Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/A90BBC201C5011F1AADB7FDEDAE4EC9C.roa
File: A90BBC201C5011F1AADB7FDEDAE4EC9C.roa (raw, json)
Hash identifier: VpeOUTjXQ1tZRyo2wBMrebuDanmTR9wlRhJP9GWl1bc=
Subject key identifier: A7:01:25:A2:11:0B:C1:D6:A0:4D:B8:ED:EF:0B:E8:9B:C2:D7:67:AD
Certificate issuer: /CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Certificate serial: 1E65
Authority key identifier: 09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/A90BBC201C5011F1AADB7FDEDAE4EC9C.roa
Signing time: Tue 10 Mar 2026 07:13:39 +0000
ROA not before: Tue 10 Mar 2026 07:13:34 +0000
ROA not after: Fri 10 Mar 2028 07:13:34 +0000
asID: 29802
IP address blocks: 154.16.134.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.mft
rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Thu 12 Mar 2026 16:23:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7781 (0x1e65)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3682B65AF, serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Validity
Not Before: Mar 10 07:13:34 2026 GMT
Not After : Mar 10 07:13:34 2028 GMT
Subject: CN=69afc4a3-0780
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:0f:fc:c9:37:43:d3:34:6e:bd:bc:44:ac:8b:
e2:7a:70:04:01:77:24:13:7a:8d:88:dc:52:0b:fa:
ca:a4:3f:23:c2:5c:0a:a9:eb:87:a4:44:7b:a9:ce:
f5:f4:36:7b:1f:19:fb:98:2c:3d:01:ac:28:18:f3:
bc:6f:c5:d7:a1:01:4d:0f:08:d2:35:18:49:f0:37:
83:15:37:a9:0a:de:c8:01:45:66:56:99:ba:e8:1b:
b4:79:7f:c3:95:dc:71:97:a8:67:51:49:5b:06:73:
74:73:5a:13:3d:34:88:ae:c5:76:82:50:ef:e5:b6:
94:65:45:84:ec:5f:1c:36:8e:0c:8e:76:c8:a1:29:
11:e0:7d:a1:0a:d9:99:09:98:fb:4b:83:f0:aa:4e:
ac:e0:04:b4:f2:08:ce:f2:34:ee:9f:d2:9e:b4:09:
b9:0e:00:af:c2:d7:a3:5e:56:66:57:a3:fe:7a:7e:
27:df:76:16:b7:01:13:7c:c1:ee:89:a8:2c:0b:33:
82:a7:cc:75:a7:d4:13:a0:96:71:1c:13:bb:1f:ab:
e6:59:28:ab:c1:19:22:d1:59:07:69:eb:18:6c:96:
fc:20:d0:e2:7b:ea:47:ea:84:82:2a:b1:e1:eb:90:
0e:2b:82:67:3f:d6:50:25:fa:28:2e:ec:20:7e:09:
1f:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:01:25:A2:11:0B:C1:D6:A0:4D:B8:ED:EF:0B:E8:9B:C2:D7:67:AD
X509v3 Authority Key Identifier:
keyid:09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/A90BBC201C5011F1AADB7FDEDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.16.134.0/24
Signature Algorithm: sha256WithRSAEncryption
aa:fc:54:b2:90:e4:3e:7c:1f:84:74:b1:4a:b5:18:59:4c:c4:
c1:5e:bb:44:a3:a0:8c:5a:44:9f:dd:6e:4f:1a:f2:03:5c:d7:
df:bf:55:ca:7a:51:bd:4d:43:f3:e7:65:4f:a2:17:3b:1c:f2:
9c:90:ba:98:87:1e:88:34:1b:7f:84:6f:32:b6:52:96:36:ea:
ac:80:bb:ba:1b:b6:79:8d:29:c6:10:d4:cf:e5:db:52:af:67:
b5:6e:63:e1:e1:eb:e6:4d:00:d9:6d:7d:1f:93:10:d1:a6:c0:
d6:dc:2e:44:2b:14:37:55:2a:2b:d5:38:97:a4:7e:90:62:a2:
dd:d5:f5:27:2f:4e:85:62:32:73:02:51:cd:e8:dd:bd:76:80:
ae:d6:71:03:53:a4:ec:7c:5d:45:8d:12:fe:10:41:58:8b:64:
cf:71:d7:94:02:95:7f:6f:48:4d:be:4d:20:08:7b:dc:58:1c:
f9:00:4c:1b:f9:f0:1c:55:96:74:23:89:00:86:70:6f:63:cd:
0e:58:35:41:d3:7a:98:b7:0a:1b:88:3a:1b:29:c5:ed:68:de:
6c:9d:06:90:81:4f:b7:fa:03:73:03:8f:d5:8f:a8:2b:a3:e3:
66:d3:c2:24:cf:12:71:01:a1:fd:de:79:f4:03:48:58:68:71:
6e:11:e6:8c
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICHmUwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
ODJCNjVBRjExMC8GA1UEBRMoMDk0MEU2MzgyODMzMzZERTVDOEM1QTQwQTRDMjNC
MzRGM0Y5Q0E1MzAeFw0yNjAzMTAwNzEzMzRaFw0yODAzMTAwNzEzMzRaMBgxFjAU
BgNVBAMTDTY5YWZjNGEzLTA3ODAwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDPD/zJN0PTNG69vESsi+J6cAQBdyQTeo2I3FIL+sqkPyPCXAqp64ekRHup
zvX0NnsfGfuYLD0BrCgY87xvxdehAU0PCNI1GEnwN4MVN6kK3sgBRWZWmbroG7R5
f8OV3HGXqGdRSVsGc3RzWhM9NIiuxXaCUO/ltpRlRYTsXxw2jgyOdsihKRHgfaEK
2ZkJmPtLg/CqTqzgBLTyCM7yNO6f0p60CbkOAK/C16NeVmZXo/56fiffdha3ARN8
we6JqCwLM4KnzHWn1BOglnEcE7sfq+ZZKKvBGSLRWQdp6xhslvwg0OJ76kfqhIIq
seHrkA4rgmc/1lAl+igu7CB+CR83AgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUpwEl
ohELwdagTbjt7wvom8LXZ60wHwYDVR0jBBgwFoAUCUDmOCgzNt5cjFpApMI7NPP5
ylMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4QUVBMjI4L0NVRG1P
Q2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0NVRG1PQ2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4
QUVBMjI4L0E5MEJCQzIwMUM1MDExRjFBQURCN0ZERURBRTRFQzlDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACaEIYwDQYJKoZIhvcNAQEL
BQADggEBAKr8VLKQ5D58H4R0sUq1GFlMxMFeu0SjoIxaRJ/dbk8a8gNc19+/Vcp6
Ub1NQ/PnZU+iFzsc8pyQupiHHog0G3+EbzK2UpY26qyAu7obtnmNKcYQ1M/l21Kv
Z7VuY+Hh6+ZNANltfR+TENGmwNbcLkQrFDdVKivVOJekfpBiot3V9ScvToViMnMC
Uc3o3b12gK7WcQNTpOx8XUWNEv4QQViLZM9x15QClX9vSE2+TSAIe9xYHPkATBv5
8BxVlnQjiQCGcG9jzQ5YNUHTepi3ChuIOhspxe1o3mydBpCBT7f6A3MDj9WPqCuj
42bTwiTPEnEBof3eefQDSFhocW4R5ow=
-----END CERTIFICATE-----
Generated at Tue Mar 10 23:48:50 2026 by rpki-client