Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/BF6DDDD0581511F18A52A715CF1D38B0.roa
File: BF6DDDD0581511F18A52A715CF1D38B0.roa (raw, json)
Hash identifier: RYfLn6/0tOVYOYo6HHkwQ5wMpyF75XiClkmlF1JmcTQ=
Subject key identifier: 09:E8:54:06:37:27:F2:60:08:98:EF:DF:4C:4C:99:41:4E:1C:E8:4E
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01CF48
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/BF6DDDD0581511F18A52A715CF1D38B0.roa
Signing time: Mon 25 May 2026 08:43:06 +0000
ROA not before: Mon 25 May 2026 08:43:01 +0000
ROA not after: Sat 06 Jun 2026 08:43:01 +0000
asID: 8796
IP address blocks: 154.86.16.0/20 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 06 Jun 2026 08:43:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 118600 (0x1cf48)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: May 25 08:43:01 2026 GMT
Not After : Jun 6 08:43:01 2026 GMT
Subject: CN=6a140b9a-1f53
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:7f:ea:49:45:fe:33:05:c3:a7:f0:1b:a8:13:
74:fa:9e:1d:07:76:49:67:57:89:63:c6:64:0a:98:
0a:ed:17:e5:b0:63:ea:1a:ab:28:fe:1e:64:65:77:
e0:31:9f:cb:22:25:6a:c0:93:d5:88:8f:bf:a7:5b:
e9:5d:76:c1:21:0e:16:8d:88:29:9e:f7:cf:28:45:
5c:8a:99:9b:f1:49:4c:b3:76:c0:38:4b:01:f5:27:
cc:e8:38:f9:77:27:66:e6:e7:0f:00:ca:d8:fe:49:
62:b4:d1:38:7c:08:85:01:c9:c4:4f:ca:b3:a9:28:
dd:c5:ff:c9:6d:e1:be:17:a6:b6:84:7b:f3:bb:21:
60:12:37:ca:a6:93:93:f1:3f:99:b3:4c:73:a3:be:
38:3d:b2:10:26:e0:c8:d4:d1:49:36:bb:8a:c8:9c:
e4:20:19:ea:8a:84:a7:a2:19:94:b4:39:90:4e:43:
42:7b:5b:56:7c:ff:d8:89:71:e9:c7:cf:a4:a2:94:
95:d1:0c:60:3a:52:02:61:9a:ec:14:64:4b:58:ec:
b2:78:fa:69:cd:59:31:c9:74:42:64:1e:42:a7:ed:
7d:c9:0e:81:45:8c:8a:fb:67:0f:9e:1c:0f:f7:36:
95:09:ef:79:41:64:53:3e:2c:ba:0b:7f:ef:09:91:
77:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:E8:54:06:37:27:F2:60:08:98:EF:DF:4C:4C:99:41:4E:1C:E8:4E
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/BF6DDDD0581511F18A52A715CF1D38B0.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.86.16.0/20
Signature Algorithm: sha256WithRSAEncryption
69:0d:77:96:88:83:91:cb:0d:ff:1e:f9:01:59:6a:41:5c:e5:
be:bf:d5:0d:97:18:87:09:a7:74:ae:7b:ea:7d:79:de:7b:c3:
dc:32:59:59:f3:43:c7:e0:ab:a6:9d:0d:7a:e8:1d:b5:9d:cd:
bb:50:a0:1d:43:ee:a3:fd:f7:87:52:80:75:56:93:87:ac:91:
00:4e:00:43:6c:f1:f9:03:23:46:78:9a:19:b1:89:3d:47:41:
e9:6f:bd:4e:9d:9e:d7:c8:6e:0a:35:96:1e:99:af:98:48:74:
44:a8:7a:d8:b8:99:5f:de:a3:42:d4:54:47:df:b7:f7:bb:51:
ac:11:4f:f1:2f:51:e5:5f:96:0e:13:c6:71:9e:f0:d5:49:6f:
f0:c0:b4:99:60:d8:c0:ba:1f:12:a4:58:18:3a:cd:b8:c0:74:
91:d8:f9:d8:53:0d:1c:82:fe:29:75:ee:8f:7e:21:a9:68:0b:
0f:c9:c3:7c:85:44:dc:e9:12:87:45:b2:27:d5:46:fe:e0:85:
9a:83:b0:25:8e:ad:dd:66:16:b8:3b:31:c1:1b:c5:49:db:8b:
dd:75:24:e4:98:a2:64:7c:b3:3d:9a:31:e4:e5:c8:fb:fd:06:
c7:16:a8:8a:58:a4:99:a4:a8:f5:39:75:55:f5:67:16:94:3c:
31:71:8d:9f
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAc9IMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjYwNTI1MDg0MzAxWhcNMjYwNjA2MDg0MzAxWjAYMRYw
FAYDVQQDEw02YTE0MGI5YS0xZjUzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAy3/qSUX+MwXDp/AbqBN0+p4dB3ZJZ1eJY8ZkCpgK7RflsGPqGqso/h5k
ZXfgMZ/LIiVqwJPViI+/p1vpXXbBIQ4WjYgpnvfPKEVcipmb8UlMs3bAOEsB9SfM
6Dj5dydm5ucPAMrY/klitNE4fAiFAcnET8qzqSjdxf/JbeG+F6a2hHvzuyFgEjfK
ppOT8T+Zs0xzo744PbIQJuDI1NFJNruKyJzkIBnqioSnohmUtDmQTkNCe1tWfP/Y
iXHpx8+kopSV0QxgOlICYZrsFGRLWOyyePppzVkxyXRCZB5Cp+19yQ6BRYyK+2cP
nhwP9zaVCe95QWRTPiy6C3/vCZF36QIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFAno
VAY3J/JgCJjv30xMmUFOHOhOMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9CRjZEREREMDU4MTUxMUYxOEE1MkE3MTVDRjFEMzhCMC5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEmlYQMA0GCSqGSIb3DQEB
CwUAA4IBAQBpDXeWiIORyw3/HvkBWWpBXOW+v9UNlxiHCad0rnvqfXnee8PcMllZ
80PH4KumnQ166B21nc27UKAdQ+6j/feHUoB1VpOHrJEATgBDbPH5AyNGeJoZsYk9
R0Hpb71OnZ7XyG4KNZYema+YSHREqHrYuJlf3qNC1FRH37f3u1GsEU/xL1HlX5YO
E8ZxnvDVSW/wwLSZYNjAuh8SpFgYOs24wHSR2PnYUw0cgv4pde6PfiGpaAsPycN8
hUTc6RKHRbIn1Ub+4IWag7Aljq3dZha4OzHBG8VJ24vddSTkmKJkfLM9mjHk5cj7
/QbHFqiKWKSZpKj1OXVV9WcWlDwxcY2f
-----END CERTIFICATE-----
Generated at Sat Jun 6 05:21:55 2026 by rpki-client