Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/04F9E2164A7B11F1867AE4B5CE1D38B0.roa
File: 04F9E2164A7B11F1867AE4B5CE1D38B0.roa (raw, json)
Hash identifier: x4rqfk6Q3g2JyYOw6ndarkzVHrBds818qAxXrL4HYMU=
Subject key identifier: 4C:5C:E0:60:99:29:F6:35:23:D5:AC:3F:AB:3E:A3:16:12:D7:CF:B6
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01CA15
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/04F9E2164A7B11F1867AE4B5CE1D38B0.roa
Signing time: Fri 08 May 2026 01:12:45 +0000
ROA not before: Fri 08 May 2026 01:12:41 +0000
ROA not after: Mon 07 May 2029 01:12:41 +0000
asID: 17561
IP address blocks: 154.95.231.0/24 maxlen: 24
154.95.232.0/24 maxlen: 24
154.95.233.0/24 maxlen: 24
154.95.234.0/24 maxlen: 24
154.95.235.0/24 maxlen: 24
154.95.236.0/24 maxlen: 24
154.95.237.0/24 maxlen: 24
154.95.238.0/24 maxlen: 24
154.95.239.0/24 maxlen: 24
154.95.240.0/24 maxlen: 24
154.95.241.0/24 maxlen: 24
154.95.242.0/24 maxlen: 24
154.95.243.0/24 maxlen: 24
154.95.244.0/24 maxlen: 24
154.95.245.0/24 maxlen: 24
154.95.246.0/24 maxlen: 24
154.95.247.0/24 maxlen: 24
154.95.248.0/24 maxlen: 24
154.95.249.0/24 maxlen: 24
154.95.250.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 11 May 2026 00:07:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 117269 (0x1ca15)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: May 8 01:12:41 2026 GMT
Not After : May 7 01:12:41 2029 GMT
Subject: CN=69fd388d-d8c0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:5d:50:5f:33:73:47:af:52:f2:44:7d:94:a0:
bf:f4:b6:0a:9f:c0:1c:d6:9d:74:1e:07:7f:a7:3d:
8b:81:fa:c4:54:64:b7:94:51:bb:44:d4:3f:f3:79:
ef:e4:3e:8c:87:7b:b6:d2:15:3a:e4:e0:2c:89:9f:
27:61:13:f2:29:d8:b6:35:5b:d5:b0:b3:7e:00:52:
3f:32:6e:fe:91:44:17:b4:57:2a:2b:ae:e3:5f:60:
19:f7:54:49:05:e7:4b:42:3f:43:3b:2e:1b:98:d8:
5d:98:fa:39:20:8c:1d:ac:f3:00:de:b2:ee:3b:03:
91:b6:44:e4:70:fa:76:6c:1f:bc:81:cb:99:6d:f1:
e5:25:ae:c9:6c:2b:ea:01:40:22:ff:ff:03:d7:3f:
3d:1d:84:cc:be:1d:6d:44:b9:92:98:81:6c:0e:94:
12:df:01:01:e4:97:44:1b:3c:4e:bb:6e:7d:88:80:
44:29:df:0b:53:77:73:56:a8:02:d8:99:fe:2e:cf:
b6:92:ec:03:b0:be:c0:df:58:54:44:fb:75:ae:3f:
cb:58:cc:9e:12:9d:0f:af:3b:a4:96:e0:c2:1a:0f:
7a:a3:1d:ff:a8:69:fd:8c:01:e2:d8:63:1b:cf:db:
15:91:2e:45:71:fd:ce:74:1d:61:69:87:9b:32:49:
73:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:5C:E0:60:99:29:F6:35:23:D5:AC:3F:AB:3E:A3:16:12:D7:CF:B6
