Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/89C8DB46697011F1A5580F0BCF1D38B0.roa
File: 89C8DB46697011F1A5580F0BCF1D38B0.roa (raw, json)
Hash identifier: T5e0ZCO4UemzC/lwzG/T4VuyA26x9rZX7UzrKgW5Too=
Subject key identifier: AC:81:1C:01:89:77:F2:0A:26:1C:A5:28:C4:DB:3C:0B:28:BB:62:3A
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01D32A
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/89C8DB46697011F1A5580F0BCF1D38B0.roa
Signing time: Tue 16 Jun 2026 10:45:50 +0000
ROA not before: Tue 16 Jun 2026 10:45:45 +0000
ROA not after: Thu 16 Jul 2026 10:45:45 +0000
asID: 401701
IP address blocks: 154.222.16.0/20 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 22 Jun 2026 00:07:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 119594 (0x1d32a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jun 16 10:45:45 2026 GMT
Not After : Jul 16 10:45:45 2026 GMT
Subject: CN=6a31295e-fff8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:d9:5f:9b:94:e4:8c:23:e7:c8:9a:1e:7d:01:
2d:9f:6a:c1:42:75:36:75:5e:49:ba:c7:9c:0c:86:
4e:63:bd:9f:96:11:d6:07:df:a7:1c:af:f0:c5:3b:
35:24:4e:05:ee:64:86:4b:c9:35:20:e2:05:d5:99:
a1:d5:36:93:6d:1f:82:30:4b:c1:84:fb:26:e8:48:
9c:e7:b1:ee:98:25:76:4c:83:5d:79:7e:9d:a7:1f:
83:c5:6e:92:d1:ef:4f:2f:d2:29:a2:d2:b4:44:66:
65:01:83:20:4b:a1:a3:61:9a:be:74:ee:af:5a:d5:
c7:aa:a0:37:3f:9f:0c:a2:e8:73:24:b9:0e:a3:e6:
c2:ba:9c:7c:84:7a:91:2a:f6:2d:3c:1b:31:3f:d7:
71:4e:70:28:b3:02:31:a0:cb:cc:91:14:2c:80:d0:
e5:36:44:f7:7e:40:d9:08:89:b6:b1:ee:21:10:a9:
1e:4e:8e:69:bd:a0:41:5a:12:fe:82:8b:bd:4d:0b:
d8:ff:90:6b:56:93:a6:50:be:7a:25:99:67:0f:cc:
80:7b:e3:7f:08:58:ed:9e:aa:48:0a:42:31:98:b3:
3e:68:25:ba:a6:13:72:d1:b3:af:bd:d6:04:b7:8c:
d1:d9:74:dc:f7:dd:fe:8a:b1:e4:a9:b7:45:30:14:
80:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:81:1C:01:89:77:F2:0A:26:1C:A5:28:C4:DB:3C:0B:28:BB:62:3A
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/89C8DB46697011F1A5580F0BCF1D38B0.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.222.16.0/20
Signature Algorithm: sha256WithRSAEncryption
10:ef:48:42:b5:1d:c7:58:03:ea:6c:70:ed:bb:54:21:00:72:
fd:cc:aa:34:79:c0:e8:7a:fe:79:ee:69:07:1a:54:eb:07:78:
8e:40:84:c0:25:4f:b0:76:0b:f4:08:f8:b3:b6:37:8f:0a:0d:
39:e2:c4:eb:b9:03:84:35:51:0b:eb:79:82:25:5a:92:1f:56:
67:73:2f:27:7a:8e:60:87:5b:91:ef:4d:b8:80:fe:4d:bb:6a:
15:55:ad:a1:8a:82:82:89:6e:37:75:6a:81:aa:e8:b5:e7:1e:
58:a5:c1:7b:c3:37:ee:98:1b:6a:c2:f7:0f:70:bb:b4:09:a5:
c1:86:e2:39:ff:ec:c2:b8:cd:d1:49:ff:33:de:9d:bd:61:c3:
6a:eb:7e:cb:f0:16:5b:04:93:0f:ef:f5:0e:8c:68:41:34:67:
ca:c0:09:f1:00:c8:0b:89:37:d2:9c:92:82:35:31:cf:02:39:
49:df:f2:cc:fa:e1:00:0d:00:64:1c:9f:66:81:46:01:f3:60:
74:18:32:b1:15:53:63:39:90:71:88:eb:cd:00:3b:98:00:14:
20:8b:08:ef:ce:1f:57:9b:bf:0d:a9:4c:7e:ce:1d:1d:4a:e1:
a9:45:f1:24:d6:5f:7a:a7:44:2e:c8:d0:ea:a0:0d:1d:23:40:
c6:78:53:ba
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAdMqMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjYwNjE2MTA0NTQ1WhcNMjYwNzE2MTA0NTQ1WjAYMRYw
FAYDVQQDEw02YTMxMjk1ZS1mZmY4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA1dlfm5TkjCPnyJoefQEtn2rBQnU2dV5JusecDIZOY72flhHWB9+nHK/w
xTs1JE4F7mSGS8k1IOIF1Zmh1TaTbR+CMEvBhPsm6Eic57HumCV2TINdeX6dpx+D
xW6S0e9PL9IpotK0RGZlAYMgS6GjYZq+dO6vWtXHqqA3P58MouhzJLkOo+bCupx8
hHqRKvYtPBsxP9dxTnAoswIxoMvMkRQsgNDlNkT3fkDZCIm2se4hEKkeTo5pvaBB
WhL+gou9TQvY/5BrVpOmUL56JZlnD8yAe+N/CFjtnqpICkIxmLM+aCW6phNy0bOv
vdYEt4zR2XTc993+irHkqbdFMBSAnQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFKyB
HAGJd/IKJhylKMTbPAsou2I6MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC84OUM4REI0NjY5NzAxMUYxQTU1ODBGMEJDRjFEMzhCMC5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEmt4QMA0GCSqGSIb3DQEB
CwUAA4IBAQAQ70hCtR3HWAPqbHDtu1QhAHL9zKo0ecDoev557mkHGlTrB3iOQITA
JU+wdgv0CPiztjePCg054sTruQOENVEL63mCJVqSH1Zncy8neo5gh1uR7024gP5N
u2oVVa2hioKCiW43dWqBqui15x5YpcF7wzfumBtqwvcPcLu0CaXBhuI5/+zCuM3R
Sf8z3p29YcNq637L8BZbBJMP7/UOjGhBNGfKwAnxAMgLiTfSnJKCNTHPAjlJ3/LM
+uEADQBkHJ9mgUYB82B0GDKxFVNjOZBxiOvNADuYABQgiwjvzh9Xm78NqUx+zh0d
SuGpRfEk1l96p0QuyNDqoA0dI0DGeFO6
-----END CERTIFICATE-----
Generated at Sat Jun 20 14:58:00 2026 by rpki-client