Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/41F78272543A11F1A1C2330ACF1D38B0.roa
File: 41F78272543A11F1A1C2330ACF1D38B0.roa (raw, json)
Hash identifier: c3ZWyMIvoTMRtNYS8Ss4dOBF0xM15F0e69GIgn3QOFE=
Subject key identifier: 5B:58:58:A3:41:5C:B9:F8:15:B6:95:DF:07:FA:19:C9:D9:3E:35:F3
Certificate issuer: /CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Certificate serial: 1F5E
Authority key identifier: 09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/41F78272543A11F1A1C2330ACF1D38B0.roa
Signing time: Wed 20 May 2026 10:54:22 +0000
ROA not before: Wed 20 May 2026 10:54:17 +0000
ROA not after: Sat 20 May 2028 10:54:17 +0000
asID: 212890
IP address blocks: 154.16.16.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.mft
rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 22 May 2026 08:26:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 8030 (0x1f5e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3682B65AF, serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Validity
Not Before: May 20 10:54:17 2026 GMT
Not After : May 20 10:54:17 2028 GMT
Subject: CN=6a0d92de-dd69
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:bd:1f:6a:a9:f0:91:4a:23:39:7f:2f:be:b3:
37:a8:fe:88:8e:42:10:ff:ea:91:49:9e:aa:a1:32:
af:66:e9:86:8d:84:20:7c:eb:a4:3f:0c:c9:64:a7:
b0:5a:aa:ad:f3:6f:f4:4f:55:ff:7e:e8:a8:31:86:
ba:cb:09:65:53:d4:25:72:30:21:e8:47:83:fe:83:
bd:b6:30:c5:a8:1e:a3:21:7a:47:cb:d3:c6:5d:96:
0a:ec:68:7c:05:d4:b7:64:3a:f7:f8:39:82:e0:6d:
d5:c7:8c:92:fb:8a:e3:2d:68:b7:19:32:6e:38:5d:
97:10:f8:af:12:18:1f:f3:d6:e7:0d:53:7b:12:77:
c7:b1:57:25:db:f0:87:eb:bc:1a:e6:23:b8:a3:c4:
9e:4e:c1:a7:4e:7a:9f:75:4b:ab:c8:2d:10:76:4b:
3a:86:9c:04:92:7a:05:0a:a0:19:cc:ff:da:b5:b8:
e7:20:32:14:ed:3d:01:2c:e7:80:1c:06:67:af:99:
bf:99:78:f9:7a:62:6a:9a:16:b5:53:8b:22:5f:7a:
6a:12:37:23:2a:89:b6:8e:78:a9:47:2d:05:00:3d:
81:fe:53:43:bb:f8:38:4c:ec:a5:7f:fa:1b:01:27:
e0:6f:d9:4e:8e:75:8b:e0:e7:bc:48:ca:9c:60:e9:
6e:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:58:58:A3:41:5C:B9:F8:15:B6:95:DF:07:FA:19:C9:D9:3E:35:F3
X509v3 Authority Key Identifier:
keyid:09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/41F78272543A11F1A1C2330ACF1D38B0.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.16.16.0/24
Signature Algorithm: sha256WithRSAEncryption
0f:fd:61:7f:a4:be:1b:e0:46:bf:05:ad:df:a0:bc:a8:c9:5b:
ed:c7:e3:e5:db:7e:60:6c:e3:ac:c0:70:a7:a5:47:ee:6b:9e:
fa:97:b7:73:bf:8c:cf:00:b4:50:ff:ac:f9:b4:9d:29:5e:f7:
bd:a1:f8:e8:02:9f:69:af:97:dd:61:ec:ae:29:a4:a8:3f:82:
ca:6f:03:78:8c:47:e0:44:9b:5b:53:7b:36:08:f7:8d:4c:76:
b3:c8:53:da:0e:bb:10:b6:86:39:41:f0:d7:00:fb:dc:16:41:
23:49:0d:74:7d:39:c0:64:55:98:95:f9:c7:f6:0c:2e:a9:cf:
de:e1:b8:97:06:d8:bf:6f:4c:5c:02:81:1c:13:13:f6:88:39:
af:37:26:db:be:64:8a:55:f5:f8:81:03:37:3e:b1:00:5a:a9:
37:aa:48:71:0c:26:12:9a:72:29:e4:84:ab:4b:0c:03:3b:ae:
79:fc:36:9a:e0:4b:c0:50:42:97:e9:b1:7b:df:18:83:b6:c7:
77:07:75:0c:3a:c5:06:48:09:80:93:03:0b:35:8c:92:e3:60:
24:62:4a:40:50:b1:7c:f6:51:cc:49:dc:90:62:07:f5:33:6e:
46:30:d4:ea:0c:48:74:ea:4d:99:e5:90:73:11:7e:2d:14:5c:
01:ae:b3:e2
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICH14wDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
ODJCNjVBRjExMC8GA1UEBRMoMDk0MEU2MzgyODMzMzZERTVDOEM1QTQwQTRDMjNC
MzRGM0Y5Q0E1MzAeFw0yNjA1MjAxMDU0MTdaFw0yODA1MjAxMDU0MTdaMBgxFjAU
BgNVBAMTDTZhMGQ5MmRlLWRkNjkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQCjvR9qqfCRSiM5fy++szeo/oiOQhD/6pFJnqqhMq9m6YaNhCB866Q/DMlk
p7Baqq3zb/RPVf9+6KgxhrrLCWVT1CVyMCHoR4P+g722MMWoHqMhekfL08Zdlgrs
aHwF1LdkOvf4OYLgbdXHjJL7iuMtaLcZMm44XZcQ+K8SGB/z1ucNU3sSd8exVyXb
8IfrvBrmI7ijxJ5OwadOep91S6vILRB2SzqGnASSegUKoBnM/9q1uOcgMhTtPQEs
54AcBmevmb+ZePl6YmqaFrVTiyJfemoSNyMqibaOeKlHLQUAPYH+U0O7+DhM7KV/
+hsBJ+Bv2U6OdYvg57xIypxg6W47AgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUW1hY
o0FcufgVtpXfB/oZydk+NfMwHwYDVR0jBBgwFoAUCUDmOCgzNt5cjFpApMI7NPP5
ylMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4QUVBMjI4L0NVRG1P
Q2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0NVRG1PQ2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4
QUVBMjI4LzQxRjc4MjcyNTQzQTExRjFBMUMyMzMwQUNGMUQzOEIwLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACaEBAwDQYJKoZIhvcNAQEL
BQADggEBAA/9YX+kvhvgRr8Frd+gvKjJW+3H4+XbfmBs46zAcKelR+5rnvqXt3O/
jM8AtFD/rPm0nSle972h+OgCn2mvl91h7K4ppKg/gspvA3iMR+BEm1tTezYI941M
drPIU9oOuxC2hjlB8NcA+9wWQSNJDXR9OcBkVZiV+cf2DC6pz97huJcG2L9vTFwC
gRwTE/aIOa83Jtu+ZIpV9fiBAzc+sQBaqTeqSHEMJhKacinkhKtLDAM7rnn8Nprg
S8BQQpfpsXvfGIO2x3cHdQw6xQZICYCTAws1jJLjYCRiSkBQsXz2UcxJ3JBiB/Uz
bkYw1OoMSHTqTZnlkHMRfi0UXAGus+I=
-----END CERTIFICATE-----
Generated at Wed May 20 23:46:59 2026 by rpki-client