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/04F9E2164A7B11F1867AE4B5CE1D38B0.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.95.231.0-154.95.250.255
Signature Algorithm: sha256WithRSAEncryption
21:e6:ff:39:4f:09:2e:8b:8e:43:92:f6:93:9c:22:d9:0a:f4:
0b:46:2f:48:f4:07:a4:38:96:57:16:91:24:24:ce:68:fc:db:
e9:36:30:fa:40:dd:5c:26:5f:c6:0e:f3:50:ad:3d:b7:0d:2f:
65:37:58:3e:96:15:a7:9c:1c:90:47:33:1a:b3:f1:ad:7c:9e:
14:7a:e4:26:1f:c6:5b:f1:9b:97:29:a2:9c:d5:82:5a:21:d7:
cb:ce:ca:54:ec:c8:bc:7b:c5:6a:a4:ac:a6:4d:0d:b4:94:14:
ae:cc:71:0c:54:46:8b:10:5d:9d:58:df:c1:bb:6e:cf:b7:7a:
ff:4d:30:13:1e:fe:b5:d7:26:4b:5e:b9:39:c8:22:23:56:9e:
c1:7e:ea:25:49:76:10:7e:07:82:c7:37:50:02:95:1e:29:18:
cc:ec:f6:11:92:24:4d:c8:60:ac:7c:57:5b:9a:e8:0b:fb:05:
36:0c:d0:67:49:28:54:89:b6:33:f6:89:40:d8:03:56:6b:a0:
7e:07:93:f6:a1:d1:54:e9:06:63:c9:a1:bf:5e:50:75:f7:7a:
65:fe:87:6f:48:ed:91:88:dd:c6:6a:00:2f:9e:af:d0:4f:e2:
e5:58:18:2e:ef:6c:f6:13:a7:48:d3:85:a1:5b:71:56:c0:1e:
b8:ab:d8:da
-----BEGIN CERTIFICATE-----
MIIFjDCCBHSgAwIBAgIDAcoVMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjYwNTA4MDExMjQxWhcNMjkwNTA3MDExMjQxWjAYMRYw
FAYDVQQDEw02OWZkMzg4ZC1kOGMwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAu11QXzNzR69S8kR9lKC/9LYKn8Ac1p10Hgd/pz2LgfrEVGS3lFG7RNQ/
83nv5D6Mh3u20hU65OAsiZ8nYRPyKdi2NVvVsLN+AFI/Mm7+kUQXtFcqK67jX2AZ
91RJBedLQj9DOy4bmNhdmPo5IIwdrPMA3rLuOwORtkTkcPp2bB+8gcuZbfHlJa7J
bCvqAUAi//8D1z89HYTMvh1tRLmSmIFsDpQS3wEB5JdEGzxOu259iIBEKd8LU3dz
VqgC2Jn+Ls+2kuwDsL7A31hURPt1rj/LWMyeEp0PrzukluDCGg96ox3/qGn9jAHi
2GMbz9sVkS5Fcf3OdB1haYebMklzEQIDAQABo4ICrTCCAqkwHQYDVR0OBBYEFExc
4GCZKfY1I9WsP6s+oxYS18+2MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8wNEY5RTIxNjRBN0IxMUYxODY3QUU0QjVDRTFEMzhCMC5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBACaX+cDBACaX/owDQYJ
KoZIhvcNAQELBQADggEBACHm/zlPCS6LjkOS9pOcItkK9AtGL0j0B6Q4llcWkSQk
zmj82+k2MPpA3VwmX8YO81CtPbcNL2U3WD6WFaecHJBHMxqz8a18nhR65CYfxlvx
m5cpopzVgloh18vOylTsyLx7xWqkrKZNDbSUFK7McQxURosQXZ1Y38G7bs+3ev9N
MBMe/rXXJkteuTnIIiNWnsF+6iVJdhB+B4LHN1AClR4pGMzs9hGSJE3IYKx8V1ua
6Av7BTYM0GdJKFSJtjP2iUDYA1ZroH4Hk/ah0VTpBmPJob9eUHX3emX+h29I7ZGI
3cZqAC+er9BP4uVYGC7vbPYTp0jThaFbcVbAHrir2No=
-----END CERTIFICATE-----
Generated at Sat May 9 11:02:14 2026 by rpki-client