Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/3F3FA75C4C3911F1AB2FC4E4CE1D38B0.roa
File: 3F3FA75C4C3911F1AB2FC4E4CE1D38B0.roa (raw, json)
Hash identifier: Y4jLH4htQOW97+n9SNuXte+WAjwSKcvuzhEwzFtbna8=
Subject key identifier: E3:4F:5F:AB:BC:CE:17:96:44:71:7E:DA:78:5E:43:65:BD:74:96:21
Certificate issuer: /CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Certificate serial: 1F2E
Authority key identifier: 09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/3F3FA75C4C3911F1AB2FC4E4CE1D38B0.roa
Signing time: Sun 10 May 2026 06:26:59 +0000
ROA not before: Sun 10 May 2026 06:26:53 +0000
ROA not after: Wed 10 May 2028 06:26:53 +0000
asID: 396356
IP address blocks: 154.16.235.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.mft
rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 12 May 2026 00:07:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7982 (0x1f2e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3682B65AF, serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Validity
Not Before: May 10 06:26:53 2026 GMT
Not After : May 10 06:26:53 2028 GMT
Subject: CN=6a002532-05ee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:6b:1f:de:7e:14:59:92:74:98:ec:68:6f:df:
99:83:2c:c5:5f:ff:6b:27:4e:c9:9d:67:9f:2e:3e:
77:6d:cd:73:af:d9:45:e8:a6:61:81:52:9b:86:d7:
cd:3a:41:e5:a7:e3:73:f3:b5:d1:da:49:32:6c:db:
90:cc:f8:39:f7:ea:47:f4:50:4b:1b:fb:ce:8f:ed:
b5:de:66:b6:a6:82:7e:0a:94:26:26:99:a8:a0:8f:
d4:0c:8d:78:22:dd:d1:cd:25:82:6a:ab:2a:64:17:
e0:89:38:42:a4:64:cc:b8:3b:8a:dd:a5:f1:41:32:
50:41:57:0e:7a:ff:18:a5:a3:e9:99:98:8f:3f:b8:
d2:c9:ad:50:3a:06:1f:02:17:87:ce:80:a8:5b:12:
ca:b1:a8:56:68:ef:b2:68:d3:f5:1f:d2:01:46:58:
60:09:eb:f2:c7:8b:f3:ae:4f:c2:68:d8:8e:f9:a0:
13:25:cb:ca:79:90:e4:aa:7a:9a:d8:13:65:3f:47:
cc:11:95:b8:2c:13:50:3b:8d:01:9e:46:71:39:b6:
6b:63:7e:af:74:12:da:73:2b:6f:23:f5:f8:b2:d5:
32:80:8c:69:33:3f:15:6e:dd:10:67:b6:1b:79:40:
e5:cb:5b:47:3c:a1:cd:fc:06:30:c5:d9:96:72:f1:
8d:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:4F:5F:AB:BC:CE:17:96:44:71:7E:DA:78:5E:43:65:BD:74:96:21
X509v3 Authority Key Identifier:
keyid:09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/3F3FA75C4C3911F1AB2FC4E4CE1D38B0.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.16.235.0/24
Signature Algorithm: sha256WithRSAEncryption
a3:34:f0:d2:3c:72:74:76:d6:be:11:93:77:60:5e:1b:4b:50:
a3:14:43:47:10:a0:70:1b:ee:57:30:51:da:e2:84:ed:4d:9c:
f5:24:74:6d:89:7e:cd:53:b1:6a:e2:2d:7e:ce:2d:38:4e:86:
76:22:74:53:7b:81:28:01:51:14:3f:69:31:47:44:db:56:b9:
77:43:17:02:84:4b:39:5d:bb:36:ec:93:15:9e:2e:1b:6e:88:
6c:98:8d:e7:5c:03:28:78:ca:8f:55:1b:06:e3:80:8b:96:2a:
f6:18:c8:a7:19:5c:92:d5:52:f2:15:1e:74:2e:08:6f:c5:9b:
e6:93:09:66:f8:0c:f1:ab:1b:71:1f:5b:5c:ba:e6:bc:6d:99:
06:e8:bd:bc:4e:fb:fe:c7:43:c2:7f:c0:74:1f:da:82:c3:87:
d7:bb:51:e9:b0:63:11:14:49:b5:0e:89:a9:20:cb:f6:75:59:
a5:a7:8c:01:59:b5:8f:f3:9b:7d:ba:b9:d1:78:7b:24:5c:8d:
f6:2a:05:8f:90:86:6d:c0:34:42:3e:34:f5:73:75:aa:57:c4:
92:8a:a6:c7:3f:cc:27:1b:dc:41:a5:5d:13:e7:82:f1:39:e5:
69:7f:6f:b7:05:ec:99:c4:1a:7b:72:b0:8b:24:65:22:27:f0:
d6:f3:82:10
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICHy4wDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
ODJCNjVBRjExMC8GA1UEBRMoMDk0MEU2MzgyODMzMzZERTVDOEM1QTQwQTRDMjNC
MzRGM0Y5Q0E1MzAeFw0yNjA1MTAwNjI2NTNaFw0yODA1MTAwNjI2NTNaMBgxFjAU
BgNVBAMTDTZhMDAyNTMyLTA1ZWUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQCpax/efhRZknSY7Ghv35mDLMVf/2snTsmdZ58uPndtzXOv2UXopmGBUpuG
1806QeWn43PztdHaSTJs25DM+Dn36kf0UEsb+86P7bXeZramgn4KlCYmmaigj9QM
jXgi3dHNJYJqqypkF+CJOEKkZMy4O4rdpfFBMlBBVw56/xilo+mZmI8/uNLJrVA6
Bh8CF4fOgKhbEsqxqFZo77Jo0/Uf0gFGWGAJ6/LHi/OuT8Jo2I75oBMly8p5kOSq
eprYE2U/R8wRlbgsE1A7jQGeRnE5tmtjfq90EtpzK28j9fiy1TKAjGkzPxVu3RBn
tht5QOXLW0c8oc38BjDF2ZZy8Y3/AgMBAAGjggKlMIICoTAdBgNVHQ4EFgQU409f
q7zOF5ZEcX7aeF5DZb10liEwHwYDVR0jBBgwFoAUCUDmOCgzNt5cjFpApMI7NPP5
ylMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4QUVBMjI4L0NVRG1P
Q2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0NVRG1PQ2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4
QUVBMjI4LzNGM0ZBNzVDNEMzOTExRjFBQjJGQzRFNENFMUQzOEIwLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACaEOswDQYJKoZIhvcNAQEL
BQADggEBAKM08NI8cnR21r4Rk3dgXhtLUKMUQ0cQoHAb7lcwUdrihO1NnPUkdG2J
fs1TsWriLX7OLThOhnYidFN7gSgBURQ/aTFHRNtWuXdDFwKESzlduzbskxWeLhtu
iGyYjedcAyh4yo9VGwbjgIuWKvYYyKcZXJLVUvIVHnQuCG/Fm+aTCWb4DPGrG3Ef
W1y65rxtmQbovbxO+/7HQ8J/wHQf2oLDh9e7UemwYxEUSbUOiakgy/Z1WaWnjAFZ
tY/zm326udF4eyRcjfYqBY+Qhm3ANEI+NPVzdapXxJKKpsc/zCcb3EGlXRPngvE5
5Wl/b7cF7JnEGntysIskZSIn8NbzghA=
-----END CERTIFICATE-----
Generated at Sun May 10 12:51:41 2026 by rpki-client