d:6a:30:57:11:cd:1a:52:19:93:
8e:0a:d8:79:7a:ee:65:6d:1b:ab:99:91:a1:9f:ad:
dd:10:f4:fc:5a:c0:23:65:39:69:f1:13:dc:cb:3a:
2b:cb:7e:a6:13:fe:9c:d5:69:d0:74:ae:51:9a:af:
67:e0:fc:79:5e:70:9e:6e:84:f0:9e:d5:70:39:3b:
12:20:36:97:4b:68:e8:11:2a:12:24:9e:f1:97:a2:
c3:c8:38:42:50:3e:e9:bc:d0:2e:79:95:16:3d:67:
36:16:bb:86:ff:12:1e:e6:e9:53:37:36:df:82:df:
09:06:0a:98:6a:7b:4f:2d:ee:8f:a0:9c:a9:5a:7a:
ed:0d:f1:c2:96:5f:bf:a8:50:89:c9:04:cb:10:79:
1a:4e:c2:4b:0b:ef:79:ef:29:f7:f7:1d:6a:0f:05:
42:20:1d:cb:ba:18:d7:95:70:5b:5c:ef:14:34:5c:
b2:be:9c:45:ce:07:57:3a:1e:6c:97:bd:dc:51:bb:
f1:8f:5a:11:1a:9f:3a:67:88:29:be:61:4f:b9:09:
66:a1:d2:bc:8a:f5:da:4e:f9:c6:f7:b4:c5:f7:bf:
02:7f:b5:78:df:3c:a3:e5:c4:21:b6:b0:83:1c:b7:
96:a0:c5:02:1c:32:14:c9:10:5a:41:6f:8f:00:94:
e8:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:1F:CA:EA:65:E6:4B:98:B1:F2:A9:44:4D:6C:88:92:EE:FE:8F:9C
X509v3 Authority Key Identifier:
keyid:09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/252C7C72277D11F18E7BC787DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.16.16.0/24
Signature Algorithm: sha256WithRSAEncryption
7c:e5:c8:5c:26:06:02:73:75:e4:13:3c:ac:45:33:79:4f:ea:
65:9e:ea:15:5f:66:a2:b5:ef:7f:0d:56:c5:07:49:0e:0e:81:
50:13:7c:f8:69:87:85:d2:84:08:15:c2:05:e3:e0:bf:49:e5:
8d:b3:e0:3e:a6:be:65:bb:38:2a:84:34:cd:59:bc:dc:9f:77:
6b:c8:56:df:9d:ef:25:62:dc:2c:19:78:df:24:0f:f1:ee:3b:
d5:c3:75:2c:fe:c1:df:70:3b:38:21:ff:ea:8a:92:8d:61:c4:
eb:66:41:78:33:89:af:d0:aa:6d:e7:c9:99:68:db:31:8e:8d:
d5:a9:9f:52:bb:27:9b:81:37:78:90:ed:c9:cc:c1:71:0d:a6:
56:55:bc:e5:fc:30:ce:d6:d8:89:b5:5d:15:10:ec:3f:df:f7:
ef:fe:f7:1e:ef:8a:bf:c9:2a:52:ce:05:37:b1:21:71:26:a1:
5b:9c:6a:36:ca:a5:d2:4d:02:b6:60:be:2b:28:6f:55:d7:43:
01:0f:b7:8f:08:b8:da:31:cb:6e:32:4a:14:31:a4:13:d9:8a:
34:f2:a4:17:8e:48:35:71:62:2c:58:59:08:99:88:32:3a:f0:
40:ba:7c:37:f9:6d:8a:be:fd:26:0a:8f:84:b0:75:1e:71:5b:
06:a0:5a:43
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICHpcwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
ODJCNjVBRjExMC8GA1UEBRMoMDk0MEU2MzgyODMzMzZERTVDOEM1QTQwQTRDMjNC
MzRGM0Y5Q0E1MzAeFw0yNjAzMjQxMjI5NDJaFw0yODAzMjQxMjI5NDJaMBgxFjAU
BgNVBAMTDTY5YzI4M2JjLTAzYzMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDGYQDUbWowVxHNGlIZk44K2Hl67mVtG6uZkaGfrd0Q9PxawCNlOWnxE9zL
OivLfqYT/pzVadB0rlGar2fg/HlecJ5uhPCe1XA5OxIgNpdLaOgRKhIknvGXosPI
OEJQPum80C55lRY9ZzYWu4b/Eh7m6VM3Nt+C3wkGCphqe08t7o+gnKlaeu0N8cKW
X7+oUInJBMsQeRpOwksL73nvKff3HWoPBUIgHcu6GNeVcFtc7xQ0XLK+nEXOB1c6
HmyXvdxRu/GPWhEanzpniCm+YU+5CWah0ryK9dpO+cb3tMX3vwJ/tXjfPKPlxCG2
sIMct5agxQIcMhTJEFpBb48AlOjTAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUqh/K
6mXmS5ix8qlETWyIku7+j5wwHwYDVR0jBBgwFoAUCUDmOCgzNt5cjFpApMI7NPP5
ylMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4QUVBMjI4L0NVRG1P
Q2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0NVRG1PQ2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4
QUVBMjI4LzI1MkM3QzcyMjc3RDExRjE4RTdCQzc4N0RBRTRFQzlDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACaEBAwDQYJKoZIhvcNAQEL
BQADggEBAHzlyFwmBgJzdeQTPKxFM3lP6mWe6hVfZqK1738NVsUHSQ4OgVATfPhp
h4XShAgVwgXj4L9J5Y2z4D6mvmW7OCqENM1ZvNyfd2vIVt+d7yVi3CwZeN8kD/Hu
O9XDdSz+wd9wOzgh/+qKko1hxOtmQXgzia/Qqm3nyZlo2zGOjdWpn1K7J5uBN3iQ
7cnMwXENplZVvOX8MM7W2Im1XRUQ7D/f9+/+9x7vir/JKlLOBTexIXEmoVucajbK
pdJNArZgvisob1XXQwEPt48IuNoxy24yShQxpBPZijTypBeOSDVxYixYWQiZiDI6
8EC6fDf5bYq+/SYKj4SwdR5xWwagWkM=
-----END CERTIFICATE-----
Generated at Wed Mar 25 00:44:41 2026 by rpki-client