Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/29D65F8C43A611F19F515DBACE1D38B0.roa
File: 29D65F8C43A611F19F515DBACE1D38B0.roa (raw, json)
Hash identifier: SvONPCGMbbk5FIPjPF45ddPZ1ffmR55Ri5dIeaq7GiI=
Subject key identifier: 6A:52:7E:9E:32:83:8D:A3:29:17:38:33:BB:53:A5:B7:6F:1D:7C:D8
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01C7D0
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/29D65F8C43A611F19F515DBACE1D38B0.roa
Signing time: Wed 29 Apr 2026 08:33:57 +0000
ROA not before: Wed 29 Apr 2026 08:33:53 +0000
ROA not after: Wed 03 Jun 2026 08:33:53 +0000
asID: 17561
IP address blocks: 154.198.8.0/24 maxlen: 24
154.198.188.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 11 May 2026 00:07:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 116688 (0x1c7d0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Apr 29 08:33:53 2026 GMT
Not After : Jun 3 08:33:53 2026 GMT
Subject: CN=69f1c275-8b5a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:97:4f:e5:3f:8c:01:f1:2c:8e:04:28:29:f4:
fe:c7:f2:17:64:4e:69:1f:99:fa:07:4e:60:77:f9:
45:48:8e:50:8e:b9:f2:78:fe:5d:76:44:94:47:2a:
bd:ae:5e:eb:33:0b:9d:d2:91:bb:7d:54:04:0e:cd:
e4:26:a2:bc:c4:b6:4c:8b:08:98:cf:73:65:a6:f4:
36:81:87:64:c5:18:90:48:87:4e:fd:63:77:5e:6f:
ef:fc:62:13:c2:c5:79:1e:56:59:a0:4e:72:00:ac:
de:60:8c:9c:ef:7d:44:6f:f4:57:12:19:91:98:96:
ad:79:26:29:04:21:71:4e:a3:85:47:0a:05:38:55:
8d:5f:76:90:4d:57:8e:ec:7b:ed:2c:74:1c:73:8b:
e1:92:92:28:05:69:56:8f:22:7e:26:70:b1:ad:cd:
79:74:11:93:40:1a:77:ad:ac:c1:dc:c1:de:ed:b7:
7a:c4:12:b8:10:b6:37:9f:b9:0b:14:bf:2b:cf:4a:
f6:ca:ba:70:bb:ab:08:09:b3:9d:b7:fc:41:fa:3e:
6d:a1:bf:76:33:7d:ff:6b:f4:f0:e0:49:0e:06:b5:
ef:b7:70:a2:e2:29:9f:19:8d:7b:4e:50:17:3e:e0:
ab:f7:11:37:39:e0:dd:f3:61:0e:c6:07:8a:e8:90:
34:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:52:7E:9E:32:83:8D:A3:29:17:38:33:BB:53:A5:B7:6F:1D:7C:D8
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/29D65F8C43A611F19F515DBACE1D38B0.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.198.8.0/24
154.198.188.0/23
Signature Algorithm: sha256WithRSAEncryption
51:78:7c:5e:fe:db:6a:9d:13:95:f0:bd:33:8c:32:cb:1d:d9:
94:51:b8:20:b8:a8:10:09:57:6b:70:cf:90:20:3f:8f:b9:c2:
ce:37:9b:2c:a8:e8:b2:7e:d9:82:64:c1:75:29:3d:fb:44:c4:
63:64:c0:0b:79:d3:fc:9e:b6:d2:18:30:5d:58:73:76:70:33:
a1:8d:cf:5f:3f:db:b4:13:c6:c1:9c:2d:02:29:b6:85:07:e7:
c5:88:3a:41:23:5f:ad:ba:2a:9c:d0:a2:dc:7c:1f:0e:b1:c8:
21:79:c5:d7:ed:73:fc:71:63:91:0c:48:cf:fc:4f:66:0c:49:
2a:ce:5c:c8:87:96:6f:7b:18:61:f9:33:0f:01:18:c8:ba:37:
1f:a3:e4:2e:8f:0b:e4:77:51:2e:9e:82:a4:52:f2:e2:fc:98:
e9:b4:30:08:4c:97:92:0d:40:f5:9d:32:7a:ed:d2:c7:d7:22:
0e:6b:06:78:1d:09:48:8b:83:97:06:7a:18:c9:56:7b:87:89:
bd:61:98:46:29:fd:01:86:f1:ba:1c:57:c7:71:f1:78:e8:82:
5f:07:ae:21:f8:3d:1e:62:e3:c2:e3:12:52:55:a9:74:58:2d:
0f:bc:fc:c7:42:26:93:42:77:b7:0b:b8:31:14:22:3c:5a:be:
f9:bc:e9:94
-----BEGIN CERTIFICATE-----
MIIFijCCBHKgAwIBAgIDAcfQMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjYwNDI5MDgzMzUzWhcNMjYwNjAzMDgzMzUzWjAYMRYw
FAYDVQQDEw02OWYxYzI3NS04YjVhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAvpdP5T+MAfEsjgQoKfT+x/IXZE5pH5n6B05gd/lFSI5QjrnyeP5ddkSU
Ryq9rl7rMwud0pG7fVQEDs3kJqK8xLZMiwiYz3NlpvQ2gYdkxRiQSIdO/WN3Xm/v
/GITwsV5HlZZoE5yAKzeYIyc731Eb/RXEhmRmJateSYpBCFxTqOFRwoFOFWNX3aQ
TVeO7HvtLHQcc4vhkpIoBWlWjyJ+JnCxrc15dBGTQBp3razB3MHe7bd6xBK4ELY3
n7kLFL8rz0r2yrpwu6sICbOdt/xB+j5tob92M33/a/Tw4EkOBrXvt3Ci4imfGY17
TlAXPuCr9xE3OeDd82EOxgeK6JA0gQIDAQABo4ICqzCCAqcwHQYDVR0OBBYEFGpS
fp4yg42jKRc4M7tTpbdvHXzYMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8yOUQ2NUY4QzQzQTYxMUYxOUY1MTVEQkFDRTFEMzhCMC5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAmsYIAwQBmsa8MA0GCSqG
SIb3DQEBCwUAA4IBAQBReHxe/ttqnROV8L0zjDLLHdmUUbgguKgQCVdrcM+QID+P
ucLON5ssqOiyftmCZMF1KT37RMRjZMALedP8nrbSGDBdWHN2cDOhjc9fP9u0E8bB
nC0CKbaFB+fFiDpBI1+tuiqc0KLcfB8OscghecXX7XP8cWORDEjP/E9mDEkqzlzI
h5Zvexhh+TMPARjIujcfo+Qujwvkd1EunoKkUvLi/JjptDAITJeSDUD1nTJ67dLH
1yIOawZ4HQlIi4OXBnoYyVZ7h4m9YZhGKf0BhvG6HFfHcfF46IJfB64h+D0eYuPC
4xJSVal0WC0PvPzHQiaTQne3C7gxFCI8Wr75vOmU
-----END CERTIFICATE-----
Generated at Sat May 9 10:59:53 2026 by rpki-client