Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/2897FBBC43A111F194D7851ACF1D38B0.roa
File: 2897FBBC43A111F194D7851ACF1D38B0.roa (raw, json)
Hash identifier: 5/EsEQjSiXDlFhU/U+4ww+dK+jOyGt4XT2lEpWMYmik=
Subject key identifier: 7A:09:35:63:05:8F:8B:BB:A3:AB:9E:5A:D3:B2:B7:50:95:70:A8:08
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01C7C8
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/2897FBBC43A111F194D7851ACF1D38B0.roa
Signing time: Wed 29 Apr 2026 07:58:08 +0000
ROA not before: Wed 29 Apr 2026 07:58:03 +0000
ROA not after: Thu 01 Jul 2027 07:58:03 +0000
asID: 328608
IP address blocks: 154.210.123.0/24 maxlen: 24
154.210.124.0/24 maxlen: 24
154.210.125.0/24 maxlen: 24
154.210.126.0/24 maxlen: 24
154.210.127.0/24 maxlen: 24
154.213.4.0/24 maxlen: 24
154.213.5.0/24 maxlen: 24
154.214.1.0/24 maxlen: 24
154.214.32.0/24 maxlen: 24
154.214.33.0/24 maxlen: 24
154.214.34.0/24 maxlen: 24
154.214.35.0/24 maxlen: 24
154.214.36.0/24 maxlen: 24
154.214.37.0/24 maxlen: 24
154.214.38.0/24 maxlen: 24
154.214.39.0/24 maxlen: 24
154.214.40.0/24 maxlen: 24
154.214.41.0/24 maxlen: 24
154.214.42.0/24 maxlen: 24
154.214.43.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 09 May 2026 00:07:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 116680 (0x1c7c8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Apr 29 07:58:03 2026 GMT
Not After : Jul 1 07:58:03 2027 GMT
Subject: CN=69f1ba10-b82e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:ec:b4:8c:29:ba:f3:82:2c:9c:f2:63:50:31:
b4:b4:41:4c:6f:6b:3d:03:f9:a1:14:0f:e2:cc:3d:
81:56:41:e0:53:a0:d4:6a:1a:17:4b:73:6b:ef:69:
70:e9:e3:48:7b:39:15:48:8c:79:de:05:9e:c8:70:
b4:64:88:d3:8f:8d:21:34:88:03:1c:34:8b:d6:3c:
de:bf:2f:1c:9c:af:62:ea:93:21:d7:6b:a1:61:28:
d6:3a:87:80:5c:ee:62:bf:45:0e:30:5b:c0:7c:97:
57:f1:a0:2f:36:ef:3e:98:74:6e:f2:63:67:3c:54:
39:e0:50:d0:2c:85:d2:d6:66:40:c3:19:c9:e9:c9:
f6:fc:2f:f4:7c:ad:56:53:6d:3c:e6:da:28:74:7b:
0d:89:77:91:4f:68:38:91:ce:ee:6b:fb:20:20:d8:
6f:b0:29:45:69:d7:f0:8e:fe:3e:de:85:21:ab:9c:
e9:40:26:8e:01:60:88:48:b5:75:56:7f:4e:51:01:
dc:80:01:2f:bc:1a:64:31:d5:c0:68:cc:08:e9:28:
63:30:68:a1:71:13:5b:e3:4e:01:2f:2f:d6:a3:d5:
09:1b:26:cf:d2:cf:e6:63:e4:e3:48:42:91:7b:67:
5b:74:31:a6:b9:41:7c:a9:75:58:a8:b2:50:c8:44:
15:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:09:35:63:05:8F:8B:BB:A3:AB:9E:5A:D3:B2:B7:50:95:70:A8:08
