Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/3870CD1E3C9B11F1AFB38DA0CE1D38B0.roa
File: 3870CD1E3C9B11F1AFB38DA0CE1D38B0.roa (raw, json)
Hash identifier: IhhKWcR8OSJORlEkucJlMIfKnBNrvPMGW45EbSGdIn8=
Subject key identifier: 7F:8A:2E:36:3E:7C:6A:07:31:AE:4A:F0:DF:BC:DD:AC:E0:DB:35:FF
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01C62E
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/3870CD1E3C9B11F1AFB38DA0CE1D38B0.roa
Signing time: Mon 20 Apr 2026 09:27:59 +0000
ROA not before: Mon 20 Apr 2026 09:27:55 +0000
ROA not after: Wed 27 May 2026 09:27:55 +0000
asID: 63139
IP address blocks: 154.203.169.0/24 maxlen: 24
154.203.170.0/24 maxlen: 24
154.203.171.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 11 May 2026 00:07:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 116270 (0x1c62e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Apr 20 09:27:55 2026 GMT
Not After : May 27 09:27:55 2026 GMT
Subject: CN=69e5f19f-2199
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:29:66:a8:aa:d3:77:99:cc:7b:57:46:65:25:
08:00:da:66:08:aa:2b:b1:80:bf:0b:71:ea:d4:de:
d7:ad:09:fb:0f:15:e1:94:77:07:9a:0a:9b:e8:b7:
ae:01:bb:5f:27:c0:51:6d:c5:7a:08:e1:43:4e:42:
10:04:fe:52:a0:87:80:61:5b:78:e0:0a:37:ad:e0:
56:e9:bc:9b:f9:c6:09:c7:a1:78:2d:e2:b3:de:38:
1b:44:a6:fe:5a:35:03:68:da:fd:42:55:25:ec:af:
2c:fd:de:e9:d3:ae:7f:4c:91:f1:8b:b4:37:cd:21:
76:f1:f5:62:ee:62:88:26:d0:79:45:5a:ff:2b:af:
7a:db:81:65:34:77:ed:16:5f:7b:f3:79:78:b4:07:
27:e0:52:01:31:18:8a:56:02:69:b1:03:60:46:93:
99:bc:84:05:21:48:95:9b:8e:f8:d1:29:33:f9:c9:
33:52:fe:9b:13:65:a0:08:1d:4b:be:a3:2e:81:bf:
17:56:ef:f8:cf:3e:fb:cf:d0:95:ff:40:5f:54:eb:
48:b4:95:a4:ea:e4:86:c8:c2:9b:9f:47:03:a2:0d:
73:d0:fb:36:61:a5:33:a0:80:66:50:b6:75:68:7a:
58:d8:d9:4c:56:1b:68:50:e4:53:91:1d:72:ea:e6:
ae:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:8A:2E:36:3E:7C:6A:07:31:AE:4A:F0:DF:BC:DD:AC:E0:DB:35:FF
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/3870CD1E3C9B11F1AFB38DA0CE1D38B0.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.203.169.0-154.203.171.255
Signature Algorithm: sha256WithRSAEncryption
2f:a0:53:c9:b8:b5:b1:69:b6:eb:c9:78:f6:2d:65:3f:be:4b:
aa:7c:7f:fa:60:66:e2:b4:09:f5:77:22:43:22:d6:93:c8:87:
84:6d:66:95:15:00:76:4f:47:98:17:f4:ec:1f:62:b4:6f:79:
30:33:c9:53:b3:1a:c3:da:5e:a6:cf:05:fc:46:2b:41:00:03:
b6:8f:4f:6c:3e:75:f2:18:94:ff:0d:bd:41:cd:3d:ea:57:3c:
8b:22:3b:1c:fa:01:94:9d:ef:a5:71:67:42:b1:f5:bf:e7:f6:
c4:ab:e6:13:4b:18:6c:2e:36:c1:ab:62:db:5c:24:49:28:3f:
3b:21:51:aa:dc:29:19:44:f6:34:22:e2:34:d0:22:ed:1e:00:
1c:00:92:4d:a5:28:35:84:b7:ad:a5:6f:49:a4:4e:02:c0:44:
73:83:3f:50:1d:f8:c5:09:3e:94:d0:d2:28:66:a2:3a:04:d5:
3d:9e:37:23:1b:d7:13:37:f1:63:01:6c:3d:e5:6b:1e:79:24:
89:b1:97:a9:02:e7:4a:1d:80:fe:48:c1:4d:64:31:e3:7c:72:
a0:9d:bd:09:9c:33:1a:39:8a:20:85:8c:99:03:dd:66:64:5a:
27:31:04:9e:0d:7f:71:cf:b5:b6:26:d6:84:83:70:81:e2:d4:
20:a8:ad:24
-----BEGIN CERTIFICATE-----
MIIFjDCCBHSgAwIBAgIDAcYuMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjYwNDIwMDkyNzU1WhcNMjYwNTI3MDkyNzU1WjAYMRYw
FAYDVQQDEw02OWU1ZjE5Zi0yMTk5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAwClmqKrTd5nMe1dGZSUIANpmCKorsYC/C3Hq1N7XrQn7DxXhlHcHmgqb
6LeuAbtfJ8BRbcV6COFDTkIQBP5SoIeAYVt44Ao3reBW6byb+cYJx6F4LeKz3jgb
RKb+WjUDaNr9QlUl7K8s/d7p065/TJHxi7Q3zSF28fVi7mKIJtB5RVr/K69624Fl
NHftFl9783l4tAcn4FIBMRiKVgJpsQNgRpOZvIQFIUiVm4740Skz+ckzUv6bE2Wg
CB1LvqMugb8XVu/4zz77z9CV/0BfVOtItJWk6uSGyMKbn0cDog1z0Ps2YaUzoIBm
ULZ1aHpY2NlMVhtoUORTkR1y6uauxwIDAQABo4ICrTCCAqkwHQYDVR0OBBYEFH+K
LjY+fGoHMa5K8N+83azg2zX/MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8zODcwQ0QxRTNDOUIxMUYxQUZCMzhEQTBDRTFEMzhCMC5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBACay6kDBAKay6gwDQYJ
KoZIhvcNAQELBQADggEBAC+gU8m4tbFptuvJePYtZT++S6p8f/pgZuK0CfV3IkMi
1pPIh4RtZpUVAHZPR5gX9OwfYrRveTAzyVOzGsPaXqbPBfxGK0EAA7aPT2w+dfIY
lP8NvUHNPepXPIsiOxz6AZSd76VxZ0Kx9b/n9sSr5hNLGGwuNsGrYttcJEkoPzsh
UarcKRlE9jQi4jTQIu0eABwAkk2lKDWEt62lb0mkTgLARHODP1Ad+MUJPpTQ0ihm
ojoE1T2eNyMb1xM38WMBbD3lax55JImxl6kC50odgP5IwU1kMeN8cqCdvQmcMxo5
iiCFjJkD3WZkWicxBJ4Nf3HPtbYm1oSDcIHi1CCorSQ=
-----END CERTIFICATE-----
Generated at Sat May 9 11:00:12 2026 by rpki-client