Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/6189AF84449A11F1A9B22F01CF1D38B0.roa
File: 6189AF84449A11F1A9B22F01CF1D38B0.roa (raw, json)
Hash identifier: Yf140R4+xKv0Fq3Z4UYBxvnjm45+WL8N23UbVE1wRbU=
Subject key identifier: 79:41:FB:34:B2:DF:AB:65:D4:11:38:E1:8D:99:EF:69:E1:75:EB:0D
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01C84B
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/6189AF84449A11F1A9B22F01CF1D38B0.roa
Signing time: Thu 30 Apr 2026 13:42:08 +0000
ROA not before: Thu 30 Apr 2026 13:42:03 +0000
ROA not after: Fri 05 Jun 2026 13:42:03 +0000
asID: 202656
IP address blocks: 154.222.206.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 11 May 2026 00:07:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 116811 (0x1c84b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Apr 30 13:42:03 2026 GMT
Not After : Jun 5 13:42:03 2026 GMT
Subject: CN=69f35c30-5ea4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:0d:2b:23:d5:5c:5f:12:b7:93:97:ca:27:be:
07:f8:da:07:9c:d1:d5:4c:96:07:cc:87:be:71:36:
9d:0d:45:84:ac:cc:a1:40:4d:38:4c:e3:23:b4:6e:
f7:ed:f8:b3:c1:83:e3:5f:bc:a7:2a:d5:23:3c:42:
7f:84:ed:25:26:e0:e2:d4:cf:02:e6:26:21:ed:ee:
78:e7:50:3e:e0:38:7c:33:d6:d4:a6:bb:38:af:f2:
90:e9:ae:61:de:e1:04:3f:39:1b:12:4a:25:db:d5:
51:76:42:ee:c9:a7:b7:92:69:f2:91:3b:10:0a:a9:
cc:fc:82:11:c5:bd:41:a3:22:46:c7:8c:72:e2:11:
b6:56:12:6b:4c:07:fe:15:5e:b1:2d:8d:86:e9:65:
00:6d:53:ec:c2:0d:17:f5:f3:1f:ed:91:b9:8d:cb:
82:a9:79:bd:2e:35:68:ac:1d:e2:cd:8f:08:01:1e:
7d:78:c8:1d:0b:72:a4:c7:2d:58:ba:8c:4e:c9:fd:
ea:f3:12:97:c9:c2:3b:77:54:56:a3:26:3d:23:b8:
13:19:11:6c:3d:01:1d:e7:55:f8:95:1f:1e:d5:d6:
a7:ae:d9:b9:db:a0:c9:78:b4:43:f8:5c:77:e9:b4:
02:91:24:e3:e2:ed:0c:dd:1a:8e:0e:6c:4d:f8:84:
04:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
79:41:FB:34:B2:DF:AB:65:D4:11:38:E1:8D:99:EF:69:E1:75:EB:0D
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/6189AF84449A11F1A9B22F01CF1D38B0.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.222.206.0/24
Signature Algorithm: sha256WithRSAEncryption
d6:37:93:57:18:3d:0f:39:aa:b4:1a:41:ef:d5:99:27:d4:78:
49:d6:57:e6:f2:52:a7:0d:91:71:c8:25:0e:c5:f5:9b:80:09:
fc:12:0d:95:4f:cd:d4:e1:21:0a:18:8e:2d:45:6a:c1:8f:7e:
29:e8:e7:5a:65:35:67:42:59:46:42:47:eb:ea:c0:ff:2b:10:
87:05:ad:18:51:7a:94:fa:1f:1e:53:d5:d6:2a:c8:96:39:00:
e2:d0:a4:17:11:29:60:a5:03:9f:07:b4:fa:5c:2c:36:aa:26:
f9:77:4c:06:2b:ab:09:86:db:43:a9:a8:3c:51:d2:60:51:f5:
5d:2b:a1:67:74:6e:0b:fb:95:b1:e1:a4:73:c1:e2:68:0b:5e:
98:5d:9a:2e:fc:f3:22:65:b1:66:18:f1:61:61:f7:94:16:d9:
81:d7:05:4f:c5:ac:dc:23:1a:55:88:90:74:b1:65:4e:29:36:
f2:be:15:a4:da:8f:d2:76:4d:8f:23:96:f1:3c:ed:ee:50:3c:
88:73:0b:e2:f9:52:6c:a8:2f:bb:6e:92:78:f4:a3:3d:71:7c:
ee:2c:99:77:66:92:54:57:65:3e:b9:d9:aa:0a:9e:b6:99:42:
60:56:a9:ce:ed:ed:89:7e:35:b4:93:1b:ed:3b:d5:6f:5d:0e:
f9:98:83:77
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAchLMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjYwNDMwMTM0MjAzWhcNMjYwNjA1MTM0MjAzWjAYMRYw
FAYDVQQDEw02OWYzNWMzMC01ZWE0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAxw0rI9VcXxK3k5fKJ74H+NoHnNHVTJYHzIe+cTadDUWErMyhQE04TOMj
tG737fizwYPjX7ynKtUjPEJ/hO0lJuDi1M8C5iYh7e5451A+4Dh8M9bUprs4r/KQ
6a5h3uEEPzkbEkol29VRdkLuyae3kmnykTsQCqnM/IIRxb1BoyJGx4xy4hG2VhJr
TAf+FV6xLY2G6WUAbVPswg0X9fMf7ZG5jcuCqXm9LjVorB3izY8IAR59eMgdC3Kk
xy1YuoxOyf3q8xKXycI7d1RWoyY9I7gTGRFsPQEd51X4lR8e1danrtm526DJeLRD
+Fx36bQCkSTj4u0M3RqODmxN+IQEQwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFHlB
+zSy36tl1BE44Y2Z72nhdesNMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC82MTg5QUY4NDQ0OUExMUYxQTlCMjJGMDFDRjFEMzhCMC5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmt7OMA0GCSqGSIb3DQEB
CwUAA4IBAQDWN5NXGD0POaq0GkHv1Zkn1HhJ1lfm8lKnDZFxyCUOxfWbgAn8Eg2V
T83U4SEKGI4tRWrBj34p6OdaZTVnQllGQkfr6sD/KxCHBa0YUXqU+h8eU9XWKsiW
OQDi0KQXESlgpQOfB7T6XCw2qib5d0wGK6sJhttDqag8UdJgUfVdK6FndG4L+5Wx
4aRzweJoC16YXZou/PMiZbFmGPFhYfeUFtmB1wVPxazcIxpViJB0sWVOKTbyvhWk
2o/Sdk2PI5bxPO3uUDyIcwvi+VJsqC+7bpJ49KM9cXzuLJl3ZpJUV2U+udmqCp62
mUJgVqnO7e2JfjW0kxvtO9VvXQ75mIN3
-----END CERTIFICATE-----
Generated at Sat May 9 11:02:07 2026 by rpki-client