Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/D1FE68CC58DB11F1975835CDCE1D38B0.roa
File: D1FE68CC58DB11F1975835CDCE1D38B0.roa (raw, json)
Hash identifier: /7tTl2/c9kLGoQZ7+/eks/9/XCCuIFQwx7Sm1EUuFuo=
Subject key identifier: 8B:10:39:21:18:3C:A3:D2:47:38:D9:87:CB:F8:8F:64:8E:18:95:44
Certificate issuer: /CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Certificate serial: 1F72
Authority key identifier: 09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/D1FE68CC58DB11F1975835CDCE1D38B0.roa
Signing time: Tue 26 May 2026 08:20:57 +0000
ROA not before: Tue 26 May 2026 08:20:52 +0000
ROA not after: Fri 26 May 2028 08:20:52 +0000
asID: 396356
IP address blocks: 154.16.217.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.mft
rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 29 May 2026 00:07:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 8050 (0x1f72)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3682B65AF, serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Validity
Not Before: May 26 08:20:52 2026 GMT
Not After : May 26 08:20:52 2028 GMT
Subject: CN=6a1557e9-c9c6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:1f:1e:13:b3:a7:64:3f:e0:45:9b:c6:37:32:
c9:ce:4f:a3:f4:87:56:36:ba:fe:6f:d4:92:22:10:
54:8a:f4:cf:ed:6c:ce:68:c4:f8:b8:26:6b:dd:d5:
24:22:92:f1:73:7e:7b:00:4c:cd:9d:30:87:7b:24:
98:23:9f:05:7e:b9:9d:b0:5e:5f:39:22:7f:6f:dc:
22:95:b9:95:54:2a:8b:31:1c:ac:0e:30:af:21:5a:
02:9c:3d:f2:33:4d:cd:77:8e:5b:32:81:9f:25:c8:
f1:55:98:4e:2e:9d:80:21:c2:ce:bf:49:6c:ab:7d:
c4:06:e3:dc:54:14:0c:02:2c:52:27:68:0a:e0:d7:
1b:fa:57:63:ec:97:c7:94:42:85:06:ac:14:d9:01:
39:4b:fd:ca:a3:86:8c:75:f0:cd:70:fb:97:4b:94:
ad:e1:74:21:37:44:f7:bf:fd:56:55:cf:8c:e0:ab:
dc:b8:6e:08:b6:7f:3a:98:e6:c0:be:65:29:e6:3b:
1f:64:4f:9c:b4:16:52:fe:cb:0c:6b:d0:72:8f:cd:
e7:69:8c:97:a3:c5:5d:44:08:7e:df:9c:12:cc:8b:
be:f3:69:ea:7a:d9:41:dd:3a:a9:83:71:3b:31:90:
96:66:24:36:70:80:10:87:08:9e:00:47:66:48:94:
c3:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:10:39:21:18:3C:A3:D2:47:38:D9:87:CB:F8:8F:64:8E:18:95:44
X509v3 Authority Key Identifier:
keyid:09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/D1FE68CC58DB11F1975835CDCE1D38B0.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.16.217.0/24
Signature Algorithm: sha256WithRSAEncryption
70:63:dd:8f:cd:82:17:7d:97:60:49:ef:b0:a6:15:87:68:82:
12:0e:99:e8:3e:c7:db:6e:5f:7d:80:6d:18:7a:00:c0:29:3d:
b3:02:58:ec:5e:0f:2e:b5:67:70:b7:5a:2c:c0:84:64:34:86:
b3:25:76:91:db:14:2f:b8:e1:ce:b5:01:7a:2f:b9:ad:ed:4d:
ab:79:8f:a6:84:76:99:ce:82:27:54:fb:fe:c2:2c:24:30:24:
5a:90:0f:15:d0:b0:88:7d:fa:e2:14:13:e6:21:09:73:c3:85:
86:e7:ff:df:74:c5:c9:c0:b6:b4:c4:a6:8b:c0:8e:5f:80:f8:
4c:3c:30:d4:b8:0c:e1:ba:14:60:15:49:19:26:08:92:be:a4:
89:d4:cb:fb:c4:b7:83:13:a1:cd:42:ef:09:23:5a:26:7f:7f:
7e:ed:58:83:ad:b9:c1:45:ae:0b:cf:da:80:77:85:e7:76:c0:
8c:86:c4:07:00:fc:7b:d6:5d:aa:82:e9:d6:45:d2:09:b1:2a:
d4:37:21:4c:60:c1:05:39:7d:7f:7c:aa:04:92:b3:37:10:86:
b1:85:23:db:e7:fb:9d:a8:99:b1:53:3b:2f:ce:ec:29:80:9b:
94:14:a7:82:e9:41:d9:4f:3d:1d:d9:ea:f9:e4:4f:03:b5:88:
8f:e9:9d:50
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICH3IwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
ODJCNjVBRjExMC8GA1UEBRMoMDk0MEU2MzgyODMzMzZERTVDOEM1QTQwQTRDMjNC
MzRGM0Y5Q0E1MzAeFw0yNjA1MjYwODIwNTJaFw0yODA1MjYwODIwNTJaMBgxFjAU
BgNVBAMTDTZhMTU1N2U5LWM5YzYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDBHx4Ts6dkP+BFm8Y3MsnOT6P0h1Y2uv5v1JIiEFSK9M/tbM5oxPi4Jmvd
1SQikvFzfnsATM2dMId7JJgjnwV+uZ2wXl85In9v3CKVuZVUKosxHKwOMK8hWgKc
PfIzTc13jlsygZ8lyPFVmE4unYAhws6/SWyrfcQG49xUFAwCLFInaArg1xv6V2Ps
l8eUQoUGrBTZATlL/cqjhox18M1w+5dLlK3hdCE3RPe//VZVz4zgq9y4bgi2fzqY
5sC+ZSnmOx9kT5y0FlL+ywxr0HKPzedpjJejxV1ECH7fnBLMi77zaep62UHdOqmD
cTsxkJZmJDZwgBCHCJ4AR2ZIlMOhAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUixA5
IRg8o9JHONmHy/iPZI4YlUQwHwYDVR0jBBgwFoAUCUDmOCgzNt5cjFpApMI7NPP5
ylMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4QUVBMjI4L0NVRG1P
Q2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0NVRG1PQ2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4
QUVBMjI4L0QxRkU2OENDNThEQjExRjE5NzU4MzVDRENFMUQzOEIwLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACaENkwDQYJKoZIhvcNAQEL
BQADggEBAHBj3Y/Nghd9l2BJ77CmFYdoghIOmeg+x9tuX32AbRh6AMApPbMCWOxe
Dy61Z3C3WizAhGQ0hrMldpHbFC+44c61AXovua3tTat5j6aEdpnOgidU+/7CLCQw
JFqQDxXQsIh9+uIUE+YhCXPDhYbn/990xcnAtrTEpovAjl+A+Ew8MNS4DOG6FGAV
SRkmCJK+pInUy/vEt4MToc1C7wkjWiZ/f37tWIOtucFFrgvP2oB3hed2wIyGxAcA
/HvWXaqC6dZF0gmxKtQ3IUxgwQU5fX98qgSSszcQhrGFI9vn+52ombFTOy/O7CmA
m5QUp4LpQdlPPR3Z6vnkTwO1iI/pnVA=
-----END CERTIFICATE-----
Generated at Wed May 27 18:16:10 2026 by rpki-client