Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/D1DB9F8C494411F19ED99CE4CE1D38B0.roa
File: D1DB9F8C494411F19ED99CE4CE1D38B0.roa (raw, json)
Hash identifier: TGFCqR4lI4acrfBI775BQ0yx+ozUjPWglQnR7O3vDzw=
Subject key identifier: 51:15:FD:BE:1F:93:1D:27:D0:5F:42:D8:2B:64:84:B7:D6:4F:49:36
Certificate issuer: /CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Certificate serial: 1F10
Authority key identifier: 09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/D1DB9F8C494411F19ED99CE4CE1D38B0.roa
Signing time: Wed 06 May 2026 12:12:15 +0000
ROA not before: Wed 06 May 2026 12:12:10 +0000
ROA not after: Sat 06 May 2028 12:12:10 +0000
asID: 396356
IP address blocks: 154.16.8.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.mft
rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 11 May 2026 00:07:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7952 (0x1f10)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3682B65AF, serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Validity
Not Before: May 6 12:12:10 2026 GMT
Not After : May 6 12:12:10 2028 GMT
Subject: CN=69fb301f-6ff0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:53:4c:27:8b:bd:95:3d:cb:13:e9:99:0c:ff:
5f:63:ab:db:3f:19:93:dd:0f:39:b4:79:bc:f6:98:
02:b9:8f:af:6f:e1:7a:09:17:fc:68:2d:c5:c9:0c:
cc:c7:32:70:ca:bd:bc:87:f6:e7:ce:a5:e8:d8:dc:
3e:f2:0a:af:0a:24:58:ba:e1:8b:0c:d5:61:61:c5:
5f:7e:50:2a:42:f0:1b:8f:3b:ea:a3:5f:8a:44:cd:
5d:58:80:47:2d:56:5f:28:3e:b9:f9:83:04:b4:9f:
bd:f5:28:93:04:b7:a7:85:89:97:4b:fb:b9:cf:f6:
63:5c:8f:52:22:46:52:49:65:3b:c3:ea:32:56:99:
30:b2:69:9b:24:94:da:8e:0a:22:9b:a3:8a:4a:b2:
f1:36:bc:80:81:83:5b:15:e5:c7:1d:6e:c0:a5:53:
60:5c:b4:ec:41:34:f9:a2:e0:cc:4f:44:ce:4c:88:
a0:24:65:ad:6b:ef:03:d8:f5:0c:ad:ef:78:df:32:
e6:1f:af:e3:cf:7a:ea:45:06:4b:44:45:48:b7:c8:
31:c8:70:a9:a1:6e:ff:69:c1:43:d2:9f:b0:0e:88:
7a:e4:96:4c:f8:b5:e5:6a:2a:87:89:87:48:1f:ed:
81:d6:4a:65:d5:81:2e:cf:bc:11:dd:99:81:06:fe:
87:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:15:FD:BE:1F:93:1D:27:D0:5F:42:D8:2B:64:84:B7:D6:4F:49:36
X509v3 Authority Key Identifier:
keyid:09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/D1DB9F8C494411F19ED99CE4CE1D38B0.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.16.8.0/24
Signature Algorithm: sha256WithRSAEncryption
6c:79:e7:9d:41:1a:be:c1:48:bd:f6:2b:9b:f0:61:e1:7d:8f:
16:cb:92:91:0f:db:6f:f8:8b:d1:cf:c5:3d:64:5e:1c:5c:b1:
2e:43:11:0e:ad:99:25:eb:cb:bc:aa:ff:70:80:22:a3:68:e3:
7c:87:95:ea:89:6f:85:d2:73:ae:0d:89:77:53:a1:fb:b0:7d:
2b:be:59:94:43:d2:77:e3:54:9d:eb:cf:51:b6:a5:b9:02:9d:
0a:89:9c:34:96:74:26:2e:47:96:36:b0:ef:b9:54:ce:5c:8b:
4f:40:7a:8c:7f:21:a0:30:7b:3a:2d:db:ef:56:3b:ec:0b:a0:
72:90:8d:b1:81:e4:a5:9a:08:8b:0e:80:05:b0:c2:84:90:49:
38:f6:f0:4f:2d:9f:1a:97:5c:54:5a:44:2e:e5:15:92:8a:af:
6a:8a:98:22:61:cb:ac:ee:ea:c4:dd:ab:3d:61:ad:2d:e2:bf:
31:40:c6:51:df:58:00:74:64:43:34:72:76:aa:a0:33:f7:2e:
fb:bc:5e:f2:dd:37:07:d2:7b:ab:3d:5e:01:00:45:94:97:e6:
fc:9b:dd:5b:fd:7d:3c:22:66:38:df:c0:32:9a:53:56:c3:b3:
fd:b0:7a:7c:92:c5:aa:14:4d:11:c5:71:e9:d3:1f:d8:41:46:
24:bd:c3:b4
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICHxAwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
ODJCNjVBRjExMC8GA1UEBRMoMDk0MEU2MzgyODMzMzZERTVDOEM1QTQwQTRDMjNC
MzRGM0Y5Q0E1MzAeFw0yNjA1MDYxMjEyMTBaFw0yODA1MDYxMjEyMTBaMBgxFjAU
BgNVBAMTDTY5ZmIzMDFmLTZmZjAwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQCuU0wni72VPcsT6ZkM/19jq9s/GZPdDzm0ebz2mAK5j69v4XoJF/xoLcXJ
DMzHMnDKvbyH9ufOpejY3D7yCq8KJFi64YsM1WFhxV9+UCpC8BuPO+qjX4pEzV1Y
gEctVl8oPrn5gwS0n731KJMEt6eFiZdL+7nP9mNcj1IiRlJJZTvD6jJWmTCyaZsk
lNqOCiKbo4pKsvE2vICBg1sV5ccdbsClU2BctOxBNPmi4MxPRM5MiKAkZa1r7wPY
9Qyt73jfMuYfr+PPeupFBktERUi3yDHIcKmhbv9pwUPSn7AOiHrklkz4teVqKoeJ
h0gf7YHWSmXVgS7PvBHdmYEG/ofhAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUURX9
vh+THSfQX0LYK2SEt9ZPSTYwHwYDVR0jBBgwFoAUCUDmOCgzNt5cjFpApMI7NPP5
ylMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4QUVBMjI4L0NVRG1P
Q2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0NVRG1PQ2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4
QUVBMjI4L0QxREI5RjhDNDk0NDExRjE5RUQ5OUNFNENFMUQzOEIwLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACaEAgwDQYJKoZIhvcNAQEL
BQADggEBAGx5551BGr7BSL32K5vwYeF9jxbLkpEP22/4i9HPxT1kXhxcsS5DEQ6t
mSXry7yq/3CAIqNo43yHleqJb4XSc64NiXdTofuwfSu+WZRD0nfjVJ3rz1G2pbkC
nQqJnDSWdCYuR5Y2sO+5VM5ci09Aeox/IaAwezot2+9WO+wLoHKQjbGB5KWaCIsO
gAWwwoSQSTj28E8tnxqXXFRaRC7lFZKKr2qKmCJhy6zu6sTdqz1hrS3ivzFAxlHf
WAB0ZEM0cnaqoDP3Lvu8XvLdNwfSe6s9XgEARZSX5vyb3Vv9fTwiZjjfwDKaU1bD
s/2wenySxaoUTRHFcenTH9hBRiS9w7Q=
-----END CERTIFICATE-----
Generated at Sat May 9 04:54:35 2026 by rpki-client