Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/7C7148F669C111F1A759D0EDCE1D38B0.roa
File: 7C7148F669C111F1A759D0EDCE1D38B0.roa (raw, json)
Hash identifier: MDsLHM5ZPQ1j70s9BqfXZj+4bPiZEtVLldiFql/MCyw=
Subject key identifier: 5D:E1:EB:8E:0B:5D:CE:69:17:E9:07:4A:60:CF:AC:DC:C0:22:AB:82
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01D397
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/7C7148F669C111F1A759D0EDCE1D38B0.roa
Signing time: Tue 16 Jun 2026 20:25:16 +0000
ROA not before: Tue 16 Jun 2026 20:25:12 +0000
ROA not after: Mon 21 Sep 2026 20:25:12 +0000
asID: 209242
IP address blocks: 154.198.173.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Thu 25 Jun 2026 11:43:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 119703 (0x1d397)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jun 16 20:25:12 2026 GMT
Not After : Sep 21 20:25:12 2026 GMT
Subject: CN=6a31b12c-ba5c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:69:0a:54:77:cf:ae:ce:15:0e:af:16:36:4f:
4d:77:dd:98:b4:2e:08:9f:6a:a2:0f:13:44:5f:e4:
69:3b:e1:80:02:64:a6:0f:3c:03:56:71:17:dd:25:
b5:6b:4a:21:c3:b8:80:f8:59:ad:16:9c:fa:82:52:
84:a7:40:0f:d4:d7:79:d6:ec:9d:fc:99:bc:62:3d:
05:03:50:7e:72:0b:ab:8a:4f:c2:52:27:7d:c8:17:
ec:b1:17:24:c2:af:19:c2:39:b8:15:ea:44:cf:97:
8f:c6:54:1a:09:bd:b1:02:00:79:88:cb:8d:85:d5:
83:17:7d:6d:c0:08:86:7e:fa:d5:59:fc:23:ef:2f:
8d:ad:eb:bb:77:ab:79:31:a3:7c:a4:70:c0:5f:15:
04:d1:f4:ff:e6:3e:2c:b6:4a:3c:17:ce:7a:46:25:
62:03:91:57:93:88:b1:cb:5e:97:ea:66:a5:bf:d1:
3c:32:f6:51:02:30:83:09:75:db:08:cf:9a:b2:c4:
48:53:c2:c9:c1:1c:dc:e7:ee:8d:e3:8f:d7:87:1b:
79:77:40:5c:75:9f:d3:45:45:20:aa:69:b1:0e:c3:
5f:74:8b:87:ac:8f:a6:0c:33:df:32:bc:e4:f2:30:
7d:0a:66:a4:0e:1b:33:df:43:79:b5:3b:fa:20:25:
00:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:E1:EB:8E:0B:5D:CE:69:17:E9:07:4A:60:CF:AC:DC:C0:22:AB:82
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/7C7148F669C111F1A759D0EDCE1D38B0.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.198.173.0/24
Signature Algorithm: sha256WithRSAEncryption
d1:6a:02:50:f5:a5:05:9b:91:8d:f9:cc:82:09:7d:57:88:b2:
fc:87:54:24:21:dc:86:8f:29:61:ad:11:33:3e:65:e9:51:d8:
80:f7:01:90:c4:b3:65:a6:6a:28:8e:28:a5:51:da:c1:e4:7c:
9b:b7:b0:02:cd:2a:47:2b:3d:a9:d6:cd:38:eb:b8:96:ca:77:
29:7e:0d:48:b3:62:a6:23:f6:59:00:2d:b4:23:45:a1:df:bd:
a2:08:85:b9:0f:00:97:8f:30:0f:92:4f:ba:da:da:a2:cf:fc:
b9:d6:53:a5:47:26:d3:f0:4d:bb:49:b4:3b:2e:14:e5:51:5c:
f8:1f:bb:4a:d6:87:69:07:84:c4:76:cd:ca:da:21:bc:a0:87:
34:ec:6d:09:90:ef:19:5b:c0:8d:58:c7:2a:08:68:99:2e:f2:
ef:da:90:90:a5:07:91:d2:4c:51:d8:af:af:0b:07:0e:5d:4c:
bc:81:97:0c:36:37:e8:8b:58:f8:dc:7b:ed:c9:eb:7c:83:03:
8c:48:45:04:a0:c8:d8:46:4f:57:e2:fa:a6:e6:73:8b:c6:2b:
38:c7:97:d6:6d:d5:2a:58:83:bb:39:1b:cb:bb:ed:d3:80:fa:
a5:4d:80:a8:d3:9d:ce:0b:b8:ca:e1:3a:0c:8c:b0:f1:88:8d:
62:d4:9b:48
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAdOXMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjYwNjE2MjAyNTEyWhcNMjYwOTIxMjAyNTEyWjAYMRYw
FAYDVQQDEw02YTMxYjEyYy1iYTVjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAumkKVHfPrs4VDq8WNk9Nd92YtC4In2qiDxNEX+RpO+GAAmSmDzwDVnEX
3SW1a0ohw7iA+FmtFpz6glKEp0AP1Nd51uyd/Jm8Yj0FA1B+cgurik/CUid9yBfs
sRckwq8Zwjm4FepEz5ePxlQaCb2xAgB5iMuNhdWDF31twAiGfvrVWfwj7y+Nreu7
d6t5MaN8pHDAXxUE0fT/5j4stko8F856RiViA5FXk4ixy16X6malv9E8MvZRAjCD
CXXbCM+assRIU8LJwRzc5+6N44/Xhxt5d0BcdZ/TRUUgqmmxDsNfdIuHrI+mDDPf
Mrzk8jB9CmakDhsz30N5tTv6ICUA1wIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFF3h
644LXc5pF+kHSmDPrNzAIquCMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC83QzcxNDhGNjY5QzExMUYxQTc1OUQwRURDRTFEMzhCMC5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmsatMA0GCSqGSIb3DQEB
CwUAA4IBAQDRagJQ9aUFm5GN+cyCCX1XiLL8h1QkIdyGjylhrREzPmXpUdiA9wGQ
xLNlpmoojiilUdrB5Hybt7ACzSpHKz2p1s0467iWyncpfg1Is2KmI/ZZAC20I0Wh
372iCIW5DwCXjzAPkk+62tqiz/y51lOlRybT8E27SbQ7LhTlUVz4H7tK1odpB4TE
ds3K2iG8oIc07G0JkO8ZW8CNWMcqCGiZLvLv2pCQpQeR0kxR2K+vCwcOXUy8gZcM
Njfoi1j43Hvtyet8gwOMSEUEoMjYRk9X4vqm5nOLxis4x5fWbdUqWIO7ORvLu+3T
gPqlTYCo053OC7jK4ToMjLDxiI1i1JtI
-----END CERTIFICATE-----
Generated at Tue Jun 23 14:57:17 2026 by rpki-client