Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/40223EDC4A3611F1BEC2791BCF1D38B0.roa
File: 40223EDC4A3611F1BEC2791BCF1D38B0.roa (raw, json)
Hash identifier: mhKin1MY+TO4I2WStNEvoJ3K/DdoeVc/unGWoLTbwl8=
Subject key identifier: 12:68:8D:50:5D:E4:E9:68:2B:DE:49:EB:D1:96:3A:7B:63:B4:E0:91
Certificate issuer: /CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Certificate serial: 1F1C
Authority key identifier: 09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/40223EDC4A3611F1BEC2791BCF1D38B0.roa
Signing time: Thu 07 May 2026 17:00:29 +0000
ROA not before: Thu 07 May 2026 17:00:23 +0000
ROA not after: Sun 07 May 2028 17:00:23 +0000
asID: 216138
IP address blocks: 154.16.43.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.mft
rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 11 May 2026 00:07:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7964 (0x1f1c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3682B65AF, serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Validity
Not Before: May 7 17:00:23 2026 GMT
Not After : May 7 17:00:23 2028 GMT
Subject: CN=69fcc52d-e0dc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:96:4b:55:21:39:4f:eb:4f:fd:20:7f:ff:d0:
64:66:25:28:82:9c:40:b7:f0:8c:fb:89:4d:5b:b6:
09:14:37:bc:eb:f8:7f:9f:a3:1c:e2:fe:15:4c:4d:
04:47:3a:24:20:58:f9:52:66:9a:b8:77:7d:5d:21:
a0:9c:60:d1:40:55:76:80:e6:2c:38:ec:70:11:10:
12:cf:b7:63:cf:91:6a:01:47:9d:6e:1d:9a:30:5a:
72:d1:c0:2d:16:58:84:3b:91:48:38:c2:fb:3a:74:
41:73:68:c7:82:0f:1a:84:3a:ac:da:4d:54:6b:b9:
72:cd:4b:95:5c:05:a0:92:50:48:4c:35:a1:e3:80:
18:1e:93:02:42:84:17:59:96:16:73:8e:d9:10:a2:
31:a7:ed:b2:da:f6:32:e3:f8:ef:ce:f2:56:55:72:
26:b6:a2:e4:c4:78:c8:70:fb:ab:28:b8:ee:08:13:
0b:a7:c0:b9:46:63:f3:54:cf:27:c2:bf:b3:4d:7c:
41:b8:d6:c5:ba:3a:33:3f:2b:82:7b:06:01:00:b3:
23:92:a4:8d:9b:42:7a:e6:a2:ac:6f:1b:a4:fb:f8:
fe:53:a5:0a:43:41:b8:39:c3:d4:ae:7d:96:78:54:
ff:48:af:68:29:eb:a2:49:b1:dc:85:ad:c5:6e:46:
98:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
12:68:8D:50:5D:E4:E9:68:2B:DE:49:EB:D1:96:3A:7B:63:B4:E0:91
X509v3 Authority Key Identifier:
keyid:09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/40223EDC4A3611F1BEC2791BCF1D38B0.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.16.43.0/24
Signature Algorithm: sha256WithRSAEncryption
2c:b6:f8:29:19:15:9c:26:a4:30:57:ee:7a:46:58:9c:2d:d8:
7d:df:70:46:4a:bb:64:98:1b:19:67:31:f8:4a:59:74:59:e0:
f8:d1:e2:4b:30:4c:86:24:07:87:33:aa:3e:31:9e:ab:9d:7c:
33:3f:6f:78:8b:b6:24:20:a7:0e:fe:6e:c9:b1:ad:c2:04:24:
96:3c:41:8b:6f:12:f3:26:7e:7e:d7:78:0d:0c:fe:dc:f6:a5:
da:a0:45:1c:63:19:21:db:34:1b:5f:68:76:dc:23:39:45:01:
0e:2c:d7:a4:b8:04:33:f3:49:48:d7:d9:91:6b:58:c8:25:86:
2d:fe:a4:d5:39:c4:31:58:75:7c:f4:82:d3:ea:ff:0d:ca:26:
9f:31:3f:fd:14:70:84:c7:77:1c:44:a3:01:21:44:39:db:10:
ce:2c:04:e7:c4:51:03:54:fd:30:4f:0b:dc:b8:72:3a:50:18:
4b:5d:cd:f1:c0:2c:f8:ea:67:ad:f5:fc:e4:04:c2:6a:a6:11:
91:fb:36:11:b9:5b:89:d8:34:0c:db:31:54:47:31:88:20:c8:
be:c9:46:ab:21:a7:e1:b6:41:3b:7f:25:71:ca:9d:2a:6b:27:
b0:1e:34:72:4d:58:19:26:80:2c:47:4e:fb:8c:97:e4:da:4b:
9a:d8:f8:34
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICHxwwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
ODJCNjVBRjExMC8GA1UEBRMoMDk0MEU2MzgyODMzMzZERTVDOEM1QTQwQTRDMjNC
MzRGM0Y5Q0E1MzAeFw0yNjA1MDcxNzAwMjNaFw0yODA1MDcxNzAwMjNaMBgxFjAU
BgNVBAMTDTY5ZmNjNTJkLWUwZGMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDnlktVITlP60/9IH//0GRmJSiCnEC38Iz7iU1btgkUN7zr+H+foxzi/hVM
TQRHOiQgWPlSZpq4d31dIaCcYNFAVXaA5iw47HAREBLPt2PPkWoBR51uHZowWnLR
wC0WWIQ7kUg4wvs6dEFzaMeCDxqEOqzaTVRruXLNS5VcBaCSUEhMNaHjgBgekwJC
hBdZlhZzjtkQojGn7bLa9jLj+O/O8lZVcia2ouTEeMhw+6souO4IEwunwLlGY/NU
zyfCv7NNfEG41sW6OjM/K4J7BgEAsyOSpI2bQnrmoqxvG6T7+P5TpQpDQbg5w9Su
fZZ4VP9Ir2gp66JJsdyFrcVuRphfAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUEmiN
UF3k6Wgr3knr0ZY6e2O04JEwHwYDVR0jBBgwFoAUCUDmOCgzNt5cjFpApMI7NPP5
ylMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4QUVBMjI4L0NVRG1P
Q2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0NVRG1PQ2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4
QUVBMjI4LzQwMjIzRURDNEEzNjExRjFCRUMyNzkxQkNGMUQzOEIwLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACaECswDQYJKoZIhvcNAQEL
BQADggEBACy2+CkZFZwmpDBX7npGWJwt2H3fcEZKu2SYGxlnMfhKWXRZ4PjR4ksw
TIYkB4czqj4xnqudfDM/b3iLtiQgpw7+bsmxrcIEJJY8QYtvEvMmfn7XeA0M/tz2
pdqgRRxjGSHbNBtfaHbcIzlFAQ4s16S4BDPzSUjX2ZFrWMglhi3+pNU5xDFYdXz0
gtPq/w3KJp8xP/0UcITHdxxEowEhRDnbEM4sBOfEUQNU/TBPC9y4cjpQGEtdzfHA
LPjqZ631/OQEwmqmEZH7NhG5W4nYNAzbMVRHMYggyL7JRqshp+G2QTt/JXHKnSpr
J7AeNHJNWBkmgCxHTvuMl+TaS5rY+DQ=
-----END CERTIFICATE-----
Generated at Sat May 9 04:54:44 2026 by rpki-client