Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/A032F57A4B8311F1B9B7FA11CF1D38B0.roa
File: A032F57A4B8311F1B9B7FA11CF1D38B0.roa (raw, json)
Hash identifier: calimiOqczsxm8+NiJHLCzAzsI+XD0pr21q3lo4U2co=
Subject key identifier: 80:CC:F7:3B:A9:97:73:0F:FA:51:DD:BE:ED:52:B5:DA:04:7E:01:6A
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01CA98
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/A032F57A4B8311F1B9B7FA11CF1D38B0.roa
Signing time: Sat 09 May 2026 08:46:53 +0000
ROA not before: Sat 09 May 2026 08:46:48 +0000
ROA not after: Tue 16 Jun 2026 08:46:48 +0000
asID: 401696
IP address blocks: 154.222.16.0/20 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 11 May 2026 00:07:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 117400 (0x1ca98)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: May 9 08:46:48 2026 GMT
Not After : Jun 16 08:46:48 2026 GMT
Subject: CN=69fef47d-145c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:14:dd:dd:8e:40:b1:fa:ce:86:d0:3c:dc:da:
83:f6:77:05:0e:2b:53:ab:77:ce:95:92:36:0b:65:
cc:7e:bd:0a:22:b8:06:b9:fd:33:c1:bb:fc:a7:dc:
2e:f3:c4:44:2b:eb:7b:3b:43:84:29:c2:a9:fd:29:
e5:83:d6:f5:96:fc:9b:1e:58:86:a1:4c:a0:dd:c0:
88:00:7e:9d:08:59:bb:49:d2:d7:b6:43:9c:6c:6d:
55:79:2f:ac:6c:8e:51:23:8b:a1:81:44:94:97:2e:
c4:58:1d:0d:47:2e:34:33:69:c1:88:d9:26:dd:f4:
2d:0c:d9:c4:fb:65:bb:b9:1e:2b:35:bf:52:4b:70:
9c:1d:18:d1:1c:d3:19:cd:ad:fc:b1:1b:d5:f3:79:
81:7c:b4:cc:15:8b:d1:d4:04:30:99:10:87:02:f6:
75:59:a1:92:f8:a3:39:bf:36:53:c2:6d:ad:6c:cc:
e3:3e:d2:ea:44:d6:2b:c4:53:90:e0:6b:7b:69:97:
23:ad:59:02:e2:3a:be:f9:ac:91:f4:2c:12:d3:82:
1d:4f:1b:81:43:7d:f4:74:f4:6e:86:41:c3:1d:c2:
10:1e:5a:5d:96:35:d6:d9:45:c0:0d:f4:de:36:6f:
b0:e4:4a:5d:79:e2:3b:c6:a9:ef:33:55:03:75:0c:
ec:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:CC:F7:3B:A9:97:73:0F:FA:51:DD:BE:ED:52:B5:DA:04:7E:01:6A
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/A032F57A4B8311F1B9B7FA11CF1D38B0.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.222.16.0/20
Signature Algorithm: sha256WithRSAEncryption
0c:e9:2d:70:b4:96:a1:95:5f:7c:5a:41:43:c2:a6:70:3d:c5:
dd:5e:84:df:84:bd:74:6d:8d:9a:1c:8f:9d:a6:73:d3:11:6b:
df:ec:61:95:a5:34:e9:7c:73:a5:1c:23:4d:b9:6d:1d:32:6b:
ec:a8:bf:7a:cf:95:c3:7d:f6:12:3e:5d:4b:a3:75:41:62:6f:
a9:a9:c0:d6:62:8c:f7:a0:b4:5c:c1:94:17:77:16:b2:d9:15:
3e:91:6b:f2:81:7a:1f:97:00:85:f7:bc:c9:2a:bb:4f:53:a8:
07:70:ff:cd:25:e9:79:cb:5f:98:a9:6f:3a:fa:68:6b:64:6b:
57:f3:44:c0:0b:0c:c4:7d:1f:39:f5:2f:80:67:74:08:85:71:
ee:0c:64:75:79:6c:67:63:11:b0:f2:fe:e0:07:e4:39:7c:4c:
14:26:ec:ec:f1:40:91:f2:3c:97:8c:2c:10:9e:70:f6:77:aa:
d4:4f:19:85:58:ff:70:b3:73:3c:df:2a:6e:88:e1:19:83:24:
df:7d:37:57:d0:75:af:f8:d4:8b:10:67:5d:58:d9:e0:f9:1a:
12:85:b3:58:66:61:a4:7e:f1:db:b6:2c:85:cd:4e:3b:6d:82:
0c:b7:06:ee:f9:85:2a:4c:7f:9c:e1:74:df:64:ba:56:21:4f:
b5:e4:af:dc
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAcqYMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjYwNTA5MDg0NjQ4WhcNMjYwNjE2MDg0NjQ4WjAYMRYw
FAYDVQQDEw02OWZlZjQ3ZC0xNDVjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAxRTd3Y5AsfrOhtA83NqD9ncFDitTq3fOlZI2C2XMfr0KIrgGuf0zwbv8
p9wu88REK+t7O0OEKcKp/Snlg9b1lvybHliGoUyg3cCIAH6dCFm7SdLXtkOcbG1V
eS+sbI5RI4uhgUSUly7EWB0NRy40M2nBiNkm3fQtDNnE+2W7uR4rNb9SS3CcHRjR
HNMZza38sRvV83mBfLTMFYvR1AQwmRCHAvZ1WaGS+KM5vzZTwm2tbMzjPtLqRNYr
xFOQ4Gt7aZcjrVkC4jq++ayR9CwS04IdTxuBQ330dPRuhkHDHcIQHlpdljXW2UXA
DfTeNm+w5EpdeeI7xqnvM1UDdQzsTwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFIDM
9zupl3MP+lHdvu1StdoEfgFqMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9BMDMyRjU3QTRCODMxMUYxQjlCN0ZBMTFDRjFEMzhCMC5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEmt4QMA0GCSqGSIb3DQEB
CwUAA4IBAQAM6S1wtJahlV98WkFDwqZwPcXdXoTfhL10bY2aHI+dpnPTEWvf7GGV
pTTpfHOlHCNNuW0dMmvsqL96z5XDffYSPl1Lo3VBYm+pqcDWYoz3oLRcwZQXdxay
2RU+kWvygXoflwCF97zJKrtPU6gHcP/NJel5y1+YqW86+mhrZGtX80TACwzEfR85
9S+AZ3QIhXHuDGR1eWxnYxGw8v7gB+Q5fEwUJuzs8UCR8jyXjCwQnnD2d6rUTxmF
WP9ws3M83ypuiOEZgyTffTdX0HWv+NSLEGddWNng+RoShbNYZmGkfvHbtiyFzU47
bYIMtwbu+YUqTH+c4XTfZLpWIU+15K/c
-----END CERTIFICATE-----
Generated at Sat May 9 11:01:03 2026 by rpki-client