Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/43E27444414C11F1AEBC74EDCE1D38B0.roa
File: 43E27444414C11F1AEBC74EDCE1D38B0.roa (raw, json)
Hash identifier: s54eHC6QKOycKD6EOKsHLm71M75DzyCIOqBAONU5LA4=
Subject key identifier: DF:7F:30:39:36:A7:38:C4:11:B4:40:FE:39:1E:02:A5:81:82:72:F1
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01C793
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/43E27444414C11F1AEBC74EDCE1D38B0.roa
Signing time: Sun 26 Apr 2026 08:45:24 +0000
ROA not before: Sun 26 Apr 2026 08:45:19 +0000
ROA not after: Wed 25 Apr 2029 08:45:19 +0000
asID: 17561
IP address blocks: 154.194.35.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 11 May 2026 00:07:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 116627 (0x1c793)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Apr 26 08:45:19 2026 GMT
Not After : Apr 25 08:45:19 2029 GMT
Subject: CN=69edd0a4-2bca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:f6:70:f7:9c:5d:70:82:7a:8a:d3:ee:f5:06:
88:93:76:20:0b:8f:fb:e5:30:cf:7e:ec:c3:31:f0:
f5:04:4c:dc:c4:30:a0:83:f5:b8:25:d7:f1:bb:2b:
6e:9c:49:0d:3b:61:f1:0e:5c:60:02:26:67:2a:d5:
e3:4b:1f:c1:3c:56:bd:a0:9e:91:e8:0a:85:02:3c:
98:bb:b5:d0:8f:fa:a5:41:96:0b:de:81:b6:3f:71:
f0:98:b1:2a:53:0d:29:e2:f5:08:f9:10:fa:d6:21:
18:3f:ed:b3:94:d0:76:92:f9:49:20:1e:88:5d:af:
eb:9d:3a:96:99:2c:e2:f2:53:96:92:1e:7a:76:7b:
ce:18:31:54:70:b4:07:21:23:88:e9:02:6c:53:f2:
aa:32:0c:3b:16:3c:bd:b7:dd:5a:21:c6:5f:a0:46:
a2:3a:84:a4:0a:f4:a0:bd:b9:81:29:1f:6b:1d:74:
66:46:ad:3b:ca:e7:84:a9:4d:2a:af:27:ac:f2:ca:
d6:88:02:ab:94:41:51:c2:ff:36:17:7d:6c:2c:18:
24:93:7b:cd:50:00:e9:b4:ec:81:12:9d:ce:e4:51:
94:f9:a3:5b:e6:9c:64:05:e7:6a:99:6e:04:c2:ec:
73:05:43:06:48:1e:07:06:87:d1:ed:15:64:06:50:
35:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:7F:30:39:36:A7:38:C4:11:B4:40:FE:39:1E:02:A5:81:82:72:F1
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/43E27444414C11F1AEBC74EDCE1D38B0.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.194.35.0/24
Signature Algorithm: sha256WithRSAEncryption
8e:63:68:2e:a1:fb:a3:3f:75:1f:c3:59:d0:94:4f:c8:d7:5a:
78:a7:a5:9f:63:43:95:a1:01:5c:d8:bd:2f:53:d3:5e:34:d0:
10:53:f1:04:d9:3b:51:77:95:11:23:84:c9:4d:38:8c:27:01:
de:a0:f7:2b:89:4b:05:04:4e:3b:60:0e:1e:e0:8d:06:08:6b:
c2:54:c1:70:ad:f7:2c:8d:0c:bd:d2:e5:7c:7d:02:0f:98:d6:
de:5f:03:14:18:37:a7:c7:be:a5:99:ce:85:17:61:0b:5c:61:
35:be:9c:5c:54:7d:81:52:91:23:db:5f:89:41:c8:87:8c:33:
86:18:97:97:05:99:b2:2f:39:a3:07:f9:a0:c7:29:ec:16:37:
a3:77:23:16:18:3f:ca:23:53:a5:fd:83:d2:fb:3d:d9:d7:9b:
7d:36:29:01:aa:c2:ee:cb:d6:d4:39:40:81:b8:be:3e:cd:fe:
c2:c0:80:1f:64:f3:9b:eb:58:2e:c8:1c:25:7a:e0:ae:2d:57:
a1:61:a5:c4:da:a3:cc:d3:2a:20:cc:42:31:c1:da:c2:8d:a3:
b4:00:67:e3:f6:9a:f9:7e:68:94:d2:ee:5e:31:b0:98:fa:c8:
3f:a9:2e:92:51:54:7c:12:2d:1e:c0:51:f7:8f:bb:a7:a6:52:
b5:df:a1:14
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAceTMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjYwNDI2MDg0NTE5WhcNMjkwNDI1MDg0NTE5WjAYMRYw
FAYDVQQDEw02OWVkZDBhNC0yYmNhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAsfZw95xdcIJ6itPu9QaIk3YgC4/75TDPfuzDMfD1BEzcxDCgg/W4Jdfx
uytunEkNO2HxDlxgAiZnKtXjSx/BPFa9oJ6R6AqFAjyYu7XQj/qlQZYL3oG2P3Hw
mLEqUw0p4vUI+RD61iEYP+2zlNB2kvlJIB6IXa/rnTqWmSzi8lOWkh56dnvOGDFU
cLQHISOI6QJsU/KqMgw7Fjy9t91aIcZfoEaiOoSkCvSgvbmBKR9rHXRmRq07yueE
qU0qryes8srWiAKrlEFRwv82F31sLBgkk3vNUADptOyBEp3O5FGU+aNb5pxkBedq
mW4EwuxzBUMGSB4HBofR7RVkBlA1dwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFN9/
MDk2pzjEEbRA/jkeAqWBgnLxMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC80M0UyNzQ0NDQxNEMxMUYxQUVCQzc0RURDRTFEMzhCMC5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmsIjMA0GCSqGSIb3DQEB
CwUAA4IBAQCOY2guofujP3Ufw1nQlE/I11p4p6WfY0OVoQFc2L0vU9NeNNAQU/EE
2TtRd5URI4TJTTiMJwHeoPcriUsFBE47YA4e4I0GCGvCVMFwrfcsjQy90uV8fQIP
mNbeXwMUGDenx76lmc6FF2ELXGE1vpxcVH2BUpEj21+JQciHjDOGGJeXBZmyLzmj
B/mgxynsFjejdyMWGD/KI1Ol/YPS+z3Z15t9NikBqsLuy9bUOUCBuL4+zf7CwIAf
ZPOb61guyBwleuCuLVehYaXE2qPM0yogzEIxwdrCjaO0AGfj9pr5fmiU0u5eMbCY
+sg/qS6SUVR8Ei0ewFH3j7unplK136EU
-----END CERTIFICATE-----
Generated at Sat May 9 11:02:32 2026 by rpki-client