Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/586D93D250F911F19A83E6C4CE1D38B0.roa
File: 586D93D250F911F19A83E6C4CE1D38B0.roa (raw, json)
Hash identifier: 4NPdmm1t5dcxQ9oQZdgFeakTPRSLWKfxMkpO1HKke7I=
Subject key identifier: D1:7B:0A:A1:B8:F1:53:62:A6:A7:EE:50:86:E3:7E:B8:B5:2E:68:0C
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01CBDD
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/586D93D250F911F19A83E6C4CE1D38B0.roa
Signing time: Sat 16 May 2026 07:32:09 +0000
ROA not before: Sat 16 May 2026 07:32:04 +0000
ROA not after: Tue 16 Jun 2026 07:32:04 +0000
asID: 271916
IP address blocks: 154.205.24.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 15 Jun 2026 00:07:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 117725 (0x1cbdd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: May 16 07:32:04 2026 GMT
Not After : Jun 16 07:32:04 2026 GMT
Subject: CN=6a081d79-146b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:d4:04:87:72:d3:e7:3e:e0:da:7f:c2:5b:dc:
cb:1c:89:e7:fc:d2:df:7e:68:b5:57:13:cc:bc:aa:
26:83:a7:41:60:31:ac:9b:23:e9:29:29:ec:ac:e9:
b3:b0:76:ea:1d:3e:8b:3a:68:56:48:5d:e3:c2:d6:
89:a3:20:1d:aa:b5:38:7d:86:54:4b:e4:3b:ab:fa:
6c:ba:25:6c:b8:9f:27:19:d9:eb:0f:6b:b8:f8:5f:
bf:6b:cb:97:a8:84:83:c9:ba:ce:b8:d6:e0:84:85:
81:d9:2d:18:13:cd:36:7f:d5:0a:55:12:a9:02:49:
63:19:fe:0a:6c:e8:40:f7:d5:17:6a:e8:2f:11:59:
70:32:2e:d4:eb:a1:a6:d9:e6:84:34:f5:b9:c0:08:
35:1d:1c:7b:ad:2e:60:83:2d:d2:d3:3c:9d:40:c1:
21:98:5f:06:5c:7b:bb:34:2b:b8:2c:74:57:71:59:
2f:84:51:02:65:73:11:8f:4b:6a:1c:81:c2:90:05:
89:ef:47:75:68:b3:f0:be:19:1a:45:ba:6c:d1:a1:
72:a1:96:0e:be:52:11:28:e7:32:72:dc:11:27:fd:
fc:56:a2:5a:07:ca:d5:ee:16:aa:cb:15:03:21:07:
e6:6d:b1:d3:79:60:fd:9d:ab:9f:aa:de:f6:54:72:
02:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:7B:0A:A1:B8:F1:53:62:A6:A7:EE:50:86:E3:7E:B8:B5:2E:68:0C
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/586D93D250F911F19A83E6C4CE1D38B0.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.205.24.0/22
Signature Algorithm: sha256WithRSAEncryption
42:6a:c1:87:7d:a0:59:e1:8e:75:a7:40:ff:90:d3:2f:55:9e:
36:e7:ce:36:0d:2c:18:24:c9:51:07:e9:ce:14:d3:85:aa:c7:
4f:0b:94:7e:4d:b4:d8:90:96:17:b0:90:11:3d:53:ef:18:9c:
c7:0e:25:55:b9:a6:1e:c3:30:98:f1:75:1f:86:db:77:17:d2:
40:b3:c0:1e:15:c8:91:81:68:2e:f3:37:fa:1d:09:7d:be:d4:
41:e3:49:1a:5c:c8:df:93:4d:50:bc:3a:19:29:3f:8d:fa:12:
97:07:99:3d:aa:61:01:e6:4d:73:4f:d2:57:f8:00:e3:59:74:
27:9a:cf:f0:78:82:94:40:c1:5a:af:5f:f8:8b:e7:42:31:d1:
5b:aa:2a:f1:a1:4c:12:db:83:30:67:c1:31:d8:64:79:c4:74:
41:f5:1c:20:e6:8d:dd:0b:fe:63:5c:ef:33:fe:c2:d3:f3:e9:
45:d4:41:c5:ac:96:89:fa:d2:79:5f:c5:f3:fe:cd:8a:bd:2c:
20:af:af:b7:8f:cd:6f:e7:b8:cf:e7:e6:d5:a0:be:06:e7:aa:
70:8d:71:30:3e:1a:11:68:ca:71:63:87:73:5c:7b:f8:56:92:
3d:15:72:a6:5a:ae:fe:59:05:25:90:89:bf:8a:bc:97:32:da:
b8:f7:2d:02
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAcvdMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjYwNTE2MDczMjA0WhcNMjYwNjE2MDczMjA0WjAYMRYw
FAYDVQQDEw02YTA4MWQ3OS0xNDZiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAwNQEh3LT5z7g2n/CW9zLHInn/NLffmi1VxPMvKomg6dBYDGsmyPpKSns
rOmzsHbqHT6LOmhWSF3jwtaJoyAdqrU4fYZUS+Q7q/psuiVsuJ8nGdnrD2u4+F+/
a8uXqISDybrOuNbghIWB2S0YE802f9UKVRKpAkljGf4KbOhA99UXaugvEVlwMi7U
66Gm2eaENPW5wAg1HRx7rS5ggy3S0zydQMEhmF8GXHu7NCu4LHRXcVkvhFECZXMR
j0tqHIHCkAWJ70d1aLPwvhkaRbps0aFyoZYOvlIRKOcyctwRJ/38VqJaB8rV7haq
yxUDIQfmbbHTeWD9naufqt72VHICWQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFNF7
CqG48VNipqfuUIbjfri1LmgMMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC81ODZEOTNEMjUwRjkxMUYxOUE4M0U2QzRDRTFEMzhCMC5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCms0YMA0GCSqGSIb3DQEB
CwUAA4IBAQBCasGHfaBZ4Y51p0D/kNMvVZ425842DSwYJMlRB+nOFNOFqsdPC5R+
TbTYkJYXsJARPVPvGJzHDiVVuaYewzCY8XUfhtt3F9JAs8AeFciRgWgu8zf6HQl9
vtRB40kaXMjfk01QvDoZKT+N+hKXB5k9qmEB5k1zT9JX+ADjWXQnms/weIKUQMFa
r1/4i+dCMdFbqirxoUwS24MwZ8Ex2GR5xHRB9Rwg5o3dC/5jXO8z/sLT8+lF1EHF
rJaJ+tJ5X8Xz/s2KvSwgr6+3j81v57jP5+bVoL4G56pwjXEwPhoRaMpxY4dzXHv4
VpI9FXKmWq7+WQUlkIm/iryXMtq49y0C
-----END CERTIFICATE-----
Generated at Sat Jun 13 23:04:00 2026 by rpki-client