Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/C33EFBD46C9B11F1B89650C6CE1D38B0.roa
File: C33EFBD46C9B11F1B89650C6CE1D38B0.roa (raw, json)
Hash identifier: 6soFu1kW+snE0rlJOVrAh4mNL8EXNp7j6+tNJIec6rw=
Subject key identifier: A7:D2:13:C8:60:10:F4:0F:FB:F3:34:43:BF:3C:20:9A:3C:9F:3F:4B
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01D437
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/C33EFBD46C9B11F1B89650C6CE1D38B0.roa
Signing time: Sat 20 Jun 2026 11:32:48 +0000
ROA not before: Sat 20 Jun 2026 11:32:43 +0000
ROA not after: Mon 27 Jul 2026 11:32:43 +0000
asID: 55286
IP address blocks: 154.84.169.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Thu 25 Jun 2026 14:14:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 119863 (0x1d437)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jun 20 11:32:43 2026 GMT
Not After : Jul 27 11:32:43 2026 GMT
Subject: CN=6a367a60-904c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:75:5b:cb:e6:72:33:69:84:aa:55:d9:76:12:
d3:6b:ac:4a:80:16:84:85:3a:bc:de:4d:8a:8f:20:
ca:e7:61:9c:c7:c9:85:99:f4:a6:52:f7:69:55:bf:
c4:3f:a0:0d:d1:80:03:5e:34:25:76:e4:57:ac:55:
a8:91:f5:ed:0c:4a:5d:81:85:27:09:4f:ca:ed:09:
db:36:52:bb:38:c9:82:d1:25:fd:50:ae:51:ed:58:
6f:bf:db:c0:ed:e6:06:96:d5:cb:9a:8b:02:42:8f:
3c:5e:1e:e7:30:0d:11:88:bb:44:24:37:2d:e6:f5:
22:0b:de:49:e5:0f:ef:6b:ed:6e:9a:61:c2:ae:66:
53:3b:75:b9:e6:fb:01:65:10:ae:a5:21:03:26:d2:
e3:6f:47:54:bb:76:45:ba:ff:6a:86:99:4d:ef:e1:
96:1d:a7:20:a0:1f:74:36:15:f0:fa:0c:19:85:5e:
1a:9c:3a:1a:ef:26:3b:f0:c0:72:33:67:bb:e3:4a:
82:3a:63:59:6d:64:61:a7:ac:53:a8:e5:10:b6:c6:
e5:7d:6b:08:f0:f3:46:3d:29:f9:16:d7:24:b6:80:
7a:b5:a2:eb:f4:c7:de:9c:5a:81:d0:75:d1:bb:fe:
de:3a:db:0a:e0:0b:76:66:0e:0d:3d:97:44:9b:b4:
2d:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:D2:13:C8:60:10:F4:0F:FB:F3:34:43:BF:3C:20:9A:3C:9F:3F:4B
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/C33EFBD46C9B11F1B89650C6CE1D38B0.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.84.169.0/24
Signature Algorithm: sha256WithRSAEncryption
a3:b8:90:0b:9b:5a:3b:01:e6:00:7d:4e:32:ea:f1:21:ba:67:
4d:aa:5a:69:be:7b:47:93:fb:d4:b5:89:33:7c:f3:e6:83:11:
7a:03:89:2d:5b:60:48:9a:3b:24:21:8c:cb:67:1e:79:53:1f:
9a:98:b5:24:8e:20:aa:ea:dc:71:39:8d:fb:c7:31:f8:70:53:
04:40:56:7d:81:4a:2e:77:f3:aa:32:ca:5c:b3:f3:b2:4c:24:
d5:66:89:6a:61:50:39:f0:6e:d9:62:6e:08:ee:64:9f:2d:7c:
9b:18:a5:a1:07:b2:77:a0:5a:5b:18:8a:b2:ed:a0:16:92:7a:
58:d5:c9:27:9e:0b:93:30:fd:57:6a:9e:90:6a:8b:f9:ba:2f:
86:1c:9c:cb:9a:6b:b2:30:42:d7:0c:b5:68:1c:58:43:5e:fd:
ff:fe:1c:06:24:47:27:60:84:fa:5d:7f:af:cb:cd:8d:b0:9f:
b8:ff:5d:99:25:c2:bc:47:30:12:e6:03:d0:7b:95:14:81:0a:
68:70:c9:80:3d:0b:38:af:e9:98:48:d6:54:08:a5:a0:72:4d:
b4:76:e0:db:a2:fe:10:53:c9:63:04:89:a7:4f:d4:63:0e:70:
9a:79:3f:48:89:dd:27:08:3a:19:fd:b7:36:31:c6:cc:0f:6a:
7e:7d:07:09
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAdQ3MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjYwNjIwMTEzMjQzWhcNMjYwNzI3MTEzMjQzWjAYMRYw
FAYDVQQDEw02YTM2N2E2MC05MDRjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAvHVby+ZyM2mEqlXZdhLTa6xKgBaEhTq83k2KjyDK52Gcx8mFmfSmUvdp
Vb/EP6AN0YADXjQlduRXrFWokfXtDEpdgYUnCU/K7QnbNlK7OMmC0SX9UK5R7Vhv
v9vA7eYGltXLmosCQo88Xh7nMA0RiLtEJDct5vUiC95J5Q/va+1ummHCrmZTO3W5
5vsBZRCupSEDJtLjb0dUu3ZFuv9qhplN7+GWHacgoB90NhXw+gwZhV4anDoa7yY7
8MByM2e740qCOmNZbWRhp6xTqOUQtsblfWsI8PNGPSn5FtcktoB6taLr9MfenFqB
0HXRu/7eOtsK4At2Zg4NPZdEm7QtPQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFKfS
E8hgEPQP+/M0Q788IJo8nz9LMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9DMzNFRkJENDZDOUIxMUYxQjg5NjUwQzZDRTFEMzhCMC5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmlSpMA0GCSqGSIb3DQEB
CwUAA4IBAQCjuJALm1o7AeYAfU4y6vEhumdNqlppvntHk/vUtYkzfPPmgxF6A4kt
W2BImjskIYzLZx55Ux+amLUkjiCq6txxOY37xzH4cFMEQFZ9gUoud/OqMspcs/Oy
TCTVZolqYVA58G7ZYm4I7mSfLXybGKWhB7J3oFpbGIqy7aAWknpY1cknnguTMP1X
ap6Qaov5ui+GHJzLmmuyMELXDLVoHFhDXv3//hwGJEcnYIT6XX+vy82NsJ+4/12Z
JcK8RzAS5gPQe5UUgQpocMmAPQs4r+mYSNZUCKWgck20duDbov4QU8ljBImnT9Rj
DnCaeT9Iid0nCDoZ/bc2McbMD2p+fQcJ
-----END CERTIFICATE-----
Generated at Tue Jun 23 21:53:54 2026 by rpki-client