Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/6F3E69AC43A111F199336A1CCF1D38B0.roa
File: 6F3E69AC43A111F199336A1CCF1D38B0.roa (raw, json)
Hash identifier: sOrj1q2YCyi3u6n6E2/oQt4yqASW8Jmg5b8HEQYAalE=
Subject key identifier: 73:87:1B:2E:A7:E3:70:EF:19:20:F1:49:96:85:62:7D:46:60:79:ED
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01C7CA
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/6F3E69AC43A111F199336A1CCF1D38B0.roa
Signing time: Wed 29 Apr 2026 08:00:06 +0000
ROA not before: Wed 29 Apr 2026 08:00:02 +0000
ROA not after: Sun 26 Jul 2026 08:00:02 +0000
asID: 29852
IP address blocks: 154.194.58.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 08 May 2026 00:07:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 116682 (0x1c7ca)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Apr 29 08:00:02 2026 GMT
Not After : Jul 26 08:00:02 2026 GMT
Subject: CN=69f1ba86-ff8e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:3d:2d:2e:c2:f1:3d:bf:c8:00:a2:b4:29:2e:
99:cc:76:ec:a3:2a:1d:0d:28:b4:7c:06:1e:eb:70:
bc:de:2b:36:a1:2f:1f:7a:34:fe:60:b5:b4:ef:65:
9f:20:c9:53:fb:7b:fc:73:e2:ec:a0:77:dc:03:7f:
7e:7d:11:1c:99:83:67:92:d3:ce:66:8a:51:a2:7a:
8d:45:f1:2d:e1:f1:9e:d4:78:38:e3:8f:c9:df:17:
be:53:6f:30:b5:c8:03:2a:48:0e:4b:c3:a1:ca:e7:
15:c1:00:cf:ad:aa:de:98:59:df:23:0e:3c:79:3e:
fa:62:bc:c9:3d:6e:8c:48:50:68:c2:48:73:9d:e1:
f4:2c:37:23:59:aa:6a:83:60:91:3b:ea:f1:62:ef:
fa:c9:c1:6c:bb:92:f9:5c:f5:a2:bf:6d:72:5f:54:
30:c5:6c:67:d5:6c:29:03:6a:b7:ce:bd:7d:f4:f6:
77:83:09:38:10:1a:06:3d:97:cb:be:ec:1f:66:6d:
8c:a2:c0:c8:05:07:65:81:f1:0b:e2:c5:fb:47:7b:
51:de:8c:08:37:5a:ed:a9:76:83:f5:8f:8d:44:5f:
7a:e9:06:9f:2d:87:e1:25:5f:54:4d:df:65:6a:35:
2a:3e:ba:e3:61:9e:c9:46:45:99:59:95:20:69:b0:
2c:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:87:1B:2E:A7:E3:70:EF:19:20:F1:49:96:85:62:7D:46:60:79:ED
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/6F3E69AC43A111F199336A1CCF1D38B0.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.194.58.0/24
Signature Algorithm: sha256WithRSAEncryption
cf:88:8a:ea:4c:e2:b4:70:7d:e4:0b:d6:31:09:70:8b:da:fd:
ee:2c:ea:56:7d:27:de:8b:84:89:0c:c5:f4:47:04:d9:8e:37:
8f:b6:f5:3c:58:c5:32:0f:14:4d:96:94:1f:a9:6b:7b:9c:e2:
08:52:90:bd:45:4d:23:27:ba:24:93:38:5d:bf:25:c4:f7:63:
ba:6c:06:42:18:44:c3:28:ee:08:e0:25:df:6e:82:0a:2a:ff:
b2:9a:95:d5:cf:43:07:cb:e5:92:35:d3:f3:58:6c:51:0b:35:
01:2f:d9:4f:71:ce:d9:60:5f:db:d1:d5:3e:87:cb:10:05:58:
6e:b4:84:12:b0:41:3d:2e:25:03:fb:7f:5f:dd:42:43:a0:bf:
3f:b6:c5:f6:e8:f2:44:ef:5c:e8:da:5a:0f:36:1e:7e:0e:3e:
5c:07:33:f4:da:5b:58:94:6d:e2:5d:6c:d6:53:8b:dd:7a:af:
26:0e:a7:6b:44:cc:aa:90:75:d8:68:d9:fd:d9:04:56:bc:56:
e0:1f:20:e3:cd:c0:55:a0:b8:52:6e:e6:04:97:43:3e:3c:33:
3f:7d:7f:5f:f5:79:6a:c5:6a:11:37:7b:9f:08:c8:18:00:32:
1a:40:80:2f:ba:2a:c5:47:61:91:8f:f8:45:ce:f9:9f:9c:7e:
17:2f:1b:2c
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAcfKMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjYwNDI5MDgwMDAyWhcNMjYwNzI2MDgwMDAyWjAYMRYw
FAYDVQQDEw02OWYxYmE4Ni1mZjhlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEArj0tLsLxPb/IAKK0KS6ZzHbsoyodDSi0fAYe63C83is2oS8fejT+YLW0
72WfIMlT+3v8c+LsoHfcA39+fREcmYNnktPOZopRonqNRfEt4fGe1Hg444/J3xe+
U28wtcgDKkgOS8OhyucVwQDPraremFnfIw48eT76YrzJPW6MSFBowkhzneH0LDcj
Wapqg2CRO+rxYu/6ycFsu5L5XPWiv21yX1QwxWxn1WwpA2q3zr199PZ3gwk4EBoG
PZfLvuwfZm2MosDIBQdlgfEL4sX7R3tR3owIN1rtqXaD9Y+NRF966QafLYfhJV9U
Td9lajUqPrrjYZ7JRkWZWZUgabAsEQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFHOH
Gy6n43DvGSDxSZaFYn1GYHntMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC82RjNFNjlBQzQzQTExMUYxOTkzMzZBMUNDRjFEMzhCMC5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmsI6MA0GCSqGSIb3DQEB
CwUAA4IBAQDPiIrqTOK0cH3kC9YxCXCL2v3uLOpWfSfei4SJDMX0RwTZjjePtvU8
WMUyDxRNlpQfqWt7nOIIUpC9RU0jJ7okkzhdvyXE92O6bAZCGETDKO4I4CXfboIK
Kv+ympXVz0MHy+WSNdPzWGxRCzUBL9lPcc7ZYF/b0dU+h8sQBVhutIQSsEE9LiUD
+39f3UJDoL8/tsX26PJE71zo2loPNh5+Dj5cBzP02ltYlG3iXWzWU4vdeq8mDqdr
RMyqkHXYaNn92QRWvFbgHyDjzcBVoLhSbuYEl0M+PDM/fX9f9XlqxWoRN3ufCMgY
ADIaQIAvuirFR2GRj/hFzvmfnH4XLxss
-----END CERTIFICATE-----
Generated at Wed May 6 16:43:46 2026 by rpki-client