Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/17C2A2AE2EAE11F1B01CE3B2DAE4EC9C.roa
File: 17C2A2AE2EAE11F1B01CE3B2DAE4EC9C.roa (raw, json)
Hash identifier: ncS43PlO0wCuU3qzDFu78krW3nyT9/XK24E8Ql64Lbc=
Subject key identifier: A1:BF:EA:91:CD:59:71:53:06:34:99:47:A8:18:F0:92:31:99:5C:3B
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01C26B
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/17C2A2AE2EAE11F1B01CE3B2DAE4EC9C.roa
Signing time: Thu 02 Apr 2026 16:07:49 +0000
ROA not before: Thu 02 Apr 2026 16:07:44 +0000
ROA not after: Sun 10 May 2026 16:07:44 +0000
asID: 63139
IP address blocks: 154.95.95.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 07 Apr 2026 00:07:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 115307 (0x1c26b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Apr 2 16:07:44 2026 GMT
Not After : May 10 16:07:44 2026 GMT
Subject: CN=69ce9455-10e6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:ec:01:2e:b9:ed:7d:c2:e6:1c:fe:c9:81:ba:
fd:63:02:da:66:b9:d8:2d:f4:81:da:f0:ef:c4:ce:
e2:fb:c2:a8:ff:0c:f0:b2:7e:8e:de:85:6e:b4:71:
c3:f6:5a:4e:96:f2:b9:90:d1:c5:c3:87:ad:8a:a5:
43:30:48:a7:dc:a4:e5:3e:5f:66:d9:eb:bb:63:69:
29:40:b0:1e:a0:13:d0:35:33:3a:27:65:80:d8:76:
8a:d2:99:d4:7e:65:66:8f:7a:0a:c3:26:c4:2f:55:
ef:22:61:50:02:9b:4a:bb:a2:f3:84:82:ba:ac:cf:
e8:9f:93:8a:48:9c:ba:0d:57:32:dc:50:49:03:f2:
bc:7c:1d:9e:ed:a4:de:79:2d:2c:0a:45:1b:95:08:
e2:67:4d:bd:a6:47:8a:ff:f5:c9:3c:37:1f:3a:0e:
04:92:99:ad:34:23:4b:fe:b3:cc:a3:2f:5d:b7:c2:
85:4f:f5:7d:18:61:8f:16:74:da:1b:45:75:bc:5f:
17:11:15:78:3a:9a:6c:2d:04:96:e6:8d:40:0c:84:
c6:dc:46:f4:26:73:16:d7:83:f0:28:6c:41:36:bd:
72:a4:aa:7a:b3:b8:8d:1b:6e:6a:ce:c5:59:5e:1e:
aa:57:67:6f:27:4d:dd:80:e6:f9:16:24:57:85:ad:
84:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:BF:EA:91:CD:59:71:53:06:34:99:47:A8:18:F0:92:31:99:5C:3B
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/17C2A2AE2EAE11F1B01CE3B2DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.95.95.0/24
Signature Algorithm: sha256WithRSAEncryption
a4:4e:da:80:13:62:b6:56:75:0e:e1:0e:47:b0:25:8e:0c:f0:
f4:06:7a:6e:52:85:18:65:b2:fb:34:78:2e:b3:24:75:32:98:
1b:3b:b4:97:87:0c:3a:1d:a4:fc:09:f9:4c:9a:7f:e8:58:1c:
54:d0:87:29:2d:61:80:31:16:ff:25:64:b9:9e:22:f8:00:28:
65:9a:07:b0:af:82:40:c6:bb:a1:c9:c8:ef:9b:50:43:5a:1b:
17:bd:bf:b8:e7:df:2a:9c:56:52:63:88:67:2c:52:3a:01:13:
bb:eb:37:86:02:10:4e:47:8b:86:27:ba:07:71:f7:ec:a5:36:
90:e7:e9:5c:f0:19:f3:73:c9:cb:7d:79:2a:60:a3:e0:e7:80:
d9:ee:73:60:3d:98:eb:ca:53:99:c7:71:d8:46:a6:95:ca:51:
da:4b:fa:ee:bf:0f:a2:5b:1a:a6:6f:55:35:0b:1e:3a:0c:97:
ad:38:54:aa:c2:39:8b:34:27:97:56:1c:57:08:a2:9d:f2:46:
f5:8e:4e:d4:5b:04:8c:f4:9f:2c:8a:6a:38:d8:29:b9:94:3f:
17:9b:e5:dc:9a:45:f2:6b:9c:fa:39:61:1b:d6:91:42:dd:c4:
3f:6b:98:be:31:90:b4:48:d6:c2:00:56:11:83:33:66:b5:2c:
82:bb:c6:88
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAcJrMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjYwNDAyMTYwNzQ0WhcNMjYwNTEwMTYwNzQ0WjAYMRYw
FAYDVQQDEw02OWNlOTQ1NS0xMGU2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAxewBLrntfcLmHP7Jgbr9YwLaZrnYLfSB2vDvxM7i+8Ko/wzwsn6O3oVu
tHHD9lpOlvK5kNHFw4etiqVDMEin3KTlPl9m2eu7Y2kpQLAeoBPQNTM6J2WA2HaK
0pnUfmVmj3oKwybEL1XvImFQAptKu6LzhIK6rM/on5OKSJy6DVcy3FBJA/K8fB2e
7aTeeS0sCkUblQjiZ029pkeK//XJPDcfOg4EkpmtNCNL/rPMoy9dt8KFT/V9GGGP
FnTaG0V1vF8XERV4OppsLQSW5o1ADITG3Eb0JnMW14PwKGxBNr1ypKp6s7iNG25q
zsVZXh6qV2dvJ03dgOb5FiRXha2EjwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFKG/
6pHNWXFTBjSZR6gY8JIxmVw7MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8xN0MyQTJBRTJFQUUxMUYxQjAxQ0UzQjJEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAml9fMA0GCSqGSIb3DQEB
CwUAA4IBAQCkTtqAE2K2VnUO4Q5HsCWODPD0BnpuUoUYZbL7NHgusyR1MpgbO7SX
hww6HaT8CflMmn/oWBxU0IcpLWGAMRb/JWS5niL4AChlmgewr4JAxruhycjvm1BD
WhsXvb+4598qnFZSY4hnLFI6ARO76zeGAhBOR4uGJ7oHcffspTaQ5+lc8Bnzc8nL
fXkqYKPg54DZ7nNgPZjrylOZx3HYRqaVylHaS/ruvw+iWxqmb1U1Cx46DJetOFSq
wjmLNCeXVhxXCKKd8kb1jk7UWwSM9J8simo42Cm5lD8Xm+XcmkXya5z6OWEb1pFC
3cQ/a5i+MZC0SNbCAFYRgzNmtSyCu8aI
-----END CERTIFICATE-----
Generated at Mon Apr 6 02:18:28 2026 by rpki-client