Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/E69F3B70449B11F194A76609CF1D38B0.roa
File: E69F3B70449B11F194A76609CF1D38B0.roa (raw, json)
Hash identifier: gbUs3Q0ohwJJyVi7hmjICfpdEoTVG8hbbybcsd4B0F8=
Subject key identifier: F3:34:09:24:A7:DB:00:B7:56:93:A4:FD:26:0C:B2:C7:A6:C2:EC:1D
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01C851
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/E69F3B70449B11F194A76609CF1D38B0.roa
Signing time: Thu 30 Apr 2026 13:53:01 +0000
ROA not before: Thu 30 Apr 2026 13:52:56 +0000
ROA not after: Wed 03 Jun 2026 13:52:56 +0000
asID: 198652
IP address blocks: 154.198.12.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 11 May 2026 00:07:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 116817 (0x1c851)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Apr 30 13:52:56 2026 GMT
Not After : Jun 3 13:52:56 2026 GMT
Subject: CN=69f35ebd-8961
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:d4:4f:58:7f:98:41:f1:5d:65:eb:7f:71:40:
52:52:30:d8:00:15:30:e2:6b:0c:8d:f6:ad:3d:e0:
a1:1d:ae:21:56:61:f3:61:07:ee:0f:88:4b:84:69:
c4:90:8c:fc:48:b6:61:6a:e8:5e:4d:3a:dd:13:01:
51:6f:c9:e6:a6:2f:ba:67:bd:80:3e:d2:04:6d:84:
26:e3:05:ed:29:6d:3d:91:6b:9c:6a:84:74:e6:1c:
0d:a2:9e:34:34:9b:d8:49:ad:bf:7a:be:a6:4f:48:
11:86:f5:dc:ee:ca:30:25:b6:8e:3b:08:bf:1a:08:
93:67:88:15:de:84:7a:6a:c3:9c:e7:e2:f5:df:64:
3c:7e:16:1d:00:d8:5a:03:c6:04:c6:7e:50:fd:c6:
6c:6f:96:99:3d:93:0e:fb:c1:dc:b7:28:fb:e8:35:
15:6a:c5:ff:e0:23:ec:e7:c4:6d:32:d7:77:14:38:
92:8a:62:50:c1:52:c5:10:cd:69:77:fa:6c:db:c5:
9a:f7:09:6c:ae:4a:68:19:5e:dd:91:7d:0f:dd:79:
96:e6:0c:e7:b3:b3:25:3b:cc:8f:c2:03:f0:bf:8e:
19:de:0c:ac:d2:05:2e:3b:bd:47:d2:0f:33:56:48:
c1:d2:a1:92:fd:93:f1:6c:a8:cd:a3:0e:2e:2e:0e:
08:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:34:09:24:A7:DB:00:B7:56:93:A4:FD:26:0C:B2:C7:A6:C2:EC:1D
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/E69F3B70449B11F194A76609CF1D38B0.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.198.12.0/24
Signature Algorithm: sha256WithRSAEncryption
21:27:74:1c:5a:54:3d:ea:b2:0f:3e:bc:2d:23:88:73:67:b7:
ef:3b:1a:ec:b4:f3:11:63:de:11:44:6c:7e:13:02:39:db:ab:
0d:8b:87:a8:b9:0d:60:9f:04:b0:58:6d:e5:60:f1:72:3a:8b:
85:55:a5:d8:eb:45:68:38:82:f2:06:c0:9d:a4:3c:1f:d0:17:
e4:bd:db:ec:11:58:47:ad:c8:9f:c9:93:de:a2:5b:47:3d:8d:
38:5e:09:86:54:7c:fc:4a:b8:73:ed:dd:47:c0:0a:e7:ee:5a:
3f:6b:b0:58:21:97:c4:ef:ff:44:b5:a2:94:6d:51:fe:f9:96:
c7:31:13:ea:b0:2e:4b:5c:e2:6b:f8:27:9b:90:84:db:f5:11:
53:a4:b7:2e:41:32:46:25:47:f8:39:0d:2d:35:af:78:13:c6:
15:cd:94:98:a8:04:69:ce:b7:8e:e3:5e:c4:cc:ea:56:de:5c:
47:a3:b5:ce:fe:e9:c7:8c:09:85:d8:2c:a7:8d:03:54:3b:4d:
f5:b4:41:3a:94:c5:7e:59:7c:16:1f:74:8f:80:05:b1:be:bd:
52:04:ec:52:1f:45:40:40:89:e7:19:51:f3:f8:97:b1:55:a2:
76:7d:84:a6:36:95:7c:ed:a9:fa:b5:c2:bc:76:4a:46:16:33:
de:ed:b4:fb
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAchRMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjYwNDMwMTM1MjU2WhcNMjYwNjAzMTM1MjU2WjAYMRYw
FAYDVQQDEw02OWYzNWViZC04OTYxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA0dRPWH+YQfFdZet/cUBSUjDYABUw4msMjfatPeChHa4hVmHzYQfuD4hL
hGnEkIz8SLZhauheTTrdEwFRb8nmpi+6Z72APtIEbYQm4wXtKW09kWucaoR05hwN
op40NJvYSa2/er6mT0gRhvXc7sowJbaOOwi/GgiTZ4gV3oR6asOc5+L132Q8fhYd
ANhaA8YExn5Q/cZsb5aZPZMO+8Hctyj76DUVasX/4CPs58RtMtd3FDiSimJQwVLF
EM1pd/ps28Wa9wlsrkpoGV7dkX0P3XmW5gzns7MlO8yPwgPwv44Z3gys0gUuO71H
0g8zVkjB0qGS/ZPxbKjNow4uLg4I8QIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFPM0
CSSn2wC3VpOk/SYMssemwuwdMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9FNjlGM0I3MDQ0OUIxMUYxOTRBNzY2MDlDRjFEMzhCMC5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmsYMMA0GCSqGSIb3DQEB
CwUAA4IBAQAhJ3QcWlQ96rIPPrwtI4hzZ7fvOxrstPMRY94RRGx+EwI526sNi4eo
uQ1gnwSwWG3lYPFyOouFVaXY60VoOILyBsCdpDwf0BfkvdvsEVhHrcifyZPeoltH
PY04XgmGVHz8Srhz7d1HwArn7lo/a7BYIZfE7/9EtaKUbVH++ZbHMRPqsC5LXOJr
+CebkITb9RFTpLcuQTJGJUf4OQ0tNa94E8YVzZSYqARpzreO417EzOpW3lxHo7XO
/unHjAmF2CynjQNUO031tEE6lMV+WXwWH3SPgAWxvr1SBOxSH0VAQInnGVHz+Jex
VaJ2fYSmNpV87an6tcK8dkpGFjPe7bT7
-----END CERTIFICATE-----
Generated at Sat May 9 11:02:46 2026 by rpki-client