Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/9D6DBEAC4DF811F1A2FC40FDCE1D38B0.roa
File: 9D6DBEAC4DF811F1A2FC40FDCE1D38B0.roa (raw, json)
Hash identifier: qotZmTw6MbjReJ8tp+APgx0/f4HwKBsPeJvUJE872pA=
Subject key identifier: 8B:12:7B:FD:B5:A1:A7:68:B6:5A:71:4E:40:77:14:E9:D4:31:4D:96
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01CB45
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/9D6DBEAC4DF811F1A2FC40FDCE1D38B0.roa
Signing time: Tue 12 May 2026 11:49:22 +0000
ROA not before: Tue 12 May 2026 11:49:17 +0000
ROA not after: Thu 25 Jun 2026 11:49:17 +0000
asID: 205489
IP address blocks: 154.90.64.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Thu 14 May 2026 12:11:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 117573 (0x1cb45)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: May 12 11:49:17 2026 GMT
Not After : Jun 25 11:49:17 2026 GMT
Subject: CN=6a0313c2-03c9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:21:8f:ea:e9:a5:bb:d6:2c:e1:9f:4e:c8:fd:
17:39:15:26:64:49:f0:43:84:75:aa:67:23:fc:38:
08:dd:04:b2:a6:8e:6f:b4:97:bb:40:2e:80:70:ac:
f4:eb:c4:45:86:0b:70:33:85:28:a2:e7:80:d9:4e:
2e:66:e1:9f:5f:51:be:90:69:08:b8:47:2e:eb:f0:
ae:7a:95:68:72:64:df:89:69:56:d7:ca:64:d0:68:
48:10:3f:d3:1c:2e:dc:f2:0c:41:09:f4:26:d4:f6:
97:85:58:74:88:58:5e:59:ad:3b:c4:60:89:75:79:
0e:54:a5:4d:fc:b6:b3:42:4b:ac:3d:69:16:af:8f:
86:a3:d0:a0:a7:38:a1:40:46:23:cf:8a:07:01:30:
88:27:8a:c1:d9:78:4c:2a:e5:8c:b2:04:ff:73:13:
8c:69:53:e8:5d:a1:51:2c:4a:d2:0a:61:e8:53:07:
44:3e:26:63:59:f5:67:97:c3:42:4a:2b:3c:a5:1b:
56:4c:2d:52:5c:cd:4b:48:07:54:5b:10:38:21:e2:
78:82:8f:91:49:8b:91:80:b7:4f:d6:32:52:6f:0b:
88:7b:44:74:cb:78:33:e4:46:40:3b:b6:0e:05:4d:
20:fb:bc:3f:9e:43:d0:89:10:cd:50:64:71:97:57:
85:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:12:7B:FD:B5:A1:A7:68:B6:5A:71:4E:40:77:14:E9:D4:31:4D:96
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/9D6DBEAC4DF811F1A2FC40FDCE1D38B0.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.90.64.0/24
Signature Algorithm: sha256WithRSAEncryption
a0:dd:b5:13:5e:c3:80:a3:ce:96:38:2a:b9:85:15:30:a3:8b:
1d:52:82:e3:c1:7b:c8:f1:76:9f:dc:18:21:6d:56:ab:67:ff:
60:d8:fe:76:56:4f:5a:53:0d:50:4c:d8:bd:f7:95:b4:4d:02:
23:a3:4e:c0:11:c2:15:f1:83:5a:66:46:1e:0e:24:71:99:52:
0d:35:d4:32:af:b2:1b:93:2c:e0:d0:2e:86:54:6c:1b:08:66:
3d:8e:3a:b4:92:3a:ee:81:c2:1e:a8:56:9a:ad:07:f6:60:38:
a3:09:59:06:06:82:38:a9:3d:2f:16:7f:36:43:b7:39:1e:15:
99:9d:9a:40:e5:98:01:8d:f6:d8:ad:17:5d:45:05:9d:2a:f7:
d2:e9:87:f6:95:dc:8a:01:88:35:94:3d:9d:22:ca:9a:6c:de:
9b:7b:b7:72:95:0c:72:43:bb:74:30:3d:3d:d6:39:53:fe:4e:
6d:96:b2:f6:44:d6:8f:df:56:42:d0:9d:bf:43:33:54:8f:f1:
61:b6:4e:56:50:0f:0d:17:23:a7:21:5a:b1:5c:cf:6a:54:29:
a2:e3:2f:c3:cb:50:ab:2d:bc:d1:94:0d:c2:23:47:51:19:d3:
89:f9:fe:96:27:9b:99:9b:3e:80:a9:4e:c3:d2:cd:c8:c7:a1:
b6:3e:f6:8d
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDActFMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjYwNTEyMTE0OTE3WhcNMjYwNjI1MTE0OTE3WjAYMRYw
FAYDVQQDEw02YTAzMTNjMi0wM2M5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAviGP6umlu9Ys4Z9OyP0XORUmZEnwQ4R1qmcj/DgI3QSypo5vtJe7QC6A
cKz068RFhgtwM4UooueA2U4uZuGfX1G+kGkIuEcu6/CuepVocmTfiWlW18pk0GhI
ED/THC7c8gxBCfQm1PaXhVh0iFheWa07xGCJdXkOVKVN/LazQkusPWkWr4+Go9Cg
pzihQEYjz4oHATCIJ4rB2XhMKuWMsgT/cxOMaVPoXaFRLErSCmHoUwdEPiZjWfVn
l8NCSis8pRtWTC1SXM1LSAdUWxA4IeJ4go+RSYuRgLdP1jJSbwuIe0R0y3gz5EZA
O7YOBU0g+7w/nkPQiRDNUGRxl1eFKQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFIsS
e/21oadotlpxTkB3FOnUMU2WMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC85RDZEQkVBQzRERjgxMUYxQTJGQzQwRkRDRTFEMzhCMC5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmlpAMA0GCSqGSIb3DQEB
CwUAA4IBAQCg3bUTXsOAo86WOCq5hRUwo4sdUoLjwXvI8Xaf3BghbVarZ/9g2P52
Vk9aUw1QTNi995W0TQIjo07AEcIV8YNaZkYeDiRxmVINNdQyr7Ibkyzg0C6GVGwb
CGY9jjq0kjrugcIeqFaarQf2YDijCVkGBoI4qT0vFn82Q7c5HhWZnZpA5ZgBjfbY
rRddRQWdKvfS6Yf2ldyKAYg1lD2dIsqabN6be7dylQxyQ7t0MD091jlT/k5tlrL2
RNaP31ZC0J2/QzNUj/Fhtk5WUA8NFyOnIVqxXM9qVCmi4y/Dy1CrLbzRlA3CI0dR
GdOJ+f6WJ5uZmz6AqU7D0s3Ix6G2PvaN
-----END CERTIFICATE-----
Generated at Tue May 12 21:39:12 2026 by rpki-client