Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/757C44F4455611F19AD5DAFBCE1D38B0.roa
File: 757C44F4455611F19AD5DAFBCE1D38B0.roa (raw, json)
Hash identifier: R2TbcsrNYPL/HK1CtyRr5TM3zb7kICX23eGcVqaDOWY=
Subject key identifier: E2:5B:5F:7C:3A:70:FB:2F:09:30:8A:B7:F1:3D:73:6A:E8:39:1E:C6
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01C885
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/757C44F4455611F19AD5DAFBCE1D38B0.roa
Signing time: Fri 01 May 2026 12:08:27 +0000
ROA not before: Fri 01 May 2026 12:08:22 +0000
ROA not after: Sat 30 May 2026 12:08:22 +0000
asID: 401783
IP address blocks: 154.90.67.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 15 May 2026 06:17:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 116869 (0x1c885)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: May 1 12:08:22 2026 GMT
Not After : May 30 12:08:22 2026 GMT
Subject: CN=69f497bb-dcb1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:39:ee:d2:5a:d8:31:aa:0b:29:57:94:ea:f0:
e1:f0:44:bd:bc:5d:ee:09:b3:1d:cf:5f:43:95:1f:
5e:ad:89:79:52:90:27:14:d2:a8:03:6c:d8:72:dd:
57:21:ae:44:bf:97:75:fa:62:e6:4f:ed:54:c9:f4:
03:23:9a:0c:9f:4d:94:1e:72:69:73:13:2f:dd:03:
82:1a:af:57:c2:d2:52:13:8f:cb:b4:71:91:d2:c9:
9a:45:8d:43:6e:9c:8d:58:1a:04:c5:d6:b3:01:de:
f7:4f:f1:eb:c8:14:fc:2a:63:54:21:a7:a8:7a:13:
84:80:de:77:21:3f:ed:71:e0:a3:ed:fb:53:89:2b:
85:73:4f:cf:6c:c3:83:c4:e7:e5:da:d6:cf:6f:04:
2d:30:08:e8:63:05:01:5e:4a:e3:a6:da:c4:32:b5:
f9:36:9b:01:5a:86:2e:bf:39:da:13:7c:8e:77:ab:
70:0e:c3:b3:b3:3a:d4:1d:a0:92:f0:88:87:57:d2:
50:6b:a6:d3:92:d1:73:c0:64:17:5e:f7:d7:f0:43:
ee:3a:3b:d0:2a:1d:9d:78:ff:af:ac:f0:22:9b:79:
6d:89:d3:d7:97:94:74:0b:56:71:cf:15:79:1b:14:
e5:d2:98:99:cb:a4:1f:78:f3:4c:05:28:7f:6e:37:
4d:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:5B:5F:7C:3A:70:FB:2F:09:30:8A:B7:F1:3D:73:6A:E8:39:1E:C6
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/757C44F4455611F19AD5DAFBCE1D38B0.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.90.67.0/24
Signature Algorithm: sha256WithRSAEncryption
4e:41:74:c1:c9:38:52:ea:3a:41:35:ee:7c:40:80:22:90:16:
04:a8:70:48:26:4d:99:aa:64:d0:10:be:c3:42:bb:37:7e:93:
54:47:d9:59:20:8f:4f:45:32:93:86:17:ee:f3:29:5e:d3:48:
aa:4c:f3:c1:aa:93:ba:ea:c2:19:7e:16:3d:e2:f7:bb:1d:4d:
df:19:33:83:fb:58:73:2a:bd:8c:c3:70:3f:f8:8e:82:9c:b7:
1c:8a:bf:78:9b:12:77:92:6d:92:52:df:26:c9:05:cf:fe:64:
df:f8:f4:ff:64:8d:46:02:39:3b:4e:ae:55:aa:cc:e8:77:81:
5c:b4:4d:f4:50:4e:61:f1:ea:e3:7b:65:60:8a:9c:d4:ce:08:
97:05:6f:a8:87:54:f8:f1:84:b8:5e:06:c5:dd:e8:4d:8c:5a:
6c:53:0a:f7:51:6c:a4:ad:2a:aa:3c:0f:59:de:94:ec:bd:1a:
78:d3:c3:e4:83:c3:92:6b:79:6e:2a:fe:82:3d:10:ee:06:73:
ea:c7:d5:a1:ce:f7:7d:3c:99:1c:70:c2:5c:45:81:39:a4:84:
5c:8f:78:7c:dc:2f:03:8c:63:b4:03:73:c0:22:9c:6d:74:63:
ea:31:e8:c9:fb:3b:4d:52:fb:08:f1:31:97:34:32:6a:2f:8d:
b8:8b:bf:a8
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAciFMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjYwNTAxMTIwODIyWhcNMjYwNTMwMTIwODIyWjAYMRYw
FAYDVQQDEw02OWY0OTdiYi1kY2IxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAtDnu0lrYMaoLKVeU6vDh8ES9vF3uCbMdz19DlR9erYl5UpAnFNKoA2zY
ct1XIa5Ev5d1+mLmT+1UyfQDI5oMn02UHnJpcxMv3QOCGq9XwtJSE4/LtHGR0sma
RY1DbpyNWBoExdazAd73T/HryBT8KmNUIaeoehOEgN53IT/tceCj7ftTiSuFc0/P
bMODxOfl2tbPbwQtMAjoYwUBXkrjptrEMrX5NpsBWoYuvznaE3yOd6twDsOzszrU
HaCS8IiHV9JQa6bTktFzwGQXXvfX8EPuOjvQKh2deP+vrPAim3ltidPXl5R0C1Zx
zxV5GxTl0piZy6QfePNMBSh/bjdNewIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFOJb
X3w6cPsvCTCKt/E9c2roOR7GMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC83NTdDNDRGNDQ1NTYxMUYxOUFENURBRkJDRTFEMzhCMC5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmlpDMA0GCSqGSIb3DQEB
CwUAA4IBAQBOQXTByThS6jpBNe58QIAikBYEqHBIJk2ZqmTQEL7DQrs3fpNUR9lZ
II9PRTKThhfu8yle00iqTPPBqpO66sIZfhY94ve7HU3fGTOD+1hzKr2Mw3A/+I6C
nLccir94mxJ3km2SUt8myQXP/mTf+PT/ZI1GAjk7Tq5Vqszod4FctE30UE5h8erj
e2VgipzUzgiXBW+oh1T48YS4XgbF3ehNjFpsUwr3UWykrSqqPA9Z3pTsvRp408Pk
g8OSa3luKv6CPRDuBnPqx9Whzvd9PJkccMJcRYE5pIRcj3h83C8DjGO0A3PAIpxt
dGPqMejJ+ztNUvsI8TGXNDJqL424i7+o
-----END CERTIFICATE-----
Generated at Wed May 13 16:49:18 2026 by rpki-client