Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/D9DE2CBE4F6511F1AC6820B2CE1D38B0.roa
File: D9DE2CBE4F6511F1AC6820B2CE1D38B0.roa (raw, json)
Hash identifier: Rcs8PwstMMpIoawKdx/DKwBI02qoh4SUN/bjlG3vNZ0=
Subject key identifier: 08:A9:11:28:40:63:14:5A:C8:39:5E:3B:D7:69:02:2C:64:B6:EE:75
Certificate issuer: /CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Certificate serial: 1F36
Authority key identifier: 09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/D9DE2CBE4F6511F1AC6820B2CE1D38B0.roa
Signing time: Thu 14 May 2026 07:23:49 +0000
ROA not before: Thu 14 May 2026 07:23:45 +0000
ROA not after: Sun 14 May 2028 07:23:45 +0000
asID: 396356
IP address blocks: 154.16.1.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.mft
rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 16 May 2026 00:07:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7990 (0x1f36)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3682B65AF, serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Validity
Not Before: May 14 07:23:45 2026 GMT
Not After : May 14 07:23:45 2028 GMT
Subject: CN=6a057885-07e7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:d6:20:8e:9b:46:6a:84:ff:d7:7f:d1:73:cb:
86:af:48:36:db:c9:63:d6:4b:fb:d9:ea:41:16:e2:
c8:2e:1f:7a:91:b4:58:c1:ae:f3:4e:c2:20:ce:a8:
0d:50:67:37:bc:7c:2a:fa:b6:e2:e2:41:b9:2c:7e:
f8:14:6e:5a:88:c1:b8:d2:49:f6:f8:c5:84:03:4c:
8d:1d:47:34:86:61:16:7e:63:08:c7:c4:7a:c7:57:
98:2f:a9:57:9d:e1:37:fd:73:40:7b:49:57:bc:eb:
87:30:56:d1:aa:20:cb:3d:6c:29:5c:cf:48:37:d6:
02:4a:c6:93:a7:ab:56:40:25:e5:e1:c6:c0:6b:19:
e7:07:52:ae:b3:29:76:bf:32:e2:b1:93:dc:95:9f:
38:d1:2a:35:4e:e2:1a:4b:be:0f:f6:93:eb:d6:5c:
17:8e:55:15:87:c0:ad:45:66:ba:b3:d4:db:8f:7d:
e2:b7:79:9b:60:cb:11:93:bf:46:e4:7a:61:35:4c:
ad:80:e6:7a:91:2c:72:e2:8d:e9:16:f8:4c:c1:14:
5e:d1:29:9b:76:02:a6:14:02:4e:49:bc:5a:03:d0:
47:b6:44:86:36:42:1c:73:a6:39:1d:b4:88:c9:cd:
08:17:2b:c4:d6:ee:45:50:06:98:8e:5b:50:1a:80:
1e:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:A9:11:28:40:63:14:5A:C8:39:5E:3B:D7:69:02:2C:64:B6:EE:75
X509v3 Authority Key Identifier:
keyid:09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/D9DE2CBE4F6511F1AC6820B2CE1D38B0.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.16.1.0/24
Signature Algorithm: sha256WithRSAEncryption
5d:d6:4e:39:87:8e:da:32:5e:0d:21:2f:b3:6e:e4:b2:71:7c:
7f:22:b1:49:11:05:58:e8:07:81:2c:48:3a:09:13:0d:04:76:
7e:87:bc:7a:d7:92:cc:db:47:9c:0a:af:09:9f:c3:35:4b:af:
93:ce:17:0d:b8:27:31:2e:32:b1:fd:d9:ef:e3:d5:6c:8b:44:
9d:41:43:b7:47:81:93:b3:37:4d:0f:d2:67:5e:1b:8a:3a:7d:
82:fd:9e:b2:1a:6f:42:b0:f0:66:02:77:77:0f:88:64:1c:64:
c8:e6:1b:8c:f9:da:ca:06:a7:36:e2:86:16:3e:7f:55:ca:b8:
6f:a9:ef:aa:b2:6a:12:2b:40:36:51:96:2f:56:21:f7:7e:19:
14:3f:cf:4e:2d:94:98:58:2e:2a:f6:9f:d5:03:39:4a:5a:0c:
6a:38:54:62:ef:b5:41:9a:83:95:46:4e:74:15:8a:87:db:cc:
eb:cb:36:3e:bd:18:38:b8:4d:63:21:5e:ed:45:20:cd:6c:1a:
59:40:8b:c5:61:d3:15:9e:41:e5:fc:a2:5b:16:49:3f:cc:0f:
5b:50:e4:4f:14:01:16:b8:b5:98:cb:4e:f3:bd:73:1f:28:64:
79:10:f9:07:da:c9:6c:48:d0:a6:14:7f:52:fe:d0:36:d8:05:
ea:ac:4b:f8
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICHzYwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
ODJCNjVBRjExMC8GA1UEBRMoMDk0MEU2MzgyODMzMzZERTVDOEM1QTQwQTRDMjNC
MzRGM0Y5Q0E1MzAeFw0yNjA1MTQwNzIzNDVaFw0yODA1MTQwNzIzNDVaMBgxFjAU
BgNVBAMTDTZhMDU3ODg1LTA3ZTcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDL1iCOm0ZqhP/Xf9Fzy4avSDbbyWPWS/vZ6kEW4sguH3qRtFjBrvNOwiDO
qA1QZze8fCr6tuLiQbksfvgUblqIwbjSSfb4xYQDTI0dRzSGYRZ+YwjHxHrHV5gv
qVed4Tf9c0B7SVe864cwVtGqIMs9bClcz0g31gJKxpOnq1ZAJeXhxsBrGecHUq6z
KXa/MuKxk9yVnzjRKjVO4hpLvg/2k+vWXBeOVRWHwK1FZrqz1NuPfeK3eZtgyxGT
v0bkemE1TK2A5nqRLHLijekW+EzBFF7RKZt2AqYUAk5JvFoD0Ee2RIY2Qhxzpjkd
tIjJzQgXK8TW7kVQBpiOW1AagB7VAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUCKkR
KEBjFFrIOV4712kCLGS27nUwHwYDVR0jBBgwFoAUCUDmOCgzNt5cjFpApMI7NPP5
ylMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4QUVBMjI4L0NVRG1P
Q2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0NVRG1PQ2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4
QUVBMjI4L0Q5REUyQ0JFNEY2NTExRjFBQzY4MjBCMkNFMUQzOEIwLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACaEAEwDQYJKoZIhvcNAQEL
BQADggEBAF3WTjmHjtoyXg0hL7Nu5LJxfH8isUkRBVjoB4EsSDoJEw0Edn6HvHrX
kszbR5wKrwmfwzVLr5POFw24JzEuMrH92e/j1WyLRJ1BQ7dHgZOzN00P0mdeG4o6
fYL9nrIab0Kw8GYCd3cPiGQcZMjmG4z52soGpzbihhY+f1XKuG+p76qyahIrQDZR
li9WIfd+GRQ/z04tlJhYLir2n9UDOUpaDGo4VGLvtUGag5VGTnQViofbzOvLNj69
GDi4TWMhXu1FIM1sGllAi8Vh0xWeQeX8olsWST/MD1tQ5E8UARa4tZjLTvO9cx8o
ZHkQ+QfayWxI0KYUf1L+0DbYBeqsS/g=
-----END CERTIFICATE-----
Generated at Thu May 14 18:37:18 2026 by rpki-client