Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/28ABA35C492211F1A0EA5A15CF1D38B0.roa
File: 28ABA35C492211F1A0EA5A15CF1D38B0.roa (raw, json)
Hash identifier: DdRq6PqFUl6BZfxrbHbIZWGx/vz7hWvym6G/+Gdjqdc=
Subject key identifier: 41:24:F3:D2:1B:2B:1A:E8:3A:60:A5:85:B0:EA:82:71:7F:BA:B6:BB
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01C983
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/28ABA35C492211F1A0EA5A15CF1D38B0.roa
Signing time: Wed 06 May 2026 08:04:09 +0000
ROA not before: Wed 06 May 2026 08:04:03 +0000
ROA not after: Thu 25 Jun 2026 08:04:03 +0000
asID: 272854
IP address blocks: 154.194.13.0/24 maxlen: 24
154.194.14.0/24 maxlen: 24
154.194.54.0/24 maxlen: 24
154.197.1.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 11 May 2026 00:07:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 117123 (0x1c983)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: May 6 08:04:03 2026 GMT
Not After : Jun 25 08:04:03 2026 GMT
Subject: CN=69faf5f9-584b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:cb:2d:ab:34:40:83:54:fd:d1:db:6f:80:64:
47:60:e9:b0:90:8c:bd:60:11:2f:cd:7d:4b:cd:2d:
b1:10:90:89:80:ca:e3:ec:8d:b4:b4:31:a1:e0:03:
4e:a5:17:0e:d5:84:09:c9:85:ce:97:6c:6e:7e:3b:
86:35:04:38:27:65:d2:ff:8c:86:c9:53:37:8c:b6:
74:2e:01:4b:0d:c6:43:e3:e1:64:b2:2c:7d:03:f8:
14:12:0b:40:db:9c:bb:a2:db:23:22:14:37:0a:4c:
6a:77:e6:53:d8:df:32:f4:00:04:1b:25:1e:89:32:
24:a0:9f:01:77:cd:01:a9:c6:5f:9b:1b:95:59:63:
94:41:05:10:65:df:6c:cd:fa:78:4b:79:db:69:50:
ab:c5:7b:75:e6:35:a3:f9:53:72:7f:f8:a3:97:8d:
71:1e:d6:37:0a:35:d6:4c:c0:f9:8f:96:54:b1:0e:
95:7d:d1:48:07:6f:ca:9c:09:d7:3e:52:34:e3:9c:
82:17:7b:7e:48:b8:a2:9a:bd:a5:b8:bd:64:1c:88:
62:c8:0e:08:a7:5b:30:ce:64:02:e0:37:a6:07:fe:
ee:d0:9c:7e:c3:52:12:9b:62:94:4f:1e:19:5c:bc:
67:df:db:b4:3d:0d:00:8a:c2:d3:ab:3e:d5:2b:f2:
42:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:24:F3:D2:1B:2B:1A:E8:3A:60:A5:85:B0:EA:82:71:7F:BA:B6:BB
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/28ABA35C492211F1A0EA5A15CF1D38B0.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.194.13.0-154.194.14.255
154.194.54.0/24
154.197.1.0/24
Signature Algorithm: sha256WithRSAEncryption
71:ae:9d:c4:5c:34:ac:59:46:ce:e4:6f:37:bd:8f:7b:6c:49:
5f:47:f0:ca:4b:d7:73:2e:35:b4:c1:85:d0:2a:f9:89:a4:50:
7c:02:f5:03:d6:dc:b1:78:81:87:7e:d0:68:f4:5b:ad:8a:5b:
cc:b9:7f:41:e2:e2:f3:98:21:f2:92:b6:92:19:40:de:e4:f6:
e0:2b:fa:b9:71:0f:2e:60:dd:ad:c6:e0:d7:ca:c7:aa:0c:d6:
5d:c1:70:8c:58:67:91:68:0d:be:81:48:aa:1c:df:55:e9:e0:
0f:b6:08:2f:5c:86:fa:e1:31:1e:d6:44:14:70:e4:d1:40:63:
71:3a:9d:c0:9e:a6:95:b2:cd:7a:fa:a7:92:40:44:7c:38:96:
f3:15:91:02:67:18:ab:37:20:75:12:f1:de:8d:4d:29:8e:48:
80:ef:56:ad:95:ce:8f:a8:9d:1c:0c:9e:ea:53:43:17:bc:92:
d3:13:9c:e4:cb:e1:16:e7:82:c9:13:3d:53:09:8f:06:70:7d:
e4:54:bd:1e:2a:52:17:61:46:b7:37:4a:ed:c9:d4:7d:b9:37:
44:0c:63:0a:c7:53:57:0c:04:96:7f:26:5c:7e:dc:28:28:49:
e6:e4:1b:c1:8f:a3:94:fb:3b:76:96:88:2d:46:20:4a:bf:cb:
cd:34:ac:df
-----BEGIN CERTIFICATE-----
MIIFmDCCBICgAwIBAgIDAcmDMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjYwNTA2MDgwNDAzWhcNMjYwNjI1MDgwNDAzWjAYMRYw
FAYDVQQDEw02OWZhZjVmOS01ODRiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAysstqzRAg1T90dtvgGRHYOmwkIy9YBEvzX1LzS2xEJCJgMrj7I20tDGh
4ANOpRcO1YQJyYXOl2xufjuGNQQ4J2XS/4yGyVM3jLZ0LgFLDcZD4+Fksix9A/gU
EgtA25y7otsjIhQ3Ckxqd+ZT2N8y9AAEGyUeiTIkoJ8Bd80BqcZfmxuVWWOUQQUQ
Zd9szfp4S3nbaVCrxXt15jWj+VNyf/ijl41xHtY3CjXWTMD5j5ZUsQ6VfdFIB2/K
nAnXPlI045yCF3t+SLiimr2luL1kHIhiyA4Ip1swzmQC4DemB/7u0Jx+w1ISm2KU
Tx4ZXLxn39u0PQ0AisLTqz7VK/JCjQIDAQABo4ICuTCCArUwHQYDVR0OBBYEFEEk
89IbKxroOmClhbDqgnF/ura7MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8yOEFCQTM1QzQ5MjIxMUYxQTBFQTVBMTVDRjFEMzhCMC5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBACawg0DBACawg4DBACa
wjYDBACaxQEwDQYJKoZIhvcNAQELBQADggEBAHGuncRcNKxZRs7kbze9j3tsSV9H
8MpL13MuNbTBhdAq+YmkUHwC9QPW3LF4gYd+0Gj0W62KW8y5f0Hi4vOYIfKStpIZ
QN7k9uAr+rlxDy5g3a3G4NfKx6oM1l3BcIxYZ5FoDb6BSKoc31Xp4A+2CC9chvrh
MR7WRBRw5NFAY3E6ncCeppWyzXr6p5JARHw4lvMVkQJnGKs3IHUS8d6NTSmOSIDv
Vq2Vzo+onRwMnupTQxe8ktMTnOTL4RbngskTPVMJjwZwfeRUvR4qUhdhRrc3Su3J
1H25N0QMYwrHU1cMBJZ/Jlx+3CgoSebkG8GPo5T7O3aWiC1GIEq/y800rN8=
-----END CERTIFICATE-----
Generated at Sat May 9 11:03:51 2026 by rpki-client