Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/22430C343E1511F1840B92C3CE1D38B0.roa
File: 22430C343E1511F1840B92C3CE1D38B0.roa (raw, json)
Hash identifier: QfQfkApNTF5sxCe+tGOExyL4TvqTx7L/tMh4iOPk3I8=
Subject key identifier: 20:99:FE:A5:C4:23:0E:EB:1A:81:A9:8D:41:AF:42:81:76:B2:58:7D
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01C657
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/22430C343E1511F1840B92C3CE1D38B0.roa
Signing time: Wed 22 Apr 2026 06:33:12 +0000
ROA not before: Wed 22 Apr 2026 06:33:07 +0000
ROA not after: Thu 30 Apr 2026 06:33:07 +0000
asID: 139880
IP address blocks: 154.206.128.0/18 maxlen: 24
154.215.64.0/18 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Wed 29 Apr 2026 00:07:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 116311 (0x1c657)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Apr 22 06:33:07 2026 GMT
Not After : Apr 30 06:33:07 2026 GMT
Subject: CN=69e86ba8-bcfd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:0b:02:ac:67:11:c0:3a:46:7d:dd:6e:68:c5:
a4:61:fa:06:1b:da:64:cd:99:6d:6d:d7:cd:25:93:
53:0d:b6:43:1c:2b:8b:55:4a:9d:6d:92:00:9f:1a:
f6:10:55:7e:de:16:ed:5d:a0:a8:76:2f:55:4b:09:
93:70:fc:c3:13:a9:c3:ae:6e:49:05:34:ba:e2:cb:
29:0b:85:44:1f:3a:3a:c5:24:09:26:ae:b3:c8:92:
88:b7:00:b4:68:e3:0c:67:e4:db:18:29:40:2f:ef:
b1:98:fa:a6:d2:fa:aa:16:8d:fa:f6:ed:a2:2b:84:
c6:44:08:95:da:3e:67:5e:4b:e8:4b:71:b0:a1:87:
08:0a:6d:e1:0a:93:a2:d8:97:0d:3c:ee:0c:2b:5e:
fe:55:eb:9e:73:07:b6:29:dc:22:c2:fb:21:ad:83:
9e:08:e9:6b:2f:92:b4:2d:b5:d0:63:f7:bc:03:23:
ea:f4:ff:dd:8a:16:df:f5:f7:02:f1:6e:82:94:e7:
37:c7:e5:f9:ec:d0:54:59:27:e9:9e:6a:52:7b:a8:
dc:ee:1f:ce:22:3e:f4:28:43:75:1c:09:86:50:a2:
0b:36:73:dd:02:63:36:a9:fe:52:94:e6:37:21:53:
c7:f5:34:5e:99:ff:2c:6c:3f:bb:f4:32:39:49:b5:
e4:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:99:FE:A5:C4:23:0E:EB:1A:81:A9:8D:41:AF:42:81:76:B2:58:7D
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/22430C343E1511F1840B92C3CE1D38B0.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.206.128.0/18
154.215.64.0/18
Signature Algorithm: sha256WithRSAEncryption
10:38:e1:e0:e1:5f:04:ab:c3:e6:b0:b8:ea:fb:98:83:6a:0c:
9b:c0:6c:38:3e:d7:75:7f:6d:9b:2b:87:18:9b:74:fd:de:aa:
53:be:e0:99:57:79:40:74:44:fb:af:d4:0a:b0:5c:bd:6c:1c:
23:e0:25:fb:30:b7:7e:a6:81:fe:b3:d3:99:46:e0:28:38:70:
3e:bf:de:7f:a5:d1:29:9a:83:23:4a:91:67:70:12:76:f6:b7:
c0:2c:2f:56:1b:a3:72:2d:42:76:0b:62:d2:bd:39:a7:0e:39:
b6:15:00:ab:72:2d:a3:92:04:37:6c:d7:d2:72:f6:eb:03:43:
b5:dc:99:59:42:a2:b5:7e:1a:e2:23:b8:b7:45:af:11:51:b5:
c2:3d:3c:9d:14:0b:94:7a:e4:04:ca:b4:0e:bf:73:7c:24:a4:
9d:e2:6b:38:23:d9:9e:56:68:56:08:17:4d:35:89:9d:e8:59:
8c:57:ba:48:51:dd:fc:d7:9e:02:7d:9f:de:4b:a5:e1:60:58:
53:4f:e1:c5:23:8a:35:ff:8c:54:22:50:f1:b2:3b:53:4b:61:
ff:00:e6:69:0f:5f:c5:c0:e2:1c:ba:40:1f:65:3d:a9:fd:12:
0c:aa:d6:d3:a4:90:bf:f0:cf:a4:04:fd:4b:01:3e:8f:95:44:
72:0c:9a:37
-----BEGIN CERTIFICATE-----
MIIFijCCBHKgAwIBAgIDAcZXMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjYwNDIyMDYzMzA3WhcNMjYwNDMwMDYzMzA3WjAYMRYw
FAYDVQQDEw02OWU4NmJhOC1iY2ZkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAyQsCrGcRwDpGfd1uaMWkYfoGG9pkzZltbdfNJZNTDbZDHCuLVUqdbZIA
nxr2EFV+3hbtXaCodi9VSwmTcPzDE6nDrm5JBTS64sspC4VEHzo6xSQJJq6zyJKI
twC0aOMMZ+TbGClAL++xmPqm0vqqFo369u2iK4TGRAiV2j5nXkvoS3GwoYcICm3h
CpOi2JcNPO4MK17+Veuecwe2KdwiwvshrYOeCOlrL5K0LbXQY/e8AyPq9P/dihbf
9fcC8W6ClOc3x+X57NBUWSfpnmpSe6jc7h/OIj70KEN1HAmGUKILNnPdAmM2qf5S
lOY3IVPH9TRemf8sbD+79DI5SbXkUwIDAQABo4ICqzCCAqcwHQYDVR0OBBYEFCCZ
/qXEIw7rGoGpjUGvQoF2slh9MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8yMjQzMEMzNDNFMTUxMUYxODQwQjkyQzNDRTFEMzhCMC5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQGms6AAwQGmtdAMA0GCSqG
SIb3DQEBCwUAA4IBAQAQOOHg4V8Eq8PmsLjq+5iDagybwGw4Ptd1f22bK4cYm3T9
3qpTvuCZV3lAdET7r9QKsFy9bBwj4CX7MLd+poH+s9OZRuAoOHA+v95/pdEpmoMj
SpFncBJ29rfALC9WG6NyLUJ2C2LSvTmnDjm2FQCrci2jkgQ3bNfScvbrA0O13JlZ
QqK1fhriI7i3Ra8RUbXCPTydFAuUeuQEyrQOv3N8JKSd4ms4I9meVmhWCBdNNYmd
6FmMV7pIUd38154CfZ/eS6XhYFhTT+HFI4o1/4xUIlDxsjtTS2H/AOZpD1/FwOIc
ukAfZT2p/RIMqtbTpJC/8M+kBP1LAT6PlURyDJo3
-----END CERTIFICATE-----
Generated at Mon Apr 27 13:34:17 2026 by rpki-client