Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/0CB3018C69B011F1935FD904CF1D38B0.roa
File: 0CB3018C69B011F1935FD904CF1D38B0.roa (raw, json)
Hash identifier: m3ZpVtkjShBsEWkuLfQ6C2BEhCIfEOkHS2kiy7CzHis=
Subject key identifier: 4E:75:F1:A8:3D:42:A2:7E:87:D3:94:B5:A8:3E:DE:94:2B:34:F1:FD
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01D37F
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/0CB3018C69B011F1935FD904CF1D38B0.roa
Signing time: Tue 16 Jun 2026 18:20:28 +0000
ROA not before: Tue 16 Jun 2026 18:20:23 +0000
ROA not after: Thu 23 Jul 2026 18:20:23 +0000
asID: 200758
IP address blocks: 154.222.8.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Thu 25 Jun 2026 14:14:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 119679 (0x1d37f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jun 16 18:20:23 2026 GMT
Not After : Jul 23 18:20:23 2026 GMT
Subject: CN=6a3193eb-8957
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:0e:6c:ae:dd:cd:ba:fc:70:17:77:3d:27:86:
19:0d:85:f8:5c:d9:82:0c:74:08:2a:c6:ee:03:44:
27:6d:16:ac:b8:b8:21:07:db:2a:66:cc:f9:bd:53:
4e:12:af:64:86:ed:7f:94:1e:eb:70:57:0d:d2:aa:
7c:96:f2:5b:07:7c:f0:da:cc:22:02:83:0b:74:8d:
5d:ef:d8:d7:34:5d:72:9c:6a:8d:a6:a6:ec:ec:d9:
36:3f:b7:ed:a3:6c:5a:fb:9a:28:40:08:bd:1d:70:
82:e3:72:e9:9c:59:3d:44:be:32:11:40:8b:ae:9e:
16:6a:8f:68:48:6d:33:a5:aa:6f:7c:0e:90:d8:44:
0f:a1:46:62:e3:c8:90:12:8c:28:36:40:e1:94:15:
6e:e3:a4:98:ab:ca:d4:69:b4:cf:4b:d9:81:dd:9b:
74:42:56:af:f4:b8:35:39:ee:d3:35:15:e2:08:08:
8d:29:e8:dc:fa:f8:62:cb:1d:70:64:ee:b0:47:53:
c6:30:c0:6c:f3:fe:18:40:72:1c:8c:74:8a:99:d6:
bb:fe:4d:46:17:5e:a6:63:f8:c0:df:db:f9:f0:4c:
f7:58:24:4e:8f:b0:bc:9f:ea:99:6e:63:be:41:cc:
49:7e:56:d7:af:96:3d:7a:34:da:30:43:6c:b5:72:
c5:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:75:F1:A8:3D:42:A2:7E:87:D3:94:B5:A8:3E:DE:94:2B:34:F1:FD
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/0CB3018C69B011F1935FD904CF1D38B0.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.222.8.0/24
Signature Algorithm: sha256WithRSAEncryption
af:4a:d7:d3:a0:a0:3b:cd:72:06:b5:20:83:64:a5:d2:8a:21:
6b:7e:97:db:9f:0e:c1:cf:08:5c:85:54:46:e7:82:75:0b:a3:
01:bb:11:1f:ba:1c:c3:5d:5a:ba:c8:ff:1f:5e:46:01:cd:d4:
f6:34:3a:fb:4b:7a:79:8f:f2:23:82:3e:70:26:b3:f7:e8:03:
2d:73:e3:d9:55:94:dd:c2:9e:48:01:9d:e7:87:a6:0f:87:74:
cf:6d:47:94:e2:3d:31:e0:ea:02:d4:b6:cf:65:a8:04:4e:ea:
bd:c6:68:d3:5c:a0:f3:af:ed:c2:20:8b:57:6c:3e:c5:73:b2:
de:ce:b9:c4:bc:b0:2d:fc:e6:08:38:c1:15:48:2f:be:c6:5f:
a5:7c:d4:67:b6:b7:2d:32:6b:5f:b5:ec:ca:48:23:b3:bb:49:
3d:b3:2c:ae:c6:52:97:ab:56:37:89:e2:84:a2:44:5a:66:70:
ad:65:91:fc:cc:cb:e0:54:46:8e:8d:96:71:e4:78:e8:42:69:
80:06:48:88:44:6c:5c:c7:b7:8a:a0:c0:88:70:ee:9f:19:ed:
58:f2:9a:22:55:e4:8a:f0:2c:9c:56:ec:ef:72:90:c6:f4:70:
d0:56:cc:7a:ef:07:fd:ed:a0:8d:66:c3:22:9c:ff:df:f5:56:
42:73:2f:19
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAdN/MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjYwNjE2MTgyMDIzWhcNMjYwNzIzMTgyMDIzWjAYMRYw
FAYDVQQDEw02YTMxOTNlYi04OTU3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAxw5srt3NuvxwF3c9J4YZDYX4XNmCDHQIKsbuA0QnbRasuLghB9sqZsz5
vVNOEq9khu1/lB7rcFcN0qp8lvJbB3zw2swiAoMLdI1d79jXNF1ynGqNpqbs7Nk2
P7fto2xa+5ooQAi9HXCC43LpnFk9RL4yEUCLrp4Wao9oSG0zpapvfA6Q2EQPoUZi
48iQEowoNkDhlBVu46SYq8rUabTPS9mB3Zt0Qlav9Lg1Oe7TNRXiCAiNKejc+vhi
yx1wZO6wR1PGMMBs8/4YQHIcjHSKmda7/k1GF16mY/jA39v58Ez3WCROj7C8n+qZ
bmO+QcxJflbXr5Y9ejTaMENstXLFrQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFE51
8ag9QqJ+h9OUtag+3pQrNPH9MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8wQ0IzMDE4QzY5QjAxMUYxOTM1RkQ5MDRDRjFEMzhCMC5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmt4IMA0GCSqGSIb3DQEB
CwUAA4IBAQCvStfToKA7zXIGtSCDZKXSiiFrfpfbnw7BzwhchVRG54J1C6MBuxEf
uhzDXVq6yP8fXkYBzdT2NDr7S3p5j/Ijgj5wJrP36AMtc+PZVZTdwp5IAZ3nh6YP
h3TPbUeU4j0x4OoC1LbPZagETuq9xmjTXKDzr+3CIItXbD7Fc7LezrnEvLAt/OYI
OMEVSC++xl+lfNRntrctMmtftezKSCOzu0k9syyuxlKXq1Y3ieKEokRaZnCtZZH8
zMvgVEaOjZZx5HjoQmmABkiIRGxcx7eKoMCIcO6fGe1Y8poiVeSK8CycVuzvcpDG
9HDQVsx67wf97aCNZsMinP/f9VZCcy8Z
-----END CERTIFICATE-----
Generated at Tue Jun 23 21:51:36 2026 by rpki-client