Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/625FC8AC3E4211F1B496F3D0CE1D38B0.roa
File: 625FC8AC3E4211F1B496F3D0CE1D38B0.roa (raw, json)
Hash identifier: DE6b8KqaQtx50/6CaZYT/27idf0qBdGNlfilSPh10k0=
Subject key identifier: D9:69:94:33:36:E2:4D:33:75:A9:97:8F:8C:2D:77:1A:62:AC:EE:CB
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01C66D
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/625FC8AC3E4211F1B496F3D0CE1D38B0.roa
Signing time: Wed 22 Apr 2026 11:57:07 +0000
ROA not before: Wed 22 Apr 2026 11:57:01 +0000
ROA not after: Thu 28 May 2026 11:57:01 +0000
asID: 48031
IP address blocks: 154.92.12.0/24 maxlen: 24
154.92.13.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 11 May 2026 00:07:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 116333 (0x1c66d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Apr 22 11:57:01 2026 GMT
Not After : May 28 11:57:01 2026 GMT
Subject: CN=69e8b793-5ff4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:6b:55:9b:fe:ed:a6:79:c6:13:5b:f5:96:aa:
7a:77:22:cd:58:66:ad:ae:b6:60:db:16:58:71:69:
0e:21:07:44:6d:19:48:aa:f9:8a:13:2f:82:7e:4c:
a0:56:af:90:ce:20:4b:66:27:d6:4f:e3:c8:86:a6:
d7:fe:94:81:28:0a:86:22:3a:0c:30:ae:d4:4e:22:
a7:4c:ad:4b:31:3c:29:9e:27:14:92:e3:ef:8f:1c:
bc:46:d6:05:81:42:34:17:6d:71:22:1c:54:1c:43:
2b:46:7c:b2:d0:8c:60:44:dc:fa:3f:27:03:d9:a1:
71:cd:b7:a7:de:4b:1f:f8:22:b2:04:d5:25:88:ba:
f3:2a:be:6b:d0:9d:76:fc:e4:11:f0:f7:29:23:ae:
2e:66:2c:91:3c:09:96:0b:c5:28:55:85:ac:cc:88:
4a:67:f9:15:17:8c:e7:cd:4d:0c:1c:02:10:be:08:
11:ac:6e:5b:01:8f:08:49:ce:ce:eb:5d:bb:f1:2c:
a3:72:2b:7e:09:e2:2a:fe:cd:bf:2c:29:6f:e9:b0:
11:78:2b:2b:19:13:23:18:16:6a:cb:b8:0f:63:a9:
a4:ca:11:23:bb:20:05:0c:e8:49:db:ca:2a:65:12:
40:2a:e8:a4:9b:bb:8b:09:e5:f5:0b:df:9c:6f:2c:
e8:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:69:94:33:36:E2:4D:33:75:A9:97:8F:8C:2D:77:1A:62:AC:EE:CB
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/625FC8AC3E4211F1B496F3D0CE1D38B0.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.92.12.0/23
Signature Algorithm: sha256WithRSAEncryption
1f:e1:64:a4:ca:65:5d:22:45:c0:12:fb:0a:7b:b7:ff:ce:ac:
f6:c7:c6:a6:40:4f:58:5c:49:26:2f:0c:76:ca:c8:88:73:84:
eb:e9:55:f9:d3:7d:4e:c5:41:2a:f5:80:8f:82:be:74:2f:1e:
b3:e4:6e:7b:88:43:46:fb:f7:ce:b8:35:36:2e:aa:db:ea:95:
05:a1:be:59:6e:20:87:7b:6e:6f:15:b4:89:77:8b:b5:37:0a:
47:c6:8f:98:03:81:1a:19:a6:77:0d:a7:bc:b7:17:39:99:a7:
a2:ae:cf:d4:40:e3:5a:2d:2d:8d:f3:81:17:ee:88:d0:38:f5:
d5:34:35:b1:af:08:84:1a:12:67:1e:e5:10:55:05:57:94:9f:
79:3e:ce:b1:a2:ec:ac:59:c5:fa:eb:3c:ed:13:dc:8c:88:cf:
a7:34:a3:8f:08:0a:4c:80:ec:fd:3c:ed:e2:8d:1e:45:b0:33:
dd:af:84:0e:9f:9d:5d:94:c3:fd:09:b7:33:4a:44:22:3e:76:
cb:03:0e:dc:30:4a:f7:24:7e:9b:59:6d:58:83:e1:99:2c:a5:
cf:1a:ed:a2:ba:cf:85:3f:94:f8:d1:b1:9f:f2:b2:36:71:a2:
cc:76:95:f6:ea:75:96:dd:2c:e5:4a:fc:e7:5d:9b:8b:0b:d5:
34:42:b8:55
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAcZtMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjYwNDIyMTE1NzAxWhcNMjYwNTI4MTE1NzAxWjAYMRYw
FAYDVQQDEw02OWU4Yjc5My01ZmY0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAuGtVm/7tpnnGE1v1lqp6dyLNWGatrrZg2xZYcWkOIQdEbRlIqvmKEy+C
fkygVq+QziBLZifWT+PIhqbX/pSBKAqGIjoMMK7UTiKnTK1LMTwpnicUkuPvjxy8
RtYFgUI0F21xIhxUHEMrRnyy0IxgRNz6PycD2aFxzben3ksf+CKyBNUliLrzKr5r
0J12/OQR8PcpI64uZiyRPAmWC8UoVYWszIhKZ/kVF4znzU0MHAIQvggRrG5bAY8I
Sc7O61278Syjcit+CeIq/s2/LClv6bAReCsrGRMjGBZqy7gPY6mkyhEjuyAFDOhJ
28oqZRJAKuikm7uLCeX1C9+cbyzoSwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFNlp
lDM24k0zdamXj4wtdxpirO7LMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC82MjVGQzhBQzNFNDIxMUYxQjQ5NkYzRDBDRTFEMzhCMC5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBmlwMMA0GCSqGSIb3DQEB
CwUAA4IBAQAf4WSkymVdIkXAEvsKe7f/zqz2x8amQE9YXEkmLwx2ysiIc4Tr6VX5
031OxUEq9YCPgr50Lx6z5G57iENG+/fOuDU2Lqrb6pUFob5ZbiCHe25vFbSJd4u1
NwpHxo+YA4EaGaZ3Dae8txc5maeirs/UQONaLS2N84EX7ojQOPXVNDWxrwiEGhJn
HuUQVQVXlJ95Ps6xouysWcX66zztE9yMiM+nNKOPCApMgOz9PO3ijR5FsDPdr4QO
n51dlMP9CbczSkQiPnbLAw7cMEr3JH6bWW1Yg+GZLKXPGu2ius+FP5T40bGf8rI2
caLMdpX26nWW3SzlSvznXZuLC9U0QrhV
-----END CERTIFICATE-----
Generated at Sat May 9 11:01:58 2026 by rpki-client