Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/686AA8BE5DA711F18786C0EECE1D38B0.roa
File: 686AA8BE5DA711F18786C0EECE1D38B0.roa (raw, json)
Hash identifier: sdNoK9Xb5UyOLyyrJYvZ4Wb2TWaIhUcCxCirNSvyA6I=
Subject key identifier: 14:FD:0F:60:70:47:83:CD:53:79:9C:06:50:81:4B:23:0F:BF:AB:31
Certificate issuer: /CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Certificate serial: 1F95
Authority key identifier: 09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/686AA8BE5DA711F18786C0EECE1D38B0.roa
Signing time: Mon 01 Jun 2026 10:48:22 +0000
ROA not before: Mon 01 Jun 2026 10:48:18 +0000
ROA not after: Thu 01 Jun 2028 10:48:18 +0000
asID: 30058
IP address blocks: 154.16.41.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.mft
rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Wed 03 Jun 2026 10:48:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 8085 (0x1f95)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3682B65AF, serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Validity
Not Before: Jun 1 10:48:18 2026 GMT
Not After : Jun 1 10:48:18 2028 GMT
Subject: CN=6a1d6376-fe0f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:f1:4f:af:9b:e7:68:78:31:63:48:52:0f:37:
6b:2c:34:cd:83:d7:91:67:e1:ca:d7:58:77:41:08:
f7:9e:ba:99:fb:9a:55:f2:53:8f:62:ac:ea:df:d5:
8d:63:a5:9d:86:be:0c:b9:ad:e8:54:95:6c:1d:cb:
2f:80:67:88:de:d1:b6:41:fe:52:2c:76:f7:f2:60:
a7:46:ec:38:4b:2e:08:20:45:ec:04:fc:78:06:40:
7e:d9:1f:e3:55:37:cd:44:34:e5:f9:96:9a:42:a6:
d4:fd:e0:54:2c:54:c1:87:11:40:2b:cc:4e:65:f8:
04:17:a0:d7:ee:27:b1:86:a9:86:7e:00:fa:92:4d:
ef:e4:38:19:8d:79:70:63:de:21:20:29:ad:90:fc:
77:74:ae:4a:03:93:e4:a1:0b:10:e3:fa:37:15:0c:
6e:50:c7:92:d3:37:21:57:51:eb:ae:a3:56:21:9f:
82:cc:ce:75:5f:6c:43:8d:05:55:24:c6:5d:4d:87:
bf:54:a3:20:c0:58:35:96:44:d8:b5:91:52:21:94:
02:1d:8d:0b:76:ba:ff:9b:eb:a1:43:13:de:f6:15:
39:b7:0e:43:06:60:ab:62:f0:ae:80:88:6a:ab:81:
fd:35:df:3e:ca:66:9d:6f:06:4d:0e:25:24:8b:a5:
46:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:FD:0F:60:70:47:83:CD:53:79:9C:06:50:81:4B:23:0F:BF:AB:31
X509v3 Authority Key Identifier:
keyid:09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/686AA8BE5DA711F18786C0EECE1D38B0.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.16.41.0/24
Signature Algorithm: sha256WithRSAEncryption
51:d4:ff:24:ed:28:82:1a:3e:be:be:d2:47:20:c3:6c:8d:6d:
b7:05:1b:a1:09:aa:03:84:d8:a8:8a:f1:88:c9:75:0f:79:a1:
1f:fc:e8:79:6f:51:f6:f2:9d:f2:82:95:f6:6a:35:1b:63:91:
02:61:ef:1e:be:0b:aa:e2:62:0a:94:bc:54:81:12:69:c9:a6:
fc:46:5d:2d:e6:22:06:32:39:07:23:3d:2f:54:ff:7a:5b:9f:
31:bc:a5:b0:b9:9d:3a:26:19:8a:8f:8d:e7:b2:7a:0d:3f:29:
7d:b0:32:50:53:81:26:79:d7:49:98:e3:40:5a:2a:9c:33:32:
df:74:b0:e7:3b:11:e8:9c:d9:4b:23:e8:80:25:18:2e:fb:06:
b5:bc:36:6e:ef:6a:9d:1f:84:d1:dc:48:14:d7:cc:14:f2:c8:
86:2b:f8:4a:fd:f6:86:cc:78:ad:9a:5c:aa:13:6b:2e:89:3f:
59:67:0c:6c:7a:5b:53:aa:31:7f:16:3a:c0:23:fe:ad:5b:98:
5e:22:80:06:1a:db:07:0b:60:0f:8f:1a:5b:98:bf:06:7c:d2:
6f:d9:57:58:f7:a3:9c:80:04:e5:08:28:1a:e5:af:33:9d:15:
4a:4b:21:1e:e2:91:d3:99:d1:36:cc:a1:33:0f:3c:58:8e:ec:
3b:e2:c0:cc
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICH5UwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
ODJCNjVBRjExMC8GA1UEBRMoMDk0MEU2MzgyODMzMzZERTVDOEM1QTQwQTRDMjNC
MzRGM0Y5Q0E1MzAeFw0yNjA2MDExMDQ4MThaFw0yODA2MDExMDQ4MThaMBgxFjAU
BgNVBAMTDTZhMWQ2Mzc2LWZlMGYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDl8U+vm+doeDFjSFIPN2ssNM2D15Fn4crXWHdBCPeeupn7mlXyU49irOrf
1Y1jpZ2Gvgy5rehUlWwdyy+AZ4je0bZB/lIsdvfyYKdG7DhLLgggRewE/HgGQH7Z
H+NVN81ENOX5lppCptT94FQsVMGHEUArzE5l+AQXoNfuJ7GGqYZ+APqSTe/kOBmN
eXBj3iEgKa2Q/Hd0rkoDk+ShCxDj+jcVDG5Qx5LTNyFXUeuuo1Yhn4LMznVfbEON
BVUkxl1Nh79UoyDAWDWWRNi1kVIhlAIdjQt2uv+b66FDE972FTm3DkMGYKti8K6A
iGqrgf013z7KZp1vBk0OJSSLpUbxAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUFP0P
YHBHg81TeZwGUIFLIw+/qzEwHwYDVR0jBBgwFoAUCUDmOCgzNt5cjFpApMI7NPP5
ylMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4QUVBMjI4L0NVRG1P
Q2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0NVRG1PQ2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4
QUVBMjI4LzY4NkFBOEJFNURBNzExRjE4Nzg2QzBFRUNFMUQzOEIwLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACaECkwDQYJKoZIhvcNAQEL
BQADggEBAFHU/yTtKIIaPr6+0kcgw2yNbbcFG6EJqgOE2KiK8YjJdQ95oR/86Hlv
UfbynfKClfZqNRtjkQJh7x6+C6riYgqUvFSBEmnJpvxGXS3mIgYyOQcjPS9U/3pb
nzG8pbC5nTomGYqPjeeyeg0/KX2wMlBTgSZ510mY40BaKpwzMt90sOc7Eeic2Usj
6IAlGC77BrW8Nm7vap0fhNHcSBTXzBTyyIYr+Er99obMeK2aXKoTay6JP1lnDGx6
W1OqMX8WOsAj/q1bmF4igAYa2wcLYA+PGluYvwZ80m/ZV1j3o5yABOUIKBrlrzOd
FUpLIR7ikdOZ0TbMoTMPPFiO7DviwMw=
-----END CERTIFICATE-----
Generated at Tue Jun 2 03:00:31 2026 by rpki-client