Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/384CFDA2460111F180155E10CF1D38B0.roa
File: 384CFDA2460111F180155E10CF1D38B0.roa (raw, json)
Hash identifier: Oz/rH17aWEB7STpCXvlHN+seUZOLKGtrYZfHW3YtNKY=
Subject key identifier: 2C:03:53:43:F3:03:B2:48:13:04:18:A8:B4:A3:F3:06:2D:D5:23:B8
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01C90E
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/384CFDA2460111F180155E10CF1D38B0.roa
Signing time: Sat 02 May 2026 08:30:48 +0000
ROA not before: Sat 02 May 2026 08:30:43 +0000
ROA not after: Tue 09 Jun 2026 08:30:43 +0000
asID: 135377
IP address blocks: 154.82.22.0/24 maxlen: 24
154.82.23.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 11 May 2026 00:07:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 117006 (0x1c90e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: May 2 08:30:43 2026 GMT
Not After : Jun 9 08:30:43 2026 GMT
Subject: CN=69f5b638-92a3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:f4:11:7e:a3:a6:cd:de:74:dc:08:1a:ba:2c:
e9:95:75:fe:18:1f:e6:67:36:c6:e7:25:0e:fb:c7:
8b:00:c4:94:66:70:83:00:f4:19:c9:4c:5d:56:f7:
b8:a7:d4:d5:35:0c:f1:72:95:2e:b0:ef:78:2b:db:
f6:a7:6b:de:5f:01:c8:00:13:fb:5c:20:c6:3a:9d:
56:df:52:4d:ee:e3:c6:a1:f1:d6:a7:8a:b2:99:d7:
33:b9:6e:cb:76:86:8c:ce:57:e0:37:42:2d:2d:f3:
c5:3b:6f:38:62:6c:7c:b7:85:41:2e:82:89:80:eb:
16:06:a8:e2:64:e4:d6:9b:f8:5b:89:c2:4d:a1:1a:
20:49:80:f7:98:28:88:f2:50:d9:c2:87:d0:95:7f:
a7:7e:77:19:2e:2a:8d:66:99:38:87:ab:42:63:fe:
e8:bd:a1:8d:ed:c9:8f:e6:c2:6d:30:e9:58:00:a3:
a5:80:9e:95:97:20:01:a3:37:70:5c:42:3a:d2:e9:
d9:dd:8c:2e:63:9f:26:a8:58:d3:08:a6:8e:58:ca:
47:28:63:65:86:99:53:1f:cd:b9:0c:05:ad:77:d6:
26:92:41:68:e9:4f:a4:2c:32:70:4e:1b:4b:6e:11:
9f:e3:1e:6b:6c:98:12:f9:6d:69:40:d0:f1:26:06:
e2:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:03:53:43:F3:03:B2:48:13:04:18:A8:B4:A3:F3:06:2D:D5:23:B8
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/384CFDA2460111F180155E10CF1D38B0.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.82.22.0/23
Signature Algorithm: sha256WithRSAEncryption
17:25:a3:f4:a8:07:c1:52:b1:4b:ae:62:53:d0:14:8e:ff:43:
95:97:19:18:03:33:a0:3e:de:5a:d8:82:c4:d1:43:27:62:98:
d1:23:d4:68:2e:ef:68:dd:a2:a1:f8:78:b9:37:6b:d1:bf:a5:
30:9d:91:f2:86:7c:89:a5:ee:4a:e4:c2:e9:36:89:18:1f:8e:
f5:73:6d:72:a4:f2:39:20:dd:79:65:13:91:d3:15:3b:3b:31:
66:80:57:7e:df:58:6d:35:20:d6:01:5b:5a:2e:f3:4c:5d:31:
cd:78:f4:99:49:e1:8f:6a:74:78:eb:93:b1:bd:89:f8:97:a8:
9d:ac:54:0e:5c:33:cc:7b:4e:6a:2e:59:b0:2e:4c:af:95:14:
3e:e3:02:29:cf:46:ae:9f:fd:fe:bd:c2:5f:da:30:53:25:1e:
a2:40:1f:da:92:9e:44:fc:43:9a:99:b1:ca:7d:e7:3b:3a:ee:
35:cb:7d:4e:2f:14:4e:d3:c3:47:44:47:72:20:75:e8:04:eb:
ab:b1:c9:1c:93:79:f0:a7:ab:30:05:a0:51:61:0c:c4:62:33:
78:b5:66:f9:60:5d:be:e5:0c:09:51:62:1b:68:4b:5f:3d:3f:
0c:f0:50:c1:b0:6d:02:29:a0:af:b5:a4:d2:f2:cb:a4:6b:33:
f4:ee:72:4a
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAckOMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjYwNTAyMDgzMDQzWhcNMjYwNjA5MDgzMDQzWjAYMRYw
FAYDVQQDEw02OWY1YjYzOC05MmEzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAtvQRfqOmzd503AgauizplXX+GB/mZzbG5yUO+8eLAMSUZnCDAPQZyUxd
Vve4p9TVNQzxcpUusO94K9v2p2veXwHIABP7XCDGOp1W31JN7uPGofHWp4qymdcz
uW7LdoaMzlfgN0ItLfPFO284Ymx8t4VBLoKJgOsWBqjiZOTWm/hbicJNoRogSYD3
mCiI8lDZwofQlX+nfncZLiqNZpk4h6tCY/7ovaGN7cmP5sJtMOlYAKOlgJ6VlyAB
ozdwXEI60unZ3YwuY58mqFjTCKaOWMpHKGNlhplTH825DAWtd9YmkkFo6U+kLDJw
ThtLbhGf4x5rbJgS+W1pQNDxJgbiMQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFCwD
U0PzA7JIEwQYqLSj8wYt1SO4MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8zODRDRkRBMjQ2MDExMUYxODAxNTVFMTBDRjFEMzhCMC5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBmlIWMA0GCSqGSIb3DQEB
CwUAA4IBAQAXJaP0qAfBUrFLrmJT0BSO/0OVlxkYAzOgPt5a2ILE0UMnYpjRI9Ro
Lu9o3aKh+Hi5N2vRv6UwnZHyhnyJpe5K5MLpNokYH471c21ypPI5IN15ZROR0xU7
OzFmgFd+31htNSDWAVtaLvNMXTHNePSZSeGPanR465OxvYn4l6idrFQOXDPMe05q
LlmwLkyvlRQ+4wIpz0aun/3+vcJf2jBTJR6iQB/akp5E/EOambHKfec7Ou41y31O
LxRO08NHREdyIHXoBOursckck3nwp6swBaBRYQzEYjN4tWb5YF2+5QwJUWIbaEtf
PT8M8FDBsG0CKaCvtaTS8sukazP07nJK
-----END CERTIFICATE-----
Generated at Sat May 9 11:00:40 2026 by rpki-client