Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/41900B2C55EA11F18EA3EFD6CE1D38B0.roa
File: 41900B2C55EA11F18EA3EFD6CE1D38B0.roa (raw, json)
Hash identifier: E7U/MuPyV4x3oDHqcTRJcvK7egcCx5x/a502EcOHqKs=
Subject key identifier: 5F:E6:FD:43:F1:3C:27:83:02:42:C3:86:B7:67:C2:83:D1:19:05:B6
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01CE1E
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/41900B2C55EA11F18EA3EFD6CE1D38B0.roa
Signing time: Fri 22 May 2026 14:26:44 +0000
ROA not before: Fri 22 May 2026 14:26:39 +0000
ROA not after: Tue 25 Aug 2026 14:26:39 +0000
asID: 13335
IP address blocks: 154.194.225.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Thu 04 Jun 2026 00:07:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 118302 (0x1ce1e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: May 22 14:26:39 2026 GMT
Not After : Aug 25 14:26:39 2026 GMT
Subject: CN=6a1067a4-99b1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:66:f2:b8:ac:d2:76:6f:94:dc:38:50:11:1d:
9e:0d:e6:43:ac:f2:ef:6d:9b:03:ee:2c:f1:b3:e1:
f3:ea:0c:1a:ac:13:90:39:47:aa:91:86:4e:be:28:
3d:87:29:0c:21:f0:d6:0b:9f:59:8e:50:df:ac:e1:
40:4e:d9:89:1b:7b:de:7b:b3:81:0c:7f:4d:fc:f1:
de:51:d8:99:7a:bb:21:da:26:76:90:78:38:f2:90:
83:47:4e:e0:8c:39:7f:c0:7d:48:0c:1c:c1:8d:d6:
80:71:b8:de:f9:aa:68:a2:3d:0e:80:4e:b4:d9:ae:
6c:fd:f0:08:99:1a:d3:a4:b9:e6:91:ca:6d:7e:3c:
a7:76:e6:fa:1f:3e:f7:a2:5b:34:ad:07:ca:a5:97:
43:eb:5f:3f:be:e2:09:87:e4:4b:79:f4:e2:c1:7f:
5a:97:86:06:3c:9d:8e:0a:da:cb:dd:4b:b4:37:cb:
01:fe:50:81:04:67:42:d5:c1:21:b7:18:0b:3d:b6:
61:dd:0c:e1:39:c8:ed:32:3e:87:11:0b:ce:5f:4b:
9d:78:7f:41:b4:f7:b2:3c:dd:2b:26:ce:bf:c8:ce:
ea:20:65:5e:db:78:5e:ac:7d:e6:d3:ac:2f:35:c8:
51:5e:9a:d6:db:e1:70:dc:86:a9:c1:ce:01:4d:c6:
7e:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:E6:FD:43:F1:3C:27:83:02:42:C3:86:B7:67:C2:83:D1:19:05:B6
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/41900B2C55EA11F18EA3EFD6CE1D38B0.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.194.225.0/24
Signature Algorithm: sha256WithRSAEncryption
ad:61:25:53:f5:4b:58:7b:68:fc:85:4b:85:09:1c:4e:32:46:
bf:6f:88:83:a2:36:b6:d2:2a:b9:e9:04:c0:be:0b:a2:dc:0a:
61:04:20:29:44:86:95:1d:fb:34:a4:1d:73:81:f4:d9:d0:11:
b2:c6:f9:f7:2d:d2:18:42:2d:c0:91:c2:16:ea:47:9f:64:bd:
4b:a9:ad:0a:1c:d4:9d:6f:3c:b0:31:3a:fd:81:66:f5:82:d4:
57:de:8e:a3:c7:d6:8c:6c:47:ee:fb:e3:56:1a:43:db:35:f9:
84:eb:41:69:c6:8e:25:72:d7:e9:d8:dc:cb:95:de:03:d3:c1:
9f:43:1b:89:04:d9:77:d2:82:f4:2b:d1:98:3b:9c:3c:b5:76:
a4:24:2b:fc:a4:fa:c2:89:e9:1f:49:56:bf:68:b3:a0:38:e4:
ac:49:74:34:de:f3:09:d9:0e:f6:b7:13:40:9e:3d:59:d0:92:
8b:b7:c5:9a:f0:f3:7f:e7:36:ec:06:41:d7:4e:50:ef:ac:89:
c7:4b:6c:ef:00:ab:90:c0:78:95:55:5a:04:08:cd:89:fc:44:
86:ea:d0:b4:49:a4:61:83:83:c1:51:99:3d:5e:ac:d2:50:d1:
50:7f:8f:b1:f3:1a:75:b0:9c:9f:0c:bc:39:07:bd:1e:dc:48:
a7:c1:42:f9
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAc4eMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjYwNTIyMTQyNjM5WhcNMjYwODI1MTQyNjM5WjAYMRYw
FAYDVQQDEw02YTEwNjdhNC05OWIxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAn2byuKzSdm+U3DhQER2eDeZDrPLvbZsD7izxs+Hz6gwarBOQOUeqkYZO
vig9hykMIfDWC59ZjlDfrOFATtmJG3vee7OBDH9N/PHeUdiZersh2iZ2kHg48pCD
R07gjDl/wH1IDBzBjdaAcbje+apooj0OgE602a5s/fAImRrTpLnmkcptfjyndub6
Hz73ols0rQfKpZdD618/vuIJh+RLefTiwX9al4YGPJ2OCtrL3Uu0N8sB/lCBBGdC
1cEhtxgLPbZh3QzhOcjtMj6HEQvOX0udeH9BtPeyPN0rJs6/yM7qIGVe23herH3m
06wvNchRXprW2+Fw3Iapwc4BTcZ+tQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFF/m
/UPxPCeDAkLDhrdnwoPRGQW2MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC80MTkwMEIyQzU1RUExMUYxOEVBM0VGRDZDRTFEMzhCMC5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmsLhMA0GCSqGSIb3DQEB
CwUAA4IBAQCtYSVT9UtYe2j8hUuFCRxOMka/b4iDoja20iq56QTAvgui3AphBCAp
RIaVHfs0pB1zgfTZ0BGyxvn3LdIYQi3AkcIW6kefZL1Lqa0KHNSdbzywMTr9gWb1
gtRX3o6jx9aMbEfu++NWGkPbNfmE60Fpxo4lctfp2NzLld4D08GfQxuJBNl30oL0
K9GYO5w8tXakJCv8pPrCiekfSVa/aLOgOOSsSXQ03vMJ2Q72txNAnj1Z0JKLt8Wa
8PN/5zbsBkHXTlDvrInHS2zvAKuQwHiVVVoECM2J/ESG6tC0SaRhg4PBUZk9XqzS
UNFQf4+x8xp1sJyfDLw5B70e3EinwUL5
-----END CERTIFICATE-----
Generated at Tue Jun 2 21:43:07 2026 by rpki-client