Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/8747DB2C1D4111F1B80216DBDAE4EC9C.roa
File: 8747DB2C1D4111F1B80216DBDAE4EC9C.roa (raw, json)
Hash identifier: q1A7ULbjZYzgD9dECdIoLOKiRyAlxBJ56PL6eHYH3lE=
Subject key identifier: AE:75:18:B9:AF:21:8F:2F:01:DB:FE:63:FD:E6:ED:CC:5D:93:D7:CB
Certificate issuer: /CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Certificate serial: 1E7A
Authority key identifier: 09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/8747DB2C1D4111F1B80216DBDAE4EC9C.roa
Signing time: Wed 11 Mar 2026 11:57:51 +0000
ROA not before: Wed 11 Mar 2026 11:57:46 +0000
ROA not after: Sat 11 Mar 2028 11:57:46 +0000
asID: 29802
IP address blocks: 154.16.63.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.mft
rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 14 Mar 2026 00:06:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7802 (0x1e7a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3682B65AF, serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Validity
Not Before: Mar 11 11:57:46 2026 GMT
Not After : Mar 11 11:57:46 2028 GMT
Subject: CN=69b158bf-2548
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:92:0a:a0:71:36:e5:56:7f:4e:5c:87:7b:8b:
b9:75:69:7a:0f:bf:07:50:78:3c:53:fb:54:f2:cb:
41:e0:5c:53:0d:b6:58:43:05:66:c4:25:23:6d:1a:
72:ad:77:16:47:7e:f2:71:9a:38:2e:60:18:8c:ff:
3b:80:20:15:96:3f:6b:a7:af:5b:dc:a6:eb:74:58:
f3:20:1b:a9:0f:60:ce:10:37:3c:71:a7:3f:ea:68:
1c:f7:1d:84:3e:f1:36:aa:76:08:a0:f1:37:00:1d:
0b:c0:bf:e4:d0:5a:90:63:c2:c9:4f:69:d5:05:63:
a7:3b:ea:68:71:e5:41:15:c0:24:9d:10:66:3a:b5:
c5:af:0a:69:52:e8:53:57:88:27:34:62:a8:ee:2b:
31:7e:f5:56:bb:dd:cf:ad:af:45:a7:94:d1:13:23:
dd:7f:09:66:7f:ee:e9:32:d4:5d:af:02:b2:9d:78:
7f:64:17:eb:a5:ba:90:2a:72:b6:90:69:11:c3:da:
22:5d:1d:68:7d:33:1e:dc:2c:02:77:a3:89:0a:40:
0f:1d:3e:60:6c:20:d0:a7:05:35:54:48:d5:2a:bc:
aa:a6:fe:6c:48:93:99:8b:4c:91:d9:a4:b2:41:94:
bd:a2:ff:aa:02:8f:05:d2:e7:42:f8:12:fb:0c:cc:
e6:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:75:18:B9:AF:21:8F:2F:01:DB:FE:63:FD:E6:ED:CC:5D:93:D7:CB
X509v3 Authority Key Identifier:
keyid:09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/8747DB2C1D4111F1B80216DBDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.16.63.0/24
Signature Algorithm: sha256WithRSAEncryption
0f:58:5b:35:61:7e:ce:2f:8b:24:39:5b:b7:78:8d:77:78:90:
87:f8:5a:6f:4b:3f:c8:ee:e9:81:04:e4:8d:25:a2:f7:a9:9e:
08:27:78:38:04:cb:07:3c:70:7c:2b:e2:f6:36:47:a7:a7:f8:
64:c3:a3:14:0f:c0:10:0b:2e:82:bf:4e:4b:7d:cb:36:f5:4f:
0c:8c:e6:00:70:74:4f:1e:b9:47:38:03:79:b8:9f:d4:0e:65:
b5:cc:9d:d9:b4:65:63:d5:66:e6:24:75:45:ef:d9:ba:79:a8:
68:48:96:a7:c6:1d:92:4a:b0:f9:a6:23:39:e4:f4:1e:b4:5d:
05:15:08:0d:d7:b3:6b:58:e6:e9:d4:ef:5b:66:5d:90:2b:f2:
82:8a:ae:11:c6:9a:d8:40:f9:6e:dc:97:cd:4b:75:ab:96:3f:
44:3c:e0:f7:93:b7:ed:d3:84:ba:29:0d:a4:34:84:08:8e:d9:
59:aa:60:28:ce:da:53:f4:d2:97:88:c9:84:3a:5c:08:49:b2:
e7:53:76:85:83:bd:09:1a:07:cc:33:a3:81:d2:74:2e:db:29:
96:b5:ef:28:00:09:a3:dd:f1:80:24:7a:1c:72:ce:d3:c7:d3:
b2:e3:aa:4d:e4:e5:cc:06:85:cc:02:dc:fd:b4:b7:a7:ad:e8:
64:07:7c:2d
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICHnowDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
ODJCNjVBRjExMC8GA1UEBRMoMDk0MEU2MzgyODMzMzZERTVDOEM1QTQwQTRDMjNC
MzRGM0Y5Q0E1MzAeFw0yNjAzMTExMTU3NDZaFw0yODAzMTExMTU3NDZaMBgxFjAU
BgNVBAMTDTY5YjE1OGJmLTI1NDgwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQCmkgqgcTblVn9OXId7i7l1aXoPvwdQeDxT+1Tyy0HgXFMNtlhDBWbEJSNt
GnKtdxZHfvJxmjguYBiM/zuAIBWWP2unr1vcput0WPMgG6kPYM4QNzxxpz/qaBz3
HYQ+8Taqdgig8TcAHQvAv+TQWpBjwslPadUFY6c76mhx5UEVwCSdEGY6tcWvCmlS
6FNXiCc0YqjuKzF+9Va73c+tr0WnlNETI91/CWZ/7uky1F2vArKdeH9kF+ulupAq
craQaRHD2iJdHWh9Mx7cLAJ3o4kKQA8dPmBsINCnBTVUSNUqvKqm/mxIk5mLTJHZ
pLJBlL2i/6oCjwXS50L4EvsMzOahAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUrnUY
ua8hjy8B2/5j/ebtzF2T18swHwYDVR0jBBgwFoAUCUDmOCgzNt5cjFpApMI7NPP5
ylMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4QUVBMjI4L0NVRG1P
Q2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0NVRG1PQ2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4
QUVBMjI4Lzg3NDdEQjJDMUQ0MTExRjFCODAyMTZEQkRBRTRFQzlDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACaED8wDQYJKoZIhvcNAQEL
BQADggEBAA9YWzVhfs4viyQ5W7d4jXd4kIf4Wm9LP8ju6YEE5I0lovepnggneDgE
ywc8cHwr4vY2R6en+GTDoxQPwBALLoK/Tkt9yzb1TwyM5gBwdE8euUc4A3m4n9QO
ZbXMndm0ZWPVZuYkdUXv2bp5qGhIlqfGHZJKsPmmIznk9B60XQUVCA3Xs2tY5unU
71tmXZAr8oKKrhHGmthA+W7cl81LdauWP0Q84PeTt+3ThLopDaQ0hAiO2VmqYCjO
2lP00peIyYQ6XAhJsudTdoWDvQkaB8wzo4HSdC7bKZa17ygACaPd8YAkehxyztPH
07Ljqk3k5cwGhcwC3P20t6et6GQHfC0=
-----END CERTIFICATE-----
Generated at Thu Mar 12 12:21:53 2026 by rpki-client