Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/D9CBF0E458D911F1AB9F0EC1CE1D38B0.roa
File: D9CBF0E458D911F1AB9F0EC1CE1D38B0.roa (raw, json)
Hash identifier: TkKWmDvxHtoTiPwXRMNUmViLINIi3DKg3rIpVtP7mfI=
Subject key identifier: D8:88:DF:95:15:0C:DA:AF:F4:2A:91:A5:6E:B0:A6:4E:DB:02:0E:06
Certificate issuer: /CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Certificate serial: 1F6F
Authority key identifier: 09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/D9CBF0E458D911F1AB9F0EC1CE1D38B0.roa
Signing time: Tue 26 May 2026 08:06:51 +0000
ROA not before: Tue 26 May 2026 08:06:47 +0000
ROA not after: Fri 26 May 2028 08:06:47 +0000
asID: 13213
IP address blocks: 154.16.8.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.mft
rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 29 May 2026 00:07:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 8047 (0x1f6f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3682B65AF, serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Validity
Not Before: May 26 08:06:47 2026 GMT
Not After : May 26 08:06:47 2028 GMT
Subject: CN=6a15549b-6632
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:6a:26:84:52:ff:d3:c8:16:59:14:c6:e2:ad:
69:07:85:e3:71:61:8b:26:11:9c:81:08:01:66:91:
10:18:e6:4b:b7:ed:d2:07:bd:42:c2:19:eb:4a:5a:
0b:52:4e:66:a8:89:6d:59:fc:c4:3f:92:66:29:ba:
07:c5:32:51:07:d3:c2:50:ff:09:73:66:bc:2b:bb:
09:e4:c7:b4:da:21:cc:77:0b:e5:fe:6e:20:56:cb:
ae:e2:4d:68:f9:d3:5d:b4:94:cb:ba:7a:4a:28:3f:
9c:a8:de:01:74:55:ec:f5:06:ca:14:70:36:f6:78:
cb:1e:0c:d5:c1:1e:cd:37:ea:1d:67:6a:00:4b:da:
d2:fb:fb:e2:56:9b:66:de:00:f2:58:c8:7b:0f:c1:
56:6b:3a:f8:cf:b6:96:a4:16:51:41:05:ed:4c:13:
db:21:e9:61:6b:a8:0b:9e:80:7e:8e:4b:f7:f9:55:
29:86:68:df:db:5d:42:b1:1e:86:5e:73:19:09:c3:
e7:75:62:79:44:61:ca:95:a9:f3:12:ee:5f:85:58:
d8:77:e8:f7:2b:95:f0:33:42:ce:63:75:de:2c:9b:
cf:f6:64:ab:ee:93:49:81:61:a9:12:ca:4d:f5:28:
c7:42:77:b4:72:49:ec:bd:78:04:94:54:ee:b1:bf:
5f:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:88:DF:95:15:0C:DA:AF:F4:2A:91:A5:6E:B0:A6:4E:DB:02:0E:06
X509v3 Authority Key Identifier:
keyid:09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/D9CBF0E458D911F1AB9F0EC1CE1D38B0.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.16.8.0/24
Signature Algorithm: sha256WithRSAEncryption
03:79:0b:62:a4:ab:f2:85:f1:f9:02:4d:c8:0d:60:7c:5d:0f:
f8:5d:a8:dd:86:98:1f:f8:56:2e:f6:09:d2:3a:de:0b:58:48:
a1:9d:f4:d3:a8:30:95:d8:97:9e:31:07:b0:7b:7b:2b:e7:b8:
e7:16:3d:ca:c0:12:d5:5f:8e:31:ea:79:32:8c:2f:01:35:91:
e5:73:ef:cc:4d:39:21:ba:1f:33:23:d4:a6:50:5e:10:d1:b1:
b7:dd:2a:52:0c:a9:c0:08:fc:1c:15:a9:53:a2:db:18:56:73:
a6:d0:fd:4b:9c:ac:54:23:e6:ff:d5:2c:9b:12:fa:c1:b8:04:
a7:6c:bd:1c:4f:fd:ac:f9:67:d0:17:e6:72:ed:bc:bc:76:59:
b5:99:4e:96:1c:b3:36:32:2c:e3:91:4d:72:12:9d:ad:31:c7:
38:4d:03:d5:99:50:71:cf:25:96:0c:51:39:83:98:41:56:9d:
5f:20:40:9e:93:fc:06:22:3c:c2:81:9f:ed:80:0b:47:6e:e6:
ee:94:d0:c6:a2:a1:a7:85:fc:7e:00:d8:07:37:42:d5:96:ae:
c5:01:40:31:9c:dc:59:28:20:23:e8:90:87:e5:df:e6:40:a4:
68:d8:c4:d8:b7:d1:87:b4:ea:12:78:ee:0c:ed:ed:e9:ef:8d:
a4:49:b8:41
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICH28wDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
ODJCNjVBRjExMC8GA1UEBRMoMDk0MEU2MzgyODMzMzZERTVDOEM1QTQwQTRDMjNC
MzRGM0Y5Q0E1MzAeFw0yNjA1MjYwODA2NDdaFw0yODA1MjYwODA2NDdaMBgxFjAU
BgNVBAMTDTZhMTU1NDliLTY2MzIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQCwaiaEUv/TyBZZFMbirWkHheNxYYsmEZyBCAFmkRAY5ku37dIHvULCGetK
WgtSTmaoiW1Z/MQ/kmYpugfFMlEH08JQ/wlzZrwruwnkx7TaIcx3C+X+biBWy67i
TWj50120lMu6ekooP5yo3gF0Vez1BsoUcDb2eMseDNXBHs036h1nagBL2tL7++JW
m2beAPJYyHsPwVZrOvjPtpakFlFBBe1ME9sh6WFrqAuegH6OS/f5VSmGaN/bXUKx
HoZecxkJw+d1YnlEYcqVqfMS7l+FWNh36PcrlfAzQs5jdd4sm8/2ZKvuk0mBYakS
yk31KMdCd7RySey9eASUVO6xv1/JAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQU2Ijf
lRUM2q/0KpGlbrCmTtsCDgYwHwYDVR0jBBgwFoAUCUDmOCgzNt5cjFpApMI7NPP5
ylMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4QUVBMjI4L0NVRG1P
Q2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0NVRG1PQ2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4
QUVBMjI4L0Q5Q0JGMEU0NThEOTExRjFBQjlGMEVDMUNFMUQzOEIwLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACaEAgwDQYJKoZIhvcNAQEL
BQADggEBAAN5C2Kkq/KF8fkCTcgNYHxdD/hdqN2GmB/4Vi72CdI63gtYSKGd9NOo
MJXYl54xB7B7eyvnuOcWPcrAEtVfjjHqeTKMLwE1keVz78xNOSG6HzMj1KZQXhDR
sbfdKlIMqcAI/BwVqVOi2xhWc6bQ/UucrFQj5v/VLJsS+sG4BKdsvRxP/az5Z9AX
5nLtvLx2WbWZTpYcszYyLOORTXISna0xxzhNA9WZUHHPJZYMUTmDmEFWnV8gQJ6T
/AYiPMKBn+2AC0du5u6U0MaioaeF/H4A2Ac3QtWWrsUBQDGc3FkoICPokIfl3+ZA
pGjYxNi30Ye06hJ47gzt7envjaRJuEE=
-----END CERTIFICATE-----
Generated at Wed May 27 18:16:30 2026 by rpki-client