Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/7902EBE06EF111F1A084C4C5CE1D38B0.roa
File: 7902EBE06EF111F1A084C4C5CE1D38B0.roa (raw, json)
Hash identifier: 843fuGJhZT1BW61t3PY7NuWwyUJpjWf8EWt7ru4dCCE=
Subject key identifier: 3D:36:FB:0D:5A:67:4E:AB:FB:3B:D2:65:F1:54:46:89:DB:18:63:B1
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01D492
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/7902EBE06EF111F1A084C4C5CE1D38B0.roa
Signing time: Tue 23 Jun 2026 10:51:22 +0000
ROA not before: Tue 23 Jun 2026 10:51:18 +0000
ROA not after: Tue 30 Jun 2026 10:51:18 +0000
asID: 17497
IP address blocks: 154.196.156.0/22 maxlen: 24
154.196.172.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Thu 25 Jun 2026 14:14:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 119954 (0x1d492)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jun 23 10:51:18 2026 GMT
Not After : Jun 30 10:51:18 2026 GMT
Subject: CN=6a3a652a-e23d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:84:86:3d:f0:80:41:bf:a3:c1:3b:eb:7d:f6:
36:b4:94:08:39:d8:16:de:cc:57:4f:a2:af:31:11:
6f:0d:d0:91:ca:ba:48:bb:46:fc:9c:1d:be:8d:bc:
b9:c4:12:9e:80:0d:51:95:02:92:7d:37:d5:ce:88:
98:76:58:85:10:d1:6a:88:bc:98:86:36:72:67:94:
c8:7a:78:79:1b:07:ab:e1:bb:4e:16:21:b4:02:66:
8f:83:2d:3d:20:1b:49:d9:1f:a7:7b:f7:0d:95:38:
ca:86:72:4b:9a:e3:f0:cd:8b:23:43:c8:08:8f:5d:
bd:59:8e:7d:c7:65:20:44:34:ad:7e:ae:74:0f:df:
e6:5c:b5:92:da:4a:12:23:79:85:c1:3a:e0:49:7a:
96:e4:39:88:eb:7e:d5:c4:7c:69:56:19:ed:84:9c:
55:62:27:39:49:cd:4c:90:80:60:f7:8f:e7:b9:02:
ab:81:d9:58:f1:9e:e3:ef:8c:82:f2:d4:54:a5:10:
ca:d8:0b:6b:27:b0:1b:47:39:be:96:10:05:cf:19:
78:a4:2a:83:12:21:14:52:09:aa:08:a9:47:89:cd:
b7:b0:c5:3d:15:17:78:0e:04:82:79:d3:30:60:38:
f6:37:7e:6b:15:b6:fe:69:1f:e7:ba:b7:8e:f0:b4:
d1:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:36:FB:0D:5A:67:4E:AB:FB:3B:D2:65:F1:54:46:89:DB:18:63:B1
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/7902EBE06EF111F1A084C4C5CE1D38B0.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.196.156.0/22
154.196.172.0/22
Signature Algorithm: sha256WithRSAEncryption
5b:74:fa:77:fd:b5:a6:4c:63:ef:11:27:68:7c:b9:df:6a:d3:
7e:25:45:3e:1e:4a:3d:06:b8:7a:81:fb:bb:2f:08:b3:80:77:
a1:f3:51:61:80:7b:08:6e:a6:aa:32:48:a0:bc:97:d8:01:e3:
52:de:bc:06:9b:85:83:66:ac:ce:76:dd:4f:bf:21:3a:cc:95:
db:25:9f:5e:bb:44:33:13:59:a0:1a:7e:9f:d9:f8:f4:5c:d9:
7c:b6:36:d0:2c:0b:c8:fb:dc:56:63:a1:d4:e7:b1:b0:25:fa:
b1:fc:30:c1:47:29:68:a8:21:67:5e:7d:b9:ec:78:5b:75:45:
e2:40:e0:8b:a4:e0:fa:7a:65:39:88:b1:a0:46:0d:49:9d:ab:
f6:e9:f2:ca:1e:76:ab:b9:d5:49:f4:ec:54:8f:78:45:e0:1e:
76:73:e7:c1:84:06:97:86:35:6b:85:77:8f:8a:41:d8:c9:41:
64:bf:a1:38:6c:57:ae:3b:d5:00:72:f7:d5:2f:cb:92:91:39:
4b:04:48:d6:68:fa:82:0b:00:1d:f2:c2:bd:e9:a8:cb:6b:a1:
4f:05:c0:66:ff:28:5f:b9:7a:3b:5e:9f:f8:8d:c8:a1:65:9f:
65:a3:5d:bb:3a:d1:85:79:40:99:1a:1f:8d:c2:29:b1:05:1f:
35:82:e4:91
-----BEGIN CERTIFICATE-----
MIIFijCCBHKgAwIBAgIDAdSSMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjYwNjIzMTA1MTE4WhcNMjYwNjMwMTA1MTE4WjAYMRYw
FAYDVQQDEw02YTNhNjUyYS1lMjNkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAtISGPfCAQb+jwTvrffY2tJQIOdgW3sxXT6KvMRFvDdCRyrpIu0b8nB2+
jby5xBKegA1RlQKSfTfVzoiYdliFENFqiLyYhjZyZ5TIenh5Gwer4btOFiG0AmaP
gy09IBtJ2R+ne/cNlTjKhnJLmuPwzYsjQ8gIj129WY59x2UgRDStfq50D9/mXLWS
2koSI3mFwTrgSXqW5DmI637VxHxpVhnthJxVYic5Sc1MkIBg94/nuQKrgdlY8Z7j
74yC8tRUpRDK2AtrJ7AbRzm+lhAFzxl4pCqDEiEUUgmqCKlHic23sMU9FRd4DgSC
edMwYDj2N35rFbb+aR/nureO8LTRwQIDAQABo4ICqzCCAqcwHQYDVR0OBBYEFD02
+w1aZ06r+zvSZfFURonbGGOxMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC83OTAyRUJFMDZFRjExMUYxQTA4NEM0QzVDRTFEMzhCMC5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCmsScAwQCmsSsMA0GCSqG
SIb3DQEBCwUAA4IBAQBbdPp3/bWmTGPvESdofLnfatN+JUU+Hko9Brh6gfu7Lwiz
gHeh81FhgHsIbqaqMkigvJfYAeNS3rwGm4WDZqzOdt1PvyE6zJXbJZ9eu0QzE1mg
Gn6f2fj0XNl8tjbQLAvI+9xWY6HU57GwJfqx/DDBRyloqCFnXn257HhbdUXiQOCL
pOD6emU5iLGgRg1Jnav26fLKHnarudVJ9OxUj3hF4B52c+fBhAaXhjVrhXePikHY
yUFkv6E4bFeuO9UAcvfVL8uSkTlLBEjWaPqCCwAd8sK96ajLa6FPBcBm/yhfuXo7
Xp/4jcihZZ9lo127OtGFeUCZGh+NwimxBR81guSR
-----END CERTIFICATE-----
Generated at Tue Jun 23 21:53:15 2026 by rpki-client