Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/85C7E9C433FB11F1B026E006CF1D38B0.roa
File: 85C7E9C433FB11F1B026E006CF1D38B0.roa (raw, json)
Hash identifier: RZOHXkOe1ewQH1eLJ1Td5py+kJyjtDcpOU1tXlr97/M=
Subject key identifier: F8:2A:45:F8:7D:F5:A6:F5:2E:B5:A0:BC:B8:43:7E:7A:F9:B3:36:D5
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01C3C5
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/85C7E9C433FB11F1B026E006CF1D38B0.roa
Signing time: Thu 09 Apr 2026 10:04:40 +0000
ROA not before: Thu 09 Apr 2026 10:04:36 +0000
ROA not after: Fri 15 May 2026 10:04:36 +0000
asID: 397423
IP address blocks: 154.202.3.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 11 Apr 2026 11:22:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 115653 (0x1c3c5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Apr 9 10:04:36 2026 GMT
Not After : May 15 10:04:36 2026 GMT
Subject: CN=69d779b8-cace
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:fe:ce:bf:46:8d:cf:3a:81:59:5f:5f:a7:16:
9c:ef:3b:a7:42:34:52:de:1e:2b:bd:5a:1e:d8:fb:
f2:e3:52:30:08:13:65:30:80:fe:59:29:5e:e3:42:
50:81:a9:b6:f5:cf:aa:8b:67:5e:18:71:44:2a:b3:
43:1e:12:b3:16:54:85:5d:96:68:51:c7:0d:7f:33:
0e:86:c5:e1:a4:7d:f2:83:3f:a3:63:38:8d:d0:c5:
3a:4f:bf:a8:48:3d:da:91:3a:0d:8c:5f:36:c9:c3:
52:4a:ef:6e:b0:1a:60:bf:6d:e1:50:89:6f:c9:d1:
e0:1a:69:77:9c:9a:3d:a4:d7:7f:b1:55:cd:86:3d:
d8:67:06:4c:57:f5:67:2f:07:c9:8a:e0:2d:e4:27:
03:d1:e1:ff:33:23:92:e2:13:fd:ff:9a:64:d9:1a:
02:8f:07:43:77:7e:45:b8:e2:41:bc:25:79:cc:bc:
fc:44:33:8b:34:82:08:c5:f6:90:b9:fa:95:b5:62:
fc:59:8b:4a:5b:66:96:b3:8f:03:e6:d2:28:15:ea:
7e:b5:c0:19:95:cb:57:dc:27:91:81:ea:c4:58:52:
11:e9:6d:e7:58:05:3c:68:aa:ff:9b:f1:6e:41:5d:
58:70:4f:42:6b:62:1f:20:e1:16:e2:62:32:99:a5:
6e:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:2A:45:F8:7D:F5:A6:F5:2E:B5:A0:BC:B8:43:7E:7A:F9:B3:36:D5
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/85C7E9C433FB11F1B026E006CF1D38B0.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.202.3.0/24
Signature Algorithm: sha256WithRSAEncryption
79:5c:fe:fa:c3:e4:71:63:47:63:b5:e4:af:dc:bd:ed:49:a5:
41:42:1d:1f:39:13:67:e0:d6:64:b3:96:5a:40:ee:88:1f:9f:
45:f8:3f:ab:68:01:e9:13:07:9d:71:00:14:6b:e3:ca:de:fb:
fc:b0:dd:0e:16:63:96:8c:09:d5:6d:93:15:d2:e8:45:f7:31:
d7:c5:66:7f:d3:e6:67:53:93:4c:b6:cc:87:93:b0:f5:ec:75:
26:00:2c:07:66:f1:87:9c:03:37:45:14:3c:80:e2:c3:a6:a5:
86:d7:fc:88:75:f6:b4:2c:69:0e:32:14:8d:32:ea:bb:ec:48:
b4:d0:0f:50:d1:3e:96:16:d2:a9:0a:17:4e:f7:1f:3f:ac:80:
9b:5b:00:7a:11:c2:d6:47:11:5e:e4:ed:17:fe:f4:0e:73:54:
97:b6:7c:9f:3c:32:72:62:69:a2:43:1a:8f:69:b3:0c:3c:be:
4a:36:96:d4:3f:71:d6:16:b7:5b:25:54:17:93:9a:10:88:4a:
84:fe:43:c0:84:c0:86:d5:9d:76:85:d1:61:37:c8:83:4b:9a:
de:4d:4d:11:24:08:46:59:e4:b4:38:e5:b1:14:f3:23:b6:90:
0e:54:53:2d:6a:5a:b9:2f:ac:1d:70:a7:1f:94:b8:d3:28:54:
85:b2:9e:99
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAcPFMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjYwNDA5MTAwNDM2WhcNMjYwNTE1MTAwNDM2WjAYMRYw
FAYDVQQDEw02OWQ3NzliOC1jYWNlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAv/7Ov0aNzzqBWV9fpxac7zunQjRS3h4rvVoe2Pvy41IwCBNlMID+WSle
40JQgam29c+qi2deGHFEKrNDHhKzFlSFXZZoUccNfzMOhsXhpH3ygz+jYziN0MU6
T7+oSD3akToNjF82ycNSSu9usBpgv23hUIlvydHgGml3nJo9pNd/sVXNhj3YZwZM
V/VnLwfJiuAt5CcD0eH/MyOS4hP9/5pk2RoCjwdDd35FuOJBvCV5zLz8RDOLNIII
xfaQufqVtWL8WYtKW2aWs48D5tIoFep+tcAZlctX3CeRgerEWFIR6W3nWAU8aKr/
m/FuQV1YcE9Ca2IfIOEW4mIymaVupQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFPgq
Rfh99ab1LrWgvLhDfnr5szbVMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC84NUM3RTlDNDMzRkIxMUYxQjAyNkUwMDZDRjFEMzhCMC5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmsoDMA0GCSqGSIb3DQEB
CwUAA4IBAQB5XP76w+RxY0djteSv3L3tSaVBQh0fORNn4NZks5ZaQO6IH59F+D+r
aAHpEwedcQAUa+PK3vv8sN0OFmOWjAnVbZMV0uhF9zHXxWZ/0+ZnU5NMtsyHk7D1
7HUmACwHZvGHnAM3RRQ8gOLDpqWG1/yIdfa0LGkOMhSNMuq77Ei00A9Q0T6WFtKp
ChdO9x8/rICbWwB6EcLWRxFe5O0X/vQOc1SXtnyfPDJyYmmiQxqPabMMPL5KNpbU
P3HWFrdbJVQXk5oQiEqE/kPAhMCG1Z12hdFhN8iDS5reTU0RJAhGWeS0OOWxFPMj
tpAOVFMtalq5L6wdcKcflLjTKFSFsp6Z
-----END CERTIFICATE-----
Generated at Thu Apr 9 16:05:18 2026 by rpki-client