Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/14617894311D11F1AE35F4D2DAE4EC9C.roa
File: 14617894311D11F1AE35F4D2DAE4EC9C.roa (raw, json)
Hash identifier: qy9YeI6ybbmMCqBG0nDZowWvWxpclU7k6+Vf9w5f+gY=
Subject key identifier: 24:C4:1C:E8:62:CE:39:4D:28:67:25:84:89:EA:5B:5C:90:9B:0C:0C
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01C33F
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/14617894311D11F1AE35F4D2DAE4EC9C.roa
Signing time: Sun 05 Apr 2026 18:27:19 +0000
ROA not before: Sun 05 Apr 2026 18:27:15 +0000
ROA not after: Sun 10 May 2026 18:27:15 +0000
asID: 213169
IP address blocks: 154.83.91.0/24 maxlen: 24
154.83.92.0/22 maxlen: 24
154.94.48.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 18 Apr 2026 00:07:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 115519 (0x1c33f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Apr 5 18:27:15 2026 GMT
Not After : May 10 18:27:15 2026 GMT
Subject: CN=69d2a987-3d96
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:50:fc:65:66:63:01:21:95:97:40:4f:70:8c:
3d:85:f0:7c:4e:dc:e4:1b:2e:38:bc:4f:85:07:60:
62:17:29:c4:02:21:6a:63:e4:45:af:6e:02:3c:e1:
95:1f:a0:4a:20:c0:a3:23:68:c4:f5:00:89:00:2a:
55:09:7d:55:86:26:ea:07:a7:a7:4b:d4:44:d4:49:
17:53:eb:c5:25:d5:e4:96:f0:cf:93:cb:89:f0:e1:
1e:a6:ea:a4:53:66:a8:9c:b4:53:15:ec:75:3d:15:
3b:31:23:bf:51:a2:63:8a:bb:eb:13:0b:53:b4:fd:
58:10:95:91:56:12:1b:de:1e:43:24:9e:ca:c0:d6:
99:dd:9d:c4:53:d1:82:dd:c2:58:7a:25:49:09:81:
c3:12:8a:a8:b2:da:f1:02:b0:11:3e:8c:96:fb:82:
d5:29:7a:08:b7:b4:c3:1d:a0:db:95:41:3c:08:8e:
b1:e6:98:9f:3d:f0:a1:68:5c:5f:61:55:47:3d:b6:
89:77:1a:c9:25:e7:64:ac:c5:e4:18:27:15:23:1d:
5b:c3:f2:05:c4:a9:04:1d:d6:f5:5d:c3:3d:b7:ea:
fa:73:4a:fc:ec:3a:f6:15:a7:9f:fe:2f:a9:5d:56:
29:e9:18:d7:16:a3:3f:9f:c5:5c:a2:f3:52:53:2d:
7c:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:C4:1C:E8:62:CE:39:4D:28:67:25:84:89:EA:5B:5C:90:9B:0C:0C
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/14617894311D11F1AE35F4D2DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.83.91.0-154.83.95.255
154.94.48.0/23
Signature Algorithm: sha256WithRSAEncryption
a4:76:df:90:eb:de:e0:58:f2:6b:30:0e:bb:ad:75:f7:bb:59:
99:6d:67:93:da:8b:1d:c0:3a:17:0b:1f:32:c9:fd:90:99:b8:
99:26:ac:00:b2:20:30:2c:2b:62:4d:ac:08:de:d8:60:05:5f:
61:9b:24:b9:9a:1f:fd:c4:5e:48:f3:a7:29:f4:08:fd:cc:02:
bf:51:65:f9:d1:db:99:a9:3e:9d:ee:fa:e9:ea:26:1e:a0:54:
8a:0b:60:ae:25:67:ab:7d:6a:b7:7f:f9:c1:30:26:d6:cf:4c:
dd:99:6a:05:9b:2b:f7:0d:20:52:9b:e0:ac:90:b3:c2:c7:c1:
6c:64:57:77:b1:3e:6b:9b:9f:5d:ca:ef:a6:8a:6f:93:0c:c0:
6f:b2:20:78:77:41:46:99:bf:2c:2e:49:bc:2a:17:3a:9b:9a:
1a:72:f0:9d:87:0c:05:3a:99:f8:4c:d2:a5:1c:c1:6f:54:dd:
f3:89:b2:51:95:a6:aa:c0:95:1d:7c:81:6d:c8:e9:1b:f8:8a:
1d:d2:03:25:8c:ba:76:23:00:ea:bf:6f:34:49:01:2d:51:75:
10:d6:f2:1e:99:03:da:7c:ed:98:21:b3:64:22:91:99:b9:b6:
13:10:e2:0e:44:c7:8f:59:8d:8d:41:f8:9c:7b:b6:68:b0:a1:
9f:7b:44:ec
-----BEGIN CERTIFICATE-----
MIIFkjCCBHqgAwIBAgIDAcM/MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjYwNDA1MTgyNzE1WhcNMjYwNTEwMTgyNzE1WjAYMRYw
FAYDVQQDEw02OWQyYTk4Ny0zZDk2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAulD8ZWZjASGVl0BPcIw9hfB8TtzkGy44vE+FB2BiFynEAiFqY+RFr24C
POGVH6BKIMCjI2jE9QCJACpVCX1VhibqB6enS9RE1EkXU+vFJdXklvDPk8uJ8OEe
puqkU2aonLRTFex1PRU7MSO/UaJjirvrEwtTtP1YEJWRVhIb3h5DJJ7KwNaZ3Z3E
U9GC3cJYeiVJCYHDEoqostrxArARPoyW+4LVKXoIt7TDHaDblUE8CI6x5pifPfCh
aFxfYVVHPbaJdxrJJedkrMXkGCcVIx1bw/IFxKkEHdb1XcM9t+r6c0r87Dr2Faef
/i+pXVYp6RjXFqM/n8VcovNSUy18OQIDAQABo4ICszCCAq8wHQYDVR0OBBYEFCTE
HOhizjlNKGclhInqW1yQmwwMMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8xNDYxNzg5NDMxMUQxMUYxQUUzNUY0RDJEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBACaU1sDBAWaU0ADBAGa
XjAwDQYJKoZIhvcNAQELBQADggEBAKR235Dr3uBY8mswDrutdfe7WZltZ5Paix3A
OhcLHzLJ/ZCZuJkmrACyIDAsK2JNrAje2GAFX2GbJLmaH/3EXkjzpyn0CP3MAr9R
ZfnR25mpPp3u+unqJh6gVIoLYK4lZ6t9ard/+cEwJtbPTN2ZagWbK/cNIFKb4KyQ
s8LHwWxkV3exPmubn13K76aKb5MMwG+yIHh3QUaZvywuSbwqFzqbmhpy8J2HDAU6
mfhM0qUcwW9U3fOJslGVpqrAlR18gW3I6Rv4ih3SAyWMunYjAOq/bzRJAS1RdRDW
8h6ZA9p87Zghs2QikZm5thMQ4g5Ex49ZjY1B+Jx7tmiwoZ97ROw=
-----END CERTIFICATE-----
Generated at Thu Apr 16 14:14:33 2026 by rpki-client