Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/2575D786455111F18D0A9CDBCE1D38B0.roa
File: 2575D786455111F18D0A9CDBCE1D38B0.roa (raw, json)
Hash identifier: jdYo9Tav9loIsjN0uHs7oXPlPbMhi03pokIeRoOoE50=
Subject key identifier: 81:CC:74:F5:27:0A:1C:C1:22:6D:0E:52:ED:7F:AF:05:53:34:8B:79
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01C877
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/2575D786455111F18D0A9CDBCE1D38B0.roa
Signing time: Fri 01 May 2026 11:30:25 +0000
ROA not before: Fri 01 May 2026 11:30:20 +0000
ROA not after: Mon 11 May 2026 11:30:20 +0000
asID: 139880
IP address blocks: 154.194.128.0/18 maxlen: 24
154.209.160.0/19 maxlen: 24
154.214.64.0/18 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 11 May 2026 00:07:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 116855 (0x1c877)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: May 1 11:30:20 2026 GMT
Not After : May 11 11:30:20 2026 GMT
Subject: CN=69f48ed1-b1b9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:0d:b6:2c:f1:5a:11:be:c5:fe:e3:5a:0c:66:
fb:1c:08:dd:39:cf:b2:4f:a9:cb:af:3c:a9:e1:3b:
20:9c:82:7a:9e:fe:c4:18:b3:e6:1f:d7:bf:22:09:
07:a7:1b:ef:5e:e2:95:c4:29:04:2a:c1:f8:14:7a:
ea:41:a8:8a:59:4c:9c:c3:b3:59:9d:30:88:ed:3f:
ce:c5:60:99:98:4a:08:b7:8a:ba:03:25:ad:93:49:
cb:d6:cd:fb:a5:55:1e:c4:75:2c:0b:66:38:47:f9:
ee:36:93:c9:ff:19:c2:85:cf:36:1d:a0:86:a3:06:
61:b6:4a:0a:a2:be:5b:ef:b5:b4:4b:f1:ae:4c:81:
be:f1:eb:cc:b0:04:2d:9c:88:a5:3a:47:be:e2:7a:
5a:35:88:6b:23:c5:b2:73:82:84:95:8f:e4:20:3e:
23:32:0e:e0:e3:36:b3:b7:77:b9:16:8c:79:31:06:
35:12:84:39:5f:1c:a1:3c:09:f7:bb:56:d7:fd:e7:
8a:09:28:1e:84:81:b0:81:23:b5:2d:f6:0b:ea:0d:
74:71:ec:cb:4d:9f:47:b4:37:a1:ad:4f:a9:f5:61:
f9:30:94:18:b9:55:ea:21:b7:6b:df:4f:1f:b8:77:
8a:a7:81:dd:cd:90:c2:2d:78:de:2c:f7:f4:a7:76:
39:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:CC:74:F5:27:0A:1C:C1:22:6D:0E:52:ED:7F:AF:05:53:34:8B:79
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/2575D786455111F18D0A9CDBCE1D38B0.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.194.128.0/18
154.209.160.0/19
154.214.64.0/18
Signature Algorithm: sha256WithRSAEncryption
2e:0f:f7:61:9b:8a:92:12:2a:19:f3:4d:d4:fc:ac:24:fc:e7:
b1:4c:87:be:45:d4:fb:45:95:3c:d7:c8:ad:bd:81:8a:16:75:
b2:a7:c9:b5:a5:fd:0f:3e:c3:94:27:44:61:10:f1:12:92:09:
d5:a5:35:f2:b1:59:e6:92:d4:dd:d4:cb:bb:75:69:e3:a0:43:
9a:5d:4e:be:50:d0:8b:05:44:58:d3:ed:f0:f9:35:38:9d:ac:
c4:7c:09:dd:39:85:2b:59:cd:4d:bf:4b:18:55:d0:ba:a8:8f:
be:bb:fd:98:ef:63:5c:49:e3:ef:fc:38:b2:fe:cd:d2:c3:52:
40:65:d3:b9:ac:1c:c3:e0:e9:3f:57:ae:43:7f:95:3c:2e:cf:
e0:3a:25:3f:de:d0:c7:b0:24:ce:92:4b:a2:11:87:60:3d:20:
2a:a2:ac:72:08:b5:07:fc:14:ab:d3:cc:be:2d:08:1e:2f:d9:
68:2e:46:9e:d0:4c:77:43:8b:ed:8e:de:ea:42:b6:f3:b1:43:
eb:2b:4d:c5:a8:fe:56:56:f9:06:fd:b1:c7:e5:81:f4:36:68:
ff:71:e4:e3:31:f1:87:1a:a1:4f:73:ab:8f:65:8d:0e:b0:49:
3a:2c:f5:4b:c6:7a:1a:b6:61:bb:87:e2:b7:32:fc:15:80:1d:
66:32:8f:e1
-----BEGIN CERTIFICATE-----
MIIFkDCCBHigAwIBAgIDAch3MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjYwNTAxMTEzMDIwWhcNMjYwNTExMTEzMDIwWjAYMRYw
FAYDVQQDEw02OWY0OGVkMS1iMWI5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAxQ22LPFaEb7F/uNaDGb7HAjdOc+yT6nLrzyp4TsgnIJ6nv7EGLPmH9e/
IgkHpxvvXuKVxCkEKsH4FHrqQaiKWUycw7NZnTCI7T/OxWCZmEoIt4q6AyWtk0nL
1s37pVUexHUsC2Y4R/nuNpPJ/xnChc82HaCGowZhtkoKor5b77W0S/GuTIG+8evM
sAQtnIilOke+4npaNYhrI8Wyc4KElY/kID4jMg7g4zazt3e5Fox5MQY1EoQ5Xxyh
PAn3u1bX/eeKCSgehIGwgSO1LfYL6g10cezLTZ9HtDehrU+p9WH5MJQYuVXqIbdr
308fuHeKp4HdzZDCLXjeLPf0p3Y5nQIDAQABo4ICsTCCAq0wHQYDVR0OBBYEFIHM
dPUnChzBIm0OUu1/rwVTNIt5MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8yNTc1RDc4NjQ1NTExMUYxOEQwQTlDREJDRTFEMzhCMC5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQGmsKAAwQFmtGgAwQGmtZA
MA0GCSqGSIb3DQEBCwUAA4IBAQAuD/dhm4qSEioZ803U/Kwk/OexTIe+RdT7RZU8
18itvYGKFnWyp8m1pf0PPsOUJ0RhEPESkgnVpTXysVnmktTd1Mu7dWnjoEOaXU6+
UNCLBURY0+3w+TU4nazEfAndOYUrWc1Nv0sYVdC6qI++u/2Y72NcSePv/Diy/s3S
w1JAZdO5rBzD4Ok/V65Df5U8Ls/gOiU/3tDHsCTOkkuiEYdgPSAqoqxyCLUH/BSr
08y+LQgeL9loLkae0Ex3Q4vtjt7qQrbzsUPrK03FqP5WVvkG/bHH5YH0Nmj/ceTj
MfGHGqFPc6uPZY0OsEk6LPVLxnoatmG7h+K3MvwVgB1mMo/h
-----END CERTIFICATE-----
Generated at Sat May 9 11:00:22 2026 by rpki-client