Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/3D3DAB94460711F18DF195B6CE1D38B0.roa
File: 3D3DAB94460711F18DF195B6CE1D38B0.roa (raw, json)
Hash identifier: Nl0lcy9FpK15MjKOGuSK6Q33I4Z7HYwsKullTpbi0wI=
Subject key identifier: 44:01:04:CD:77:0F:52:23:D5:03:9B:5F:6E:63:C9:06:52:DD:D4:BA
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01C918
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/3D3DAB94460711F18DF195B6CE1D38B0.roa
Signing time: Sat 02 May 2026 09:13:53 +0000
ROA not before: Sat 02 May 2026 09:13:48 +0000
ROA not after: Tue 09 Jun 2026 09:13:48 +0000
asID: 138915
IP address blocks: 154.95.89.0/24 maxlen: 24
154.95.90.0/24 maxlen: 24
154.95.91.0/24 maxlen: 24
154.95.92.0/24 maxlen: 24
154.95.93.0/24 maxlen: 24
154.95.94.0/24 maxlen: 24
154.95.96.0/22 maxlen: 24
154.95.108.0/22 maxlen: 24
154.95.116.0/22 maxlen: 24
154.95.122.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 11 May 2026 00:07:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 117016 (0x1c918)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: May 2 09:13:48 2026 GMT
Not After : Jun 9 09:13:48 2026 GMT
Subject: CN=69f5c051-f7e3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:f8:71:86:ff:d5:87:34:53:be:2f:cc:2d:6e:
8b:9e:89:0d:18:f0:c8:6b:c3:0e:79:e8:af:74:d9:
28:37:13:11:bd:f4:16:a9:d6:ac:25:d9:64:58:ab:
cd:c4:25:a7:4b:9b:55:47:42:2a:94:6d:c1:ca:c8:
4a:51:ed:27:90:ab:fd:9d:9f:0e:9b:fe:ad:20:28:
7d:c0:54:27:e7:a8:65:23:d0:c6:6a:44:97:bd:c1:
9d:ed:65:31:95:21:15:b2:75:c9:23:4a:ae:f3:ab:
3b:93:cd:3c:47:93:d1:a6:e6:4e:90:45:f1:6c:41:
5d:0e:f4:81:d1:9f:cd:45:74:2c:4b:13:a3:6a:62:
74:7a:be:2b:a9:49:ce:6d:da:f8:b6:7c:6d:50:9f:
83:e3:f0:9c:d0:6a:d9:c1:09:90:ba:68:b0:7a:14:
0f:76:50:20:f4:7a:11:d4:b7:f9:42:8b:81:f1:2a:
97:9c:42:1b:ac:58:0a:5b:73:8c:98:a8:11:9f:97:
78:20:70:f3:ea:29:11:29:28:7d:8b:f2:74:eb:d6:
bc:b3:f6:0f:29:8a:8c:12:2c:aa:5a:15:94:13:af:
a3:1f:56:7d:de:bb:b3:2c:a8:1c:92:13:2b:36:ab:
2a:e3:39:3d:de:f0:84:b8:1b:d5:29:8a:15:b5:a8:
15:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:01:04:CD:77:0F:52:23:D5:03:9B:5F:6E:63:C9:06:52:DD:D4:BA
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/3D3DAB94460711F18DF195B6CE1D38B0.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.95.89.0-154.95.94.255
154.95.96.0/22
154.95.108.0/22
154.95.116.0/22
154.95.122.0/23
Signature Algorithm: sha256WithRSAEncryption
a1:09:e2:b7:e9:94:8d:11:b9:c4:23:cd:45:57:6b:db:68:81:
c6:a6:c1:5c:d5:ad:b7:83:ad:d4:82:03:f9:86:ad:92:5e:b8:
0a:96:41:c2:97:e9:f9:f0:aa:9e:ef:3e:2d:34:b9:77:0d:fe:
8c:80:f5:9e:73:7a:9b:14:8c:fc:bd:1d:03:33:12:4c:21:48:
42:2d:af:ee:2f:2f:8e:0d:ea:4b:f6:6e:67:c4:00:f0:4d:3f:
65:54:ad:f7:83:c5:af:69:76:c2:f8:25:3d:9b:92:d2:60:49:
be:77:87:04:72:50:51:4d:52:c8:95:67:72:eb:c0:b9:82:02:
91:08:6a:1c:e1:73:16:83:ee:6f:a9:a9:88:3c:a7:b8:08:8c:
c9:fd:e4:45:14:82:56:cd:98:d7:f6:75:05:0a:c9:30:e8:26:
16:f2:ba:e0:0f:2e:8d:b6:a1:f9:63:53:d8:05:bd:33:96:3b:
91:21:05:9d:d7:f1:e6:7c:da:4a:c3:21:43:d5:3e:f9:91:d2:
5b:a5:15:da:0d:18:b8:35:77:83:d8:fd:74:27:6d:c9:9c:8c:
e0:a2:8e:b1:e6:04:40:e1:50:56:de:4a:81:12:9f:dd:02:07:
c4:07:e1:9b:27:97:82:02:3b:2b:a0:25:a2:75:36:8d:61:dd:
85:48:b5:d3
-----BEGIN CERTIFICATE-----
MIIFpDCCBIygAwIBAgIDAckYMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjYwNTAyMDkxMzQ4WhcNMjYwNjA5MDkxMzQ4WjAYMRYw
FAYDVQQDEw02OWY1YzA1MS1mN2UzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA4vhxhv/VhzRTvi/MLW6LnokNGPDIa8MOeeivdNkoNxMRvfQWqdasJdlk
WKvNxCWnS5tVR0IqlG3ByshKUe0nkKv9nZ8Om/6tICh9wFQn56hlI9DGakSXvcGd
7WUxlSEVsnXJI0qu86s7k808R5PRpuZOkEXxbEFdDvSB0Z/NRXQsSxOjamJ0er4r
qUnObdr4tnxtUJ+D4/Cc0GrZwQmQumiwehQPdlAg9HoR1Lf5QouB8SqXnEIbrFgK
W3OMmKgRn5d4IHDz6ikRKSh9i/J069a8s/YPKYqMEiyqWhWUE6+jH1Z93ruzLKgc
khMrNqsq4zk93vCEuBvVKYoVtagVvQIDAQABo4ICxTCCAsEwHQYDVR0OBBYEFEQB
BM13D1Ij1QObX25jyQZS3dS6MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8zRDNEQUI5NDQ2MDcxMUYxOERGMTk1QjZDRTFEMzhCMC5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmMAwDBACaX1kDBACaX14DBAKa
X2ADBAKaX2wDBAKaX3QDBAGaX3owDQYJKoZIhvcNAQELBQADggEBAKEJ4rfplI0R
ucQjzUVXa9togcamwVzVrbeDrdSCA/mGrZJeuAqWQcKX6fnwqp7vPi00uXcN/oyA
9Z5zepsUjPy9HQMzEkwhSEItr+4vL44N6kv2bmfEAPBNP2VUrfeDxa9pdsL4JT2b
ktJgSb53hwRyUFFNUsiVZ3LrwLmCApEIahzhcxaD7m+pqYg8p7gIjMn95EUUglbN
mNf2dQUKyTDoJhbyuuAPLo22ofljU9gFvTOWO5EhBZ3X8eZ82krDIUPVPvmR0lul
FdoNGLg1d4PY/XQnbcmcjOCijrHmBEDhUFbeSoESn90CB8QH4Zsnl4ICOyugJaJ1
No1h3YVItdM=
-----END CERTIFICATE-----
Generated at Sat May 9 11:00:23 2026 by rpki-client