Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/8964C2984D0811F18DA41DD1CE1D38B0.roa
File: 8964C2984D0811F18DA41DD1CE1D38B0.roa (raw, json)
Hash identifier: /FhEitytmmiQJ4tBjqpR38ruJ4qjNBcxi6io6AYyzlc=
Subject key identifier: 07:CD:7B:8F:AD:70:76:3D:05:98:5D:54:14:82:AD:96:F7:85:F8:02
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01CAFA
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/8964C2984D0811F18DA41DD1CE1D38B0.roa
Signing time: Mon 11 May 2026 07:10:49 +0000
ROA not before: Mon 11 May 2026 07:10:43 +0000
ROA not after: Mon 18 May 2026 07:10:43 +0000
asID: 395886
IP address blocks: 154.86.16.0/20 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 15 May 2026 00:07:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 117498 (0x1cafa)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: May 11 07:10:43 2026 GMT
Not After : May 18 07:10:43 2026 GMT
Subject: CN=6a0180f9-2636
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:42:0b:8a:1d:fd:91:de:9e:8c:76:05:02:39:
7a:21:62:f6:ec:85:af:87:2c:de:25:80:f3:de:d3:
28:9e:e0:44:b5:0b:1a:2f:80:7b:bc:13:b1:7b:28:
56:c4:67:19:98:9c:ae:66:0c:58:e7:6c:f4:b5:2f:
a1:c2:85:16:8b:26:c5:d6:b2:89:65:5c:3f:70:7d:
bd:2b:24:07:b3:da:30:11:3c:11:ac:3f:0e:ac:a1:
f2:dc:dd:2c:5e:14:2f:1a:fc:6c:e9:ec:30:50:ca:
fb:d5:c2:63:ec:6b:f1:85:02:16:b5:5f:69:33:71:
79:b8:b1:67:28:86:07:69:c3:3c:d5:0b:db:3a:15:
fb:be:38:2f:76:0b:2f:b0:46:53:2d:d2:3f:ad:b8:
85:a6:6c:1c:b2:2e:a3:ef:2f:1d:bd:48:c3:a6:e9:
e5:10:07:ad:8f:70:30:03:56:1b:c8:eb:1b:55:6d:
f0:c7:82:75:7f:5e:1e:02:7f:d4:1f:7a:a2:23:ed:
56:23:a2:08:36:85:9f:ca:71:63:3e:b8:ff:24:98:
07:38:08:9f:c4:10:0f:13:d1:a6:c6:72:df:a5:6a:
87:38:7f:43:44:4a:f7:13:32:ef:fd:1f:91:46:2d:
1f:b7:71:f2:1c:37:86:6e:06:45:e6:b8:a7:b0:bc:
b7:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:CD:7B:8F:AD:70:76:3D:05:98:5D:54:14:82:AD:96:F7:85:F8:02
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/8964C2984D0811F18DA41DD1CE1D38B0.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.86.16.0/20
Signature Algorithm: sha256WithRSAEncryption
d6:a4:fc:15:a6:9e:0b:ac:7c:46:19:34:51:a1:8b:4b:b1:01:
bb:e1:fa:71:8f:78:bb:96:63:2b:7a:41:d9:a3:50:91:d4:a7:
8d:16:14:7b:18:ef:a9:d0:d0:73:c2:12:1e:22:08:08:8a:b4:
8d:57:30:82:86:8e:c2:da:8f:1a:36:8c:7a:3d:f9:df:09:d4:
b9:f1:30:37:fa:95:ea:bd:ac:55:29:d5:3f:97:93:ec:71:16:
d9:26:46:93:2e:81:1e:2b:8e:58:5f:c9:44:98:16:6b:4d:bf:
f7:62:46:46:b3:80:8f:9b:58:53:38:a6:ce:76:f5:29:9d:2c:
52:da:15:07:e2:3a:24:87:02:0d:fe:2d:39:8a:d3:02:9d:ce:
57:05:bc:9b:d1:5f:4f:fc:f9:bf:6b:81:1d:e1:64:3f:c6:6f:
09:fd:f1:df:5c:43:40:17:28:66:e6:2d:9e:d8:3f:ed:a6:dc:
10:b1:4b:8d:c1:41:5c:0a:44:53:24:67:31:4a:d9:c5:f7:40:
db:97:65:ac:6f:fb:26:98:c4:75:38:b6:33:be:22:34:ca:35:
cb:6f:fc:eb:16:9c:25:a7:e4:5d:7d:db:5b:e2:ba:65:a7:27:
7c:78:02:88:86:41:84:32:00:9b:fd:a0:c1:6f:96:ec:a3:e1:
42:6b:c0:e9
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAcr6MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjYwNTExMDcxMDQzWhcNMjYwNTE4MDcxMDQzWjAYMRYw
FAYDVQQDEw02YTAxODBmOS0yNjM2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAw0ILih39kd6ejHYFAjl6IWL27IWvhyzeJYDz3tMonuBEtQsaL4B7vBOx
eyhWxGcZmJyuZgxY52z0tS+hwoUWiybF1rKJZVw/cH29KyQHs9owETwRrD8OrKHy
3N0sXhQvGvxs6ewwUMr71cJj7GvxhQIWtV9pM3F5uLFnKIYHacM81QvbOhX7vjgv
dgsvsEZTLdI/rbiFpmwcsi6j7y8dvUjDpunlEAetj3AwA1YbyOsbVW3wx4J1f14e
An/UH3qiI+1WI6IINoWfynFjPrj/JJgHOAifxBAPE9GmxnLfpWqHOH9DREr3EzLv
/R+RRi0ft3HyHDeGbgZF5rinsLy3fQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFAfN
e4+tcHY9BZhdVBSCrZb3hfgCMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC84OTY0QzI5ODREMDgxMUYxOERBNDFERDFDRTFEMzhCMC5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEmlYQMA0GCSqGSIb3DQEB
CwUAA4IBAQDWpPwVpp4LrHxGGTRRoYtLsQG74fpxj3i7lmMrekHZo1CR1KeNFhR7
GO+p0NBzwhIeIggIirSNVzCCho7C2o8aNox6PfnfCdS58TA3+pXqvaxVKdU/l5Ps
cRbZJkaTLoEeK45YX8lEmBZrTb/3YkZGs4CPm1hTOKbOdvUpnSxS2hUH4jokhwIN
/i05itMCnc5XBbyb0V9P/Pm/a4Ed4WQ/xm8J/fHfXENAFyhm5i2e2D/tptwQsUuN
wUFcCkRTJGcxStnF90Dbl2Wsb/smmMR1OLYzviI0yjXLb/zrFpwlp+Rdfdtb4rpl
pyd8eAKIhkGEMgCb/aDBb5bso+FCa8Dp
-----END CERTIFICATE-----
Generated at Wed May 13 06:37:26 2026 by rpki-client