Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/29B6A5CA45A911F1A9C6DFE8CE1D38B0.roa
File: 29B6A5CA45A911F1A9C6DFE8CE1D38B0.roa (raw, json)
Hash identifier: XMVom4+GOm0ShsZV9gHMgTD8lg+WRx4O/zVRKmwxN4o=
Subject key identifier: E5:3D:3F:AF:ED:BB:99:09:A5:CE:ED:97:E4:23:E4:0F:99:54:6E:76
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01C901
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/29B6A5CA45A911F1A9C6DFE8CE1D38B0.roa
Signing time: Fri 01 May 2026 22:00:28 +0000
ROA not before: Fri 01 May 2026 22:00:23 +0000
ROA not after: Tue 09 Jun 2026 22:00:23 +0000
asID: 200213
IP address blocks: 154.193.128.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 11 May 2026 00:07:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 116993 (0x1c901)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: May 1 22:00:23 2026 GMT
Not After : Jun 9 22:00:23 2026 GMT
Subject: CN=69f5227c-ecba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:13:14:f5:18:03:f8:e8:1b:31:f7:61:37:76:
3f:27:33:47:77:9b:e4:5c:37:74:fc:1e:df:c5:33:
34:0d:e6:9a:19:de:b5:49:b8:10:64:82:32:46:56:
2d:5f:6d:63:ed:49:49:0c:d7:d0:6c:e8:d7:a1:56:
c6:43:df:46:b4:e0:30:58:a3:0f:3f:66:73:8a:1e:
9b:c1:d0:9b:be:16:d7:da:ed:ad:b8:69:58:70:16:
8f:83:50:ca:9f:c3:25:86:7f:c9:e5:d2:cf:82:2c:
a1:f9:b4:d7:72:49:06:c7:f9:56:3d:a6:5f:db:cc:
1f:68:85:53:e6:3d:30:03:01:dd:11:b5:d1:dc:99:
42:97:43:c4:73:86:d5:a6:2e:17:6f:ee:84:ea:4d:
93:2c:ed:f2:5b:07:9e:fa:5b:88:fb:c2:44:95:e0:
e2:94:c2:c5:68:0b:fb:14:07:86:30:35:83:07:9c:
06:e0:ce:bb:51:a3:02:ab:13:12:5e:6a:86:8e:3d:
f6:1b:09:82:fb:ae:61:6a:22:52:e8:4a:f1:79:2c:
fb:47:a7:83:dc:43:e9:d7:9c:64:8e:03:1b:51:3b:
8e:b2:b8:f1:e3:e8:a0:48:14:a7:6c:7d:21:87:08:
cc:b0:9b:e4:c8:41:d3:9e:ed:74:6b:db:47:76:df:
63:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:3D:3F:AF:ED:BB:99:09:A5:CE:ED:97:E4:23:E4:0F:99:54:6E:76
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/29B6A5CA45A911F1A9C6DFE8CE1D38B0.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.193.128.0/24
Signature Algorithm: sha256WithRSAEncryption
5c:63:4b:91:c9:8d:61:45:b6:d5:96:cc:b7:7d:0f:18:a6:2e:
24:8d:33:2e:5c:39:05:53:96:a0:fa:80:20:a0:2a:ea:90:59:
7c:f7:a2:f2:68:fb:35:3c:73:62:1e:98:b0:b9:da:b4:d8:ac:
b5:a1:87:3d:16:5a:8b:36:06:42:15:21:a7:c2:b6:d3:8a:28:
c4:5c:25:77:f9:5e:56:d9:aa:03:f0:4f:80:20:44:68:e1:00:
aa:f0:d5:ff:8e:88:21:62:d2:9e:49:00:83:87:13:02:1b:8c:
24:f0:4f:f1:0f:5b:ae:b3:e0:be:55:a3:aa:8e:a0:b2:dc:55:
09:9b:fc:48:f8:b6:53:90:91:de:73:77:9a:c6:1c:42:40:4d:
c2:89:c4:20:0f:85:5f:b6:16:b7:42:10:75:98:64:65:2f:8e:
80:12:47:b5:c8:0d:b9:c5:ee:bc:45:bd:89:73:4e:e7:b9:f2:
6e:13:87:b7:ab:96:91:32:8b:57:48:a3:d6:4b:68:eb:96:8e:
48:91:99:a9:4b:1d:85:e8:99:b8:c4:8e:1b:3f:cf:40:66:7d:
36:1e:63:4e:fd:6e:69:5b:6d:35:8c:cf:ac:8a:42:c6:e8:73:
a4:b9:4f:b7:c2:79:cf:a9:28:64:fe:b9:ff:c6:53:1f:75:df:
ee:11:9e:b8
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAckBMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjYwNTAxMjIwMDIzWhcNMjYwNjA5MjIwMDIzWjAYMRYw
FAYDVQQDEw02OWY1MjI3Yy1lY2JhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA2xMU9RgD+OgbMfdhN3Y/JzNHd5vkXDd0/B7fxTM0DeaaGd61SbgQZIIy
RlYtX21j7UlJDNfQbOjXoVbGQ99GtOAwWKMPP2Zzih6bwdCbvhbX2u2tuGlYcBaP
g1DKn8Mlhn/J5dLPgiyh+bTXckkGx/lWPaZf28wfaIVT5j0wAwHdEbXR3JlCl0PE
c4bVpi4Xb+6E6k2TLO3yWwee+luI+8JEleDilMLFaAv7FAeGMDWDB5wG4M67UaMC
qxMSXmqGjj32GwmC+65haiJS6ErxeSz7R6eD3EPp15xkjgMbUTuOsrjx4+igSBSn
bH0hhwjMsJvkyEHTnu10a9tHdt9jRQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFOU9
P6/tu5kJpc7tl+Qj5A+ZVG52MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8yOUI2QTVDQTQ1QTkxMUYxQTlDNkRGRThDRTFEMzhCMC5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmsGAMA0GCSqGSIb3DQEB
CwUAA4IBAQBcY0uRyY1hRbbVlsy3fQ8Ypi4kjTMuXDkFU5ag+oAgoCrqkFl896Ly
aPs1PHNiHpiwudq02Ky1oYc9FlqLNgZCFSGnwrbTiijEXCV3+V5W2aoD8E+AIERo
4QCq8NX/joghYtKeSQCDhxMCG4wk8E/xD1uus+C+VaOqjqCy3FUJm/xI+LZTkJHe
c3eaxhxCQE3CicQgD4Vftha3QhB1mGRlL46AEke1yA25xe68Rb2Jc07nufJuE4e3
q5aRMotXSKPWS2jrlo5IkZmpSx2F6Jm4xI4bP89AZn02HmNO/W5pW201jM+sikLG
6HOkuU+3wnnPqShk/rn/xlMfdd/uEZ64
-----END CERTIFICATE-----
Generated at Sat May 9 11:02:32 2026 by rpki-client