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/2897FBBC43A111F194D7851ACF1D38B0.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.210.123.0-154.210.127.255
154.213.4.0/23
154.214.1.0/24
154.214.32.0-154.214.43.255
Signature Algorithm: sha256WithRSAEncryption
61:47:41:3f:69:93:47:b6:d3:16:75:b2:d6:46:64:dc:a7:2b:
07:1e:a3:84:31:27:33:c1:68:73:34:7d:35:d7:e7:96:b9:5f:
68:ca:bc:01:70:ee:82:37:9a:ec:51:6f:15:c4:d3:cd:d2:5e:
b1:39:ff:bb:13:51:4a:6a:88:96:d0:73:53:52:bc:d7:d5:cb:
1e:e1:50:00:c0:bc:0e:5f:da:a6:94:0e:1b:c9:b9:df:95:02:
db:ef:95:c1:2f:c4:dc:df:58:b3:30:60:cc:04:f8:d8:f0:9f:
77:e6:d3:26:7e:f5:78:c9:1e:65:78:b1:d6:10:94:e8:44:69:
33:7f:66:41:c9:aa:93:b2:5e:3c:4d:c2:3b:04:28:4f:80:f0:
20:7a:7d:8b:2c:9f:95:77:f9:e4:f5:86:81:83:b2:a1:e5:b5:
1f:1a:79:15:cc:fb:94:05:78:ca:8f:d4:9c:ba:18:f5:bf:0e:
c0:fa:a9:89:27:6c:59:60:12:82:13:d1:99:d8:8d:db:ab:4a:
14:97:f5:54:e0:e8:bf:cd:2d:42:2a:53:e6:f8:87:f5:2a:b3:
65:25:ba:b1:ed:ab:08:db:a2:67:ba:54:d8:35:3e:8c:68:78:
9b:90:c9:8f:02:5b:4f:3d:cd:fa:cf:a3:22:46:9c:36:d6:b3:
1a:27:8c:06
-----BEGIN CERTIFICATE-----
MIIFpjCCBI6gAwIBAgIDAcfIMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjYwNDI5MDc1ODAzWhcNMjcwNzAxMDc1ODAzWjAYMRYw
FAYDVQQDEw02OWYxYmExMC1iODJlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA2+y0jCm684IsnPJjUDG0tEFMb2s9A/mhFA/izD2BVkHgU6DUahoXS3Nr
72lw6eNIezkVSIx53gWeyHC0ZIjTj40hNIgDHDSL1jzevy8cnK9i6pMh12uhYSjW
OoeAXO5iv0UOMFvAfJdX8aAvNu8+mHRu8mNnPFQ54FDQLIXS1mZAwxnJ6cn2/C/0
fK1WU2085toodHsNiXeRT2g4kc7ua/sgINhvsClFadfwjv4+3oUhq5zpQCaOAWCI
SLV1Vn9OUQHcgAEvvBpkMdXAaMwI6ShjMGihcRNb404BLy/Wo9UJGybP0s/mY+Tj
SEKRe2dbdDGmuUF8qXVYqLJQyEQVnQIDAQABo4ICxzCCAsMwHQYDVR0OBBYEFHoJ
NWMFj4u7o6ueWtOyt1CVcKgIMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8yODk3RkJCQzQzQTExMUYxOTRENzg1MUFDRjFEMzhCMC5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMEEGCCsGAQUFBwEHAQH/BDIwMDAuBAIAATAoMAwDBACa0nsDBAea0gADBAGa
1QQDBACa1gEwDAMEBZrWIAMEAprWKDANBgkqhkiG9w0BAQsFAAOCAQEAYUdBP2mT
R7bTFnWy1kZk3KcrBx6jhDEnM8FoczR9NdfnlrlfaMq8AXDugjea7FFvFcTTzdJe
sTn/uxNRSmqIltBzU1K819XLHuFQAMC8Dl/appQOG8m535UC2++VwS/E3N9YszBg
zAT42PCfd+bTJn71eMkeZXix1hCU6ERpM39mQcmqk7JePE3COwQoT4DwIHp9iyyf
lXf55PWGgYOyoeW1Hxp5Fcz7lAV4yo/UnLoY9b8OwPqpiSdsWWASghPRmdiN26tK
FJf1VODov80tQipT5viH9SqzZSW6se2rCNuiZ7pU2DU+jGh4m5DJjwJbTz3N+s+j
IkacNtazGieMBg==
-----END CERTIFICATE-----
Generated at Thu May 7 23:49:01 2026 by rpki-client