Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/429FF2DC121C11F1B8D293E3DAE4EC9C.roa
File: 429FF2DC121C11F1B8D293E3DAE4EC9C.roa (raw, json)
Hash identifier: XQ/fJqTWpnQEGeROSRC8ZmtcDuE+cyVqQbB5+2mxYAs=
Subject key identifier: 25:EF:12:32:DB:13:95:6B:37:CE:CF:D9:36:A9:AA:A0:F0:68:DF:DD
Certificate issuer: /CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Certificate serial: 1E29
Authority key identifier: 09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/429FF2DC121C11F1B8D293E3DAE4EC9C.roa
Signing time: Wed 25 Feb 2026 07:33:21 +0000
ROA not before: Wed 25 Feb 2026 07:33:16 +0000
ROA not after: Fri 25 Feb 2028 07:33:16 +0000
asID: 201341
IP address blocks: 154.16.90.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.mft
rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 03 Mar 2026 00:07:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7721 (0x1e29)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3682B65AF, serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Validity
Not Before: Feb 25 07:33:16 2026 GMT
Not After : Feb 25 07:33:16 2028 GMT
Subject: CN=699ea5c1-ca56
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:f9:92:e2:4f:0c:1e:04:8d:cf:53:61:25:15:
d7:10:87:65:76:7e:2b:3e:d6:c1:c8:24:cd:f2:9b:
8b:4c:fe:99:c2:da:5a:d2:45:f1:bb:67:20:12:12:
9a:75:5e:0f:cf:40:80:59:0a:68:d9:f5:77:13:74:
ff:42:af:cd:4e:a0:48:ed:5a:b0:c2:8d:d5:86:03:
67:40:52:e4:af:d4:cf:b6:77:c2:3d:4c:a9:73:b5:
f0:20:a3:74:6d:f0:09:c9:da:6f:d3:fc:42:01:68:
e7:bf:60:f8:5b:dc:f0:96:66:9d:bb:12:66:a9:3e:
db:31:35:61:21:93:96:6f:c1:4d:07:12:c9:9d:5e:
14:d3:a2:6a:6b:67:b8:c9:be:94:f6:8c:02:d3:d9:
99:88:a3:40:0c:2d:47:a6:39:2f:37:a6:d9:39:77:
a0:b8:1a:79:89:21:8e:aa:95:6d:78:4f:31:e0:32:
bd:35:23:ff:01:9c:27:7a:93:5a:31:60:2c:5b:f3:
89:c4:09:9b:8f:f6:1c:38:9d:dd:54:de:bc:78:4d:
bb:5d:fe:1c:e3:66:bd:74:f2:84:63:25:a1:d1:c4:
d8:ea:e4:16:6d:a7:2e:2c:c7:d1:78:37:39:51:a7:
23:09:9e:75:b6:2d:85:7c:be:31:56:48:3f:78:20:
94:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:EF:12:32:DB:13:95:6B:37:CE:CF:D9:36:A9:AA:A0:F0:68:DF:DD
X509v3 Authority Key Identifier:
keyid:09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/429FF2DC121C11F1B8D293E3DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.16.90.0/24
Signature Algorithm: sha256WithRSAEncryption
78:68:82:0f:9d:e4:0a:59:0f:60:c9:1e:03:30:05:c1:45:a4:
3b:68:e9:45:94:58:64:23:76:76:77:8b:f9:7e:84:68:e0:87:
4c:ae:9b:e7:94:01:23:2a:24:31:d0:28:86:fe:4f:74:a5:46:
51:9a:46:8a:94:06:74:73:9c:d2:f0:a9:8f:bf:a1:ef:8c:d0:
45:d8:f0:42:6e:fd:22:b6:b2:e3:a9:9b:b6:12:6c:4f:3d:06:
a8:bc:c9:61:ff:b1:b1:8b:1b:1b:19:6b:43:86:e4:51:af:36:
dd:1c:89:c3:ee:bb:72:22:0c:69:72:77:26:75:98:a7:b7:3e:
d5:6d:4d:d4:e0:7d:a4:34:4b:34:8b:4b:ab:b6:2f:29:92:15:
72:1d:45:31:a6:2e:33:9f:ce:71:fb:74:66:fa:15:60:b9:3d:
a0:1f:24:5c:2b:b1:01:a3:74:e1:5f:e3:6d:c4:6d:9a:ee:0a:
7e:d0:6a:07:23:b5:b1:62:34:a2:94:fc:7e:04:18:f4:02:97:
93:5f:2d:10:66:72:b8:dc:3f:26:09:96:93:5d:a9:3b:f2:b2:
d8:3d:4a:2f:fc:89:45:8e:93:24:17:98:45:54:fb:0f:71:98:
51:4b:d9:2a:24:f4:c5:4f:9a:a5:7e:35:2d:87:a6:3f:0c:68:
22:05:bf:fe
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICHikwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
ODJCNjVBRjExMC8GA1UEBRMoMDk0MEU2MzgyODMzMzZERTVDOEM1QTQwQTRDMjNC
MzRGM0Y5Q0E1MzAeFw0yNjAyMjUwNzMzMTZaFw0yODAyMjUwNzMzMTZaMBgxFjAU
BgNVBAMTDTY5OWVhNWMxLWNhNTYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDD+ZLiTwweBI3PU2ElFdcQh2V2fis+1sHIJM3ym4tM/pnC2lrSRfG7ZyAS
Epp1Xg/PQIBZCmjZ9XcTdP9Cr81OoEjtWrDCjdWGA2dAUuSv1M+2d8I9TKlztfAg
o3Rt8AnJ2m/T/EIBaOe/YPhb3PCWZp27EmapPtsxNWEhk5ZvwU0HEsmdXhTTompr
Z7jJvpT2jALT2ZmIo0AMLUemOS83ptk5d6C4GnmJIY6qlW14TzHgMr01I/8BnCd6
k1oxYCxb84nECZuP9hw4nd1U3rx4Tbtd/hzjZr108oRjJaHRxNjq5BZtpy4sx9F4
NzlRpyMJnnW2LYV8vjFWSD94IJS1AgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUJe8S
MtsTlWs3zs/ZNqmqoPBo390wHwYDVR0jBBgwFoAUCUDmOCgzNt5cjFpApMI7NPP5
ylMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4QUVBMjI4L0NVRG1P
Q2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0NVRG1PQ2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4
QUVBMjI4LzQyOUZGMkRDMTIxQzExRjFCOEQyOTNFM0RBRTRFQzlDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACaEFowDQYJKoZIhvcNAQEL
BQADggEBAHhogg+d5ApZD2DJHgMwBcFFpDto6UWUWGQjdnZ3i/l+hGjgh0yum+eU
ASMqJDHQKIb+T3SlRlGaRoqUBnRznNLwqY+/oe+M0EXY8EJu/SK2suOpm7YSbE89
Bqi8yWH/sbGLGxsZa0OG5FGvNt0cicPuu3IiDGlydyZ1mKe3PtVtTdTgfaQ0SzSL
S6u2LymSFXIdRTGmLjOfznH7dGb6FWC5PaAfJFwrsQGjdOFf423EbZruCn7Qagcj
tbFiNKKU/H4EGPQCl5NfLRBmcrjcPyYJlpNdqTvystg9Si/8iUWOkyQXmEVU+w9x
mFFL2Sok9MVPmqV+NS2Hpj8MaCIFv/4=
-----END CERTIFICATE-----
Generated at Sun Mar 1 20:36:04 2026 by rpki-client