Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/4A343C58456411F1B0047CCECE1D38B0.roa
File: 4A343C58456411F1B0047CCECE1D38B0.roa (raw, json)
Hash identifier: Mu6nutLu26JmpLo3GABSzKSYvZkTLNOCD9aq5AP2nec=
Subject key identifier: BE:2D:61:5D:24:B1:9C:7C:16:8B:A0:A4:ED:C1:6E:2A:38:FE:FC:A4
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01C8A5
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/4A343C58456411F1B0047CCECE1D38B0.roa
Signing time: Fri 01 May 2026 13:47:27 +0000
ROA not before: Fri 01 May 2026 13:47:22 +0000
ROA not after: Wed 03 Jun 2026 13:47:22 +0000
asID: 17561
IP address blocks: 154.198.8.0/24 maxlen: 24
154.198.188.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 11 May 2026 00:07:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 116901 (0x1c8a5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: May 1 13:47:22 2026 GMT
Not After : Jun 3 13:47:22 2026 GMT
Subject: CN=69f4aeef-5372
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:19:b7:d1:a7:49:60:14:c1:77:8b:f5:8e:e7:
7c:c2:b9:10:f4:06:8a:25:e1:44:8e:c0:17:91:ca:
a4:dc:ba:66:03:2e:14:8a:9c:6d:6a:77:f3:d5:6f:
72:e9:71:4e:02:23:4b:44:18:4e:34:e6:30:47:4f:
61:83:1e:02:01:3b:29:33:df:fe:1c:b4:68:58:3c:
ea:3a:5b:72:90:9a:f2:d4:30:4a:1d:89:e7:1d:68:
2b:4d:59:01:93:7a:c6:2e:93:80:cc:a2:1c:8b:df:
a4:c8:e9:c5:3f:f4:c1:e3:fe:80:87:91:5b:d0:0b:
4b:58:88:6c:73:3a:a6:ea:7f:1f:48:20:15:7a:d2:
06:32:0b:80:48:1a:fa:f5:6e:a3:08:67:dd:22:2d:
64:0c:cd:34:ac:c6:b5:9a:8e:bd:0e:15:c2:2b:29:
fb:43:54:73:73:eb:f7:4f:5c:28:ff:98:12:3b:8e:
12:8a:d5:1b:57:58:4b:21:73:83:d5:85:22:ac:fc:
94:e1:a5:68:8c:a4:de:02:cd:a1:68:d1:33:c0:fe:
7f:1c:15:55:63:8c:6a:99:d2:56:7f:ad:3d:ee:b8:
9d:f9:e7:a9:0e:80:a8:6b:6b:98:90:b2:73:b1:b0:
27:67:e5:18:75:a1:4b:b5:59:0d:1b:71:5f:cd:20:
04:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:2D:61:5D:24:B1:9C:7C:16:8B:A0:A4:ED:C1:6E:2A:38:FE:FC:A4
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/4A343C58456411F1B0047CCECE1D38B0.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.198.8.0/24
154.198.188.0/23
Signature Algorithm: sha256WithRSAEncryption
a7:63:6f:21:a0:6d:20:23:3b:24:aa:5a:91:63:18:0c:e4:f3:
0f:19:c4:98:f8:95:75:5d:8e:12:c3:37:5f:33:0a:f8:2a:18:
79:e7:8a:96:f4:bf:f6:fc:f1:ee:a6:67:54:2e:f5:2e:8d:2f:
b6:24:ad:b9:af:f5:3d:c2:93:12:2b:8f:b8:40:a3:45:46:a4:
e6:8b:65:a1:4f:80:65:2b:21:68:2d:de:03:d3:ff:17:52:43:
0c:e1:b5:dd:66:be:4e:43:89:b7:06:2b:01:a1:ed:75:68:aa:
fe:07:34:ac:f3:02:b5:ad:a7:9b:2f:d8:28:6e:ee:51:03:5b:
1c:5c:5b:77:77:71:71:35:6c:be:42:59:c0:d2:1b:55:5d:57:
ee:02:da:13:e4:94:88:58:1b:43:5f:53:23:e9:b7:07:a2:61:
76:80:46:23:a9:18:2e:0a:9e:14:b7:aa:a0:1a:83:28:5f:a4:
d4:0c:6b:15:f5:8c:a9:8f:03:5d:e8:7e:27:b6:a9:14:14:44:
6e:c9:db:bc:ef:2f:7d:fd:b4:4d:9f:9a:e4:52:5d:b1:48:fa:
65:16:1f:f1:c9:f3:96:1b:89:af:3d:62:f9:48:23:6c:70:53:
9c:5b:ff:2b:89:81:85:dc:47:0d:7c:46:87:63:88:18:ed:5e:
3d:b2:0e:16
-----BEGIN CERTIFICATE-----
MIIFijCCBHKgAwIBAgIDAcilMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjYwNTAxMTM0NzIyWhcNMjYwNjAzMTM0NzIyWjAYMRYw
FAYDVQQDEw02OWY0YWVlZi01MzcyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAxBm30adJYBTBd4v1jud8wrkQ9AaKJeFEjsAXkcqk3LpmAy4Uipxtanfz
1W9y6XFOAiNLRBhONOYwR09hgx4CATspM9/+HLRoWDzqOltykJry1DBKHYnnHWgr
TVkBk3rGLpOAzKIci9+kyOnFP/TB4/6Ah5Fb0AtLWIhsczqm6n8fSCAVetIGMguA
SBr69W6jCGfdIi1kDM00rMa1mo69DhXCKyn7Q1Rzc+v3T1wo/5gSO44SitUbV1hL
IXOD1YUirPyU4aVojKTeAs2haNEzwP5/HBVVY4xqmdJWf6097rid+eepDoCoa2uY
kLJzsbAnZ+UYdaFLtVkNG3FfzSAEKwIDAQABo4ICqzCCAqcwHQYDVR0OBBYEFL4t
YV0ksZx8FougpO3Bbio4/vykMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC80QTM0M0M1ODQ1NjQxMUYxQjAwNDdDQ0VDRTFEMzhCMC5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAmsYIAwQBmsa8MA0GCSqG
SIb3DQEBCwUAA4IBAQCnY28hoG0gIzskqlqRYxgM5PMPGcSY+JV1XY4SwzdfMwr4
Khh554qW9L/2/PHupmdULvUujS+2JK25r/U9wpMSK4+4QKNFRqTmi2WhT4BlKyFo
Ld4D0/8XUkMM4bXdZr5OQ4m3BisBoe11aKr+BzSs8wK1raebL9gobu5RA1scXFt3
d3FxNWy+QlnA0htVXVfuAtoT5JSIWBtDX1Mj6bcHomF2gEYjqRguCp4Ut6qgGoMo
X6TUDGsV9YypjwNd6H4ntqkUFERuydu87y99/bRNn5rkUl2xSPplFh/xyfOWG4mv
PWL5SCNscFOcW/8riYGF3EcNfEaHY4gY7V49sg4W
-----END CERTIFICATE-----
Generated at Sat May 9 11:02:32 2026 by rpki-client