Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/138CF1D8494A11F1ADD0CF04CF1D38B0.roa
File: 138CF1D8494A11F1ADD0CF04CF1D38B0.roa (raw, json)
Hash identifier: o6yIbNxQsdND4/rmk+jnLDhp1nlLHnOsXVXrur6I+6Q=
Subject key identifier: 53:A2:79:DB:F1:73:14:93:D9:BC:AC:B2:7D:F6:6E:97:43:39:65:F9
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01C9AF
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/138CF1D8494A11F1ADD0CF04CF1D38B0.roa
Signing time: Wed 06 May 2026 12:49:53 +0000
ROA not before: Wed 06 May 2026 12:49:48 +0000
ROA not after: Thu 11 Jun 2026 12:49:48 +0000
asID: 17497
IP address blocks: 154.196.142.0/24 maxlen: 24
154.196.143.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 11 May 2026 00:07:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 117167 (0x1c9af)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: May 6 12:49:48 2026 GMT
Not After : Jun 11 12:49:48 2026 GMT
Subject: CN=69fb38f1-567f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:dc:d8:ff:ff:97:e6:13:55:19:b4:e3:1e:bd:
54:eb:57:ee:fe:41:90:6c:72:1d:e6:91:e4:a2:e4:
49:87:23:70:55:80:bc:61:7d:3a:cd:23:fe:2d:3a:
f6:d4:7b:b0:50:7b:47:c7:d2:b8:c3:3e:8e:dd:10:
89:be:21:47:12:cd:c6:65:b2:ec:33:ae:2c:06:52:
e7:cb:c4:5d:ce:19:91:a6:0b:7f:26:03:2f:07:b4:
74:09:a3:c5:05:63:62:21:09:a0:a9:b8:64:f1:82:
b7:19:2c:ab:26:5e:4f:49:70:c1:79:4a:4d:47:8b:
48:10:a7:8c:14:45:4b:cb:3f:2e:fd:82:9e:02:99:
e1:3c:21:5f:0c:5b:49:35:64:07:54:7e:dc:0e:fd:
c3:19:57:ef:f9:a0:9a:4b:60:d7:08:11:ae:41:89:
a2:10:e3:ac:f6:df:f7:06:99:0b:5f:01:89:60:f5:
45:45:33:10:e9:59:83:51:4d:c5:33:f1:64:87:4a:
60:ff:dc:b8:93:a5:7d:8b:3d:d0:3a:0a:15:e9:a6:
ef:6a:d2:30:f0:d9:07:47:82:09:fb:46:37:b4:05:
a6:07:e1:68:0b:8b:bd:ef:d3:f0:26:7d:6b:aa:9d:
72:aa:cf:23:ea:1a:02:7c:d5:e5:16:f5:14:c6:d0:
0b:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:A2:79:DB:F1:73:14:93:D9:BC:AC:B2:7D:F6:6E:97:43:39:65:F9
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/138CF1D8494A11F1ADD0CF04CF1D38B0.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.196.142.0/23
Signature Algorithm: sha256WithRSAEncryption
58:95:52:f3:df:ae:7b:ee:e7:76:68:d1:a8:47:d6:de:23:af:
4a:b0:ba:e5:d7:2e:08:c8:66:dd:ed:4d:f5:90:95:6d:15:ad:
ce:e1:c2:a0:8a:4d:2d:9f:7a:3a:42:c5:ef:20:88:1f:41:30:
15:51:30:83:5d:22:37:7f:54:5f:91:9a:c1:65:ae:1b:49:d0:
84:37:f6:94:82:4f:af:27:71:8d:26:80:36:a9:a8:20:df:4b:
c3:12:37:53:e8:b5:d1:30:b4:07:ab:49:d8:75:17:5c:eb:3d:
52:f2:39:61:56:98:19:8b:e8:e2:aa:85:8c:ff:ea:f5:c4:02:
f8:d4:35:95:ca:15:32:c4:0b:2a:b4:3b:01:d6:e2:8e:f9:1b:
f4:dc:6d:24:61:8f:67:f5:65:53:fa:d1:ac:03:1f:2b:37:cf:
b5:b2:e7:f5:97:12:16:94:c9:ef:f9:b9:85:f2:65:18:ed:f1:
3f:a7:62:e0:f1:ed:9d:a7:ff:b3:26:9a:ff:60:37:af:c1:46:
a3:02:22:58:60:6e:94:da:a0:a3:be:64:7c:52:04:40:65:f7:
62:c1:d3:34:9a:71:7c:50:8f:50:c3:5d:15:03:12:b0:53:77:
4d:4d:62:7e:9b:a7:94:a6:3b:51:e2:85:0e:cb:8a:25:04:e7:
af:69:3f:4b
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAcmvMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjYwNTA2MTI0OTQ4WhcNMjYwNjExMTI0OTQ4WjAYMRYw
FAYDVQQDEw02OWZiMzhmMS01NjdmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAztzY//+X5hNVGbTjHr1U61fu/kGQbHId5pHkouRJhyNwVYC8YX06zSP+
LTr21HuwUHtHx9K4wz6O3RCJviFHEs3GZbLsM64sBlLny8RdzhmRpgt/JgMvB7R0
CaPFBWNiIQmgqbhk8YK3GSyrJl5PSXDBeUpNR4tIEKeMFEVLyz8u/YKeApnhPCFf
DFtJNWQHVH7cDv3DGVfv+aCaS2DXCBGuQYmiEOOs9t/3BpkLXwGJYPVFRTMQ6VmD
UU3FM/Fkh0pg/9y4k6V9iz3QOgoV6abvatIw8NkHR4IJ+0Y3tAWmB+FoC4u979Pw
Jn1rqp1yqs8j6hoCfNXlFvUUxtAL2wIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFFOi
edvxcxST2byssn32bpdDOWX5MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8xMzhDRjFEODQ5NEExMUYxQUREMENGMDRDRjFEMzhCMC5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBmsSOMA0GCSqGSIb3DQEB
CwUAA4IBAQBYlVLz36577ud2aNGoR9beI69KsLrl1y4IyGbd7U31kJVtFa3O4cKg
ik0tn3o6QsXvIIgfQTAVUTCDXSI3f1RfkZrBZa4bSdCEN/aUgk+vJ3GNJoA2qagg
30vDEjdT6LXRMLQHq0nYdRdc6z1S8jlhVpgZi+jiqoWM/+r1xAL41DWVyhUyxAsq
tDsB1uKO+Rv03G0kYY9n9WVT+tGsAx8rN8+1suf1lxIWlMnv+bmF8mUY7fE/p2Lg
8e2dp/+zJpr/YDevwUajAiJYYG6U2qCjvmR8UgRAZfdiwdM0mnF8UI9Qw10VAxKw
U3dNTWJ+m6eUpjtR4oUOy4olBOevaT9L
-----END CERTIFICATE-----
Generated at Sat May 9 11:02:31 2026 by rpki-client