Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/B95990EC2CC811F1B15075B0DAE4EC9C.roa
File: B95990EC2CC811F1B15075B0DAE4EC9C.roa (raw, json)
Hash identifier: aRmT3KTdYR8Gt4QVQ6paDumxURqxRabjvKITBsgfnSw=
Subject key identifier: 0C:33:FD:18:B8:3D:91:EA:CB:FF:4D:04:77:C9:5B:0C:80:FE:E7:1D
Certificate issuer: /CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Certificate serial: 1EA1
Authority key identifier: 09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/B95990EC2CC811F1B15075B0DAE4EC9C.roa
Signing time: Tue 31 Mar 2026 06:13:24 +0000
ROA not before: Tue 31 Mar 2026 06:13:19 +0000
ROA not after: Fri 31 Mar 2028 06:13:19 +0000
asID: 397423
IP address blocks: 154.16.192.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.mft
rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Thu 02 Apr 2026 00:07:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7841 (0x1ea1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3682B65AF, serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Validity
Not Before: Mar 31 06:13:19 2026 GMT
Not After : Mar 31 06:13:19 2028 GMT
Subject: CN=69cb6604-fc74
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:42:fe:96:4b:f4:89:58:f2:0e:ea:0c:94:4a:
82:91:94:5a:0d:43:c3:a4:8d:27:b2:b8:c7:42:e5:
9b:41:7c:5d:43:f5:17:f8:cc:00:07:de:da:4c:71:
32:4e:66:b4:8b:2c:1f:c2:9e:1a:e2:b2:08:dc:01:
09:f3:02:a3:59:92:64:f1:fe:ba:41:9f:41:6a:2d:
8f:98:68:65:99:c6:5a:a3:bf:1e:da:45:2f:ca:0a:
63:72:9e:79:e8:d2:f8:38:9f:43:bc:71:29:1b:2a:
30:9e:bf:37:d7:63:4a:3f:7f:5e:e6:87:d8:6d:96:
22:f4:30:93:f6:e4:30:a0:18:80:9b:86:02:25:de:
eb:3e:cd:dc:59:7f:94:46:e2:b8:66:1e:50:b5:39:
5e:5e:7a:59:78:69:7f:ed:31:99:bf:47:44:60:0c:
17:1f:eb:f4:7b:9d:23:0e:bc:0e:bf:b9:33:71:93:
10:2e:5c:97:b8:88:b0:15:27:14:5a:ed:e6:24:62:
e6:29:a9:ee:c1:c3:52:ac:9a:ae:1c:f1:72:e1:05:
2a:99:1d:ac:86:6a:2d:66:0a:ed:00:d7:42:cd:47:
fe:a8:cf:44:7f:d3:2a:5b:81:56:35:b6:4b:6c:bd:
7f:19:47:f9:15:ae:bc:70:62:36:9a:e6:d4:90:0f:
f3:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:33:FD:18:B8:3D:91:EA:CB:FF:4D:04:77:C9:5B:0C:80:FE:E7:1D
X509v3 Authority Key Identifier:
keyid:09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/B95990EC2CC811F1B15075B0DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.16.192.0/24
Signature Algorithm: sha256WithRSAEncryption
5b:dd:72:2e:65:d6:46:2f:70:ae:40:be:02:0d:c1:2f:39:d0:
aa:48:97:5d:9c:1b:29:af:e4:cc:af:e9:b7:69:4a:fa:31:66:
f1:fa:be:0d:d7:fe:2a:f9:bd:f8:0d:ea:ae:30:fa:91:f0:9a:
ca:90:ca:1b:da:99:f8:07:77:ee:91:35:98:f9:cf:0f:bb:ff:
af:87:ce:53:ca:30:61:86:6d:a5:16:f0:18:bc:05:a9:f9:18:
38:fd:03:6a:16:71:1f:25:c5:f1:23:43:59:3c:82:a6:70:54:
a5:6b:fc:4b:ca:25:19:c7:c3:d7:04:3c:a7:16:30:b0:fc:b8:
7d:72:b6:d6:48:5f:7a:4c:fe:c0:39:4a:1b:76:f0:be:a9:d7:
04:6c:83:ed:92:9f:e7:89:21:7c:e8:f0:03:72:3e:65:79:f3:
85:b1:a3:12:c5:f0:93:45:a3:13:8f:a8:01:df:0a:b0:fd:5c:
8b:fd:70:39:2c:8b:29:0b:d6:77:0e:c9:73:d0:7d:09:7a:a4:
0e:74:51:ab:a7:fe:92:6c:e0:cf:66:7c:91:9a:21:64:fe:66:
3e:99:c1:3c:1e:e9:6e:6d:a0:20:f7:ec:eb:8c:24:89:6f:99:
fe:48:10:c7:cc:19:ed:88:53:0f:6e:de:52:5b:0e:11:5a:95:
5c:f6:7a:43
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICHqEwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
ODJCNjVBRjExMC8GA1UEBRMoMDk0MEU2MzgyODMzMzZERTVDOEM1QTQwQTRDMjNC
MzRGM0Y5Q0E1MzAeFw0yNjAzMzEwNjEzMTlaFw0yODAzMzEwNjEzMTlaMBgxFjAU
BgNVBAMTDTY5Y2I2NjA0LWZjNzQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQCUQv6WS/SJWPIO6gyUSoKRlFoNQ8OkjSeyuMdC5ZtBfF1D9Rf4zAAH3tpM
cTJOZrSLLB/CnhrisgjcAQnzAqNZkmTx/rpBn0FqLY+YaGWZxlqjvx7aRS/KCmNy
nnno0vg4n0O8cSkbKjCevzfXY0o/f17mh9htliL0MJP25DCgGICbhgIl3us+zdxZ
f5RG4rhmHlC1OV5eell4aX/tMZm/R0RgDBcf6/R7nSMOvA6/uTNxkxAuXJe4iLAV
JxRa7eYkYuYpqe7Bw1Ksmq4c8XLhBSqZHayGai1mCu0A10LNR/6oz0R/0ypbgVY1
tktsvX8ZR/kVrrxwYjaa5tSQD/MlAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUDDP9
GLg9kerL/00Ed8lbDID+5x0wHwYDVR0jBBgwFoAUCUDmOCgzNt5cjFpApMI7NPP5
ylMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4QUVBMjI4L0NVRG1P
Q2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0NVRG1PQ2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4
QUVBMjI4L0I5NTk5MEVDMkNDODExRjFCMTUwNzVCMERBRTRFQzlDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACaEMAwDQYJKoZIhvcNAQEL
BQADggEBAFvdci5l1kYvcK5AvgINwS850KpIl12cGymv5Myv6bdpSvoxZvH6vg3X
/ir5vfgN6q4w+pHwmsqQyhvamfgHd+6RNZj5zw+7/6+HzlPKMGGGbaUW8Bi8Ban5
GDj9A2oWcR8lxfEjQ1k8gqZwVKVr/EvKJRnHw9cEPKcWMLD8uH1yttZIX3pM/sA5
Sht28L6p1wRsg+2Sn+eJIXzo8ANyPmV584WxoxLF8JNFoxOPqAHfCrD9XIv9cDks
iykL1ncOyXPQfQl6pA50Uaun/pJs4M9mfJGaIWT+Zj6ZwTwe6W5toCD37OuMJIlv
mf5IEMfMGe2IUw9u3lJbDhFalVz2ekM=
-----END CERTIFICATE-----
Generated at Tue Mar 31 13:23:21 2026 by rpki-client