Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/4E72435E513B11F18AB89BCECE1D38B0.roa
File: 4E72435E513B11F18AB89BCECE1D38B0.roa (raw, json)
Hash identifier: La09RbofZ4xnDd+x4NfF3VRzvv0FdHo8HVTXKHP8f/o=
Subject key identifier: 9A:CF:B4:C5:1C:80:92:95:B3:6B:D9:2F:B3:03:68:8A:BE:DC:86:F5
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01CBF9
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/4E72435E513B11F18AB89BCECE1D38B0.roa
Signing time: Sat 16 May 2026 15:24:19 +0000
ROA not before: Sat 16 May 2026 15:24:14 +0000
ROA not after: Mon 25 May 2026 15:24:14 +0000
asID: 137535
IP address blocks: 154.86.16.0/23 maxlen: 24
154.86.16.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 23 May 2026 00:07:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 117753 (0x1cbf9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: May 16 15:24:14 2026 GMT
Not After : May 25 15:24:14 2026 GMT
Subject: CN=6a088c23-500f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:29:73:95:5f:86:92:4f:f5:bc:0c:3d:d5:ed:
74:1a:42:7b:33:a2:ed:b3:f1:f6:44:b4:a5:89:1f:
c3:22:63:a7:0e:70:5d:96:32:08:40:f5:98:ce:1b:
46:b8:13:6f:0c:c0:a7:cf:2e:98:2e:f8:95:e0:f8:
50:55:6e:f4:72:12:2e:9e:bc:71:3c:12:3c:e5:20:
5e:f1:18:2b:b7:7c:db:3f:d8:5e:20:8a:82:c8:48:
fc:40:49:65:54:2c:17:bd:8f:cc:de:2f:70:51:f3:
e1:e4:6e:7a:62:e7:b2:a5:29:96:63:1c:47:10:c5:
f6:2f:0e:4b:90:56:45:64:4e:3f:2b:03:2b:a4:24:
04:3a:a3:c9:9f:a2:23:f3:4c:bf:48:21:6b:c8:cf:
48:61:72:87:47:d8:3c:f4:e2:a4:10:40:4f:16:8f:
52:77:a0:42:b6:7e:c2:89:4f:36:74:23:d3:3e:e4:
7a:e3:fa:bb:96:27:80:42:c6:e8:d6:6c:43:ce:6f:
0d:ac:00:40:d5:26:d8:ca:8f:5c:0a:6b:7f:19:73:
09:67:31:2e:c4:34:48:13:90:81:ab:49:b0:6d:a5:
62:80:f2:8e:6e:f3:d3:b0:78:f7:41:20:62:a3:a8:
fa:9d:7f:01:57:bf:50:8b:bd:af:9b:ff:d4:62:8b:
4c:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:CF:B4:C5:1C:80:92:95:B3:6B:D9:2F:B3:03:68:8A:BE:DC:86:F5
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/4E72435E513B11F18AB89BCECE1D38B0.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.86.16.0/23
Signature Algorithm: sha256WithRSAEncryption
7c:26:64:0d:60:39:96:e4:7a:11:5b:37:ba:aa:a6:b3:ab:c3:
bb:62:01:68:d2:2c:b3:46:18:61:d6:b1:a9:38:79:13:47:1a:
5e:ca:9d:66:93:f2:dc:c3:94:af:ac:71:ce:f9:77:0f:25:55:
d2:96:21:eb:51:6d:16:02:35:56:0f:2e:7b:cd:a5:62:98:06:
0e:a1:be:f6:78:a3:e0:a9:76:b0:83:e1:a6:61:fa:2d:37:7c:
d7:30:93:24:79:45:83:03:4f:a2:54:cc:8e:72:23:98:ec:91:
cb:5e:03:88:7c:6c:29:0a:9a:a0:e8:20:62:ce:d7:0b:72:b9:
d1:3a:ce:f3:23:bf:f5:81:f3:d6:97:89:28:36:66:db:39:a4:
96:33:b2:fe:a2:9e:94:7d:7d:1c:7e:46:d5:14:5d:0d:ce:f0:
b8:7e:a2:8d:94:2a:e8:2d:f3:63:09:fc:eb:df:e1:8d:86:63:
8e:64:97:35:4d:3d:c2:b6:de:11:7f:7e:0e:61:31:10:a4:6c:
70:1d:18:b9:9e:f6:49:b7:d4:26:93:66:99:ac:1d:7d:04:5e:
26:4c:a0:14:2e:ba:df:53:11:68:91:fc:80:89:77:e6:f0:75:
52:70:6d:26:07:42:9a:08:0f:04:4b:99:b7:8c:6e:bd:d3:7f:
45:cc:97:b8
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAcv5MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjYwNTE2MTUyNDE0WhcNMjYwNTI1MTUyNDE0WjAYMRYw
FAYDVQQDEw02YTA4OGMyMy01MDBmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA4ilzlV+Gkk/1vAw91e10GkJ7M6Lts/H2RLSliR/DImOnDnBdljIIQPWY
zhtGuBNvDMCnzy6YLviV4PhQVW70chIunrxxPBI85SBe8Rgrt3zbP9heIIqCyEj8
QEllVCwXvY/M3i9wUfPh5G56YueypSmWYxxHEMX2Lw5LkFZFZE4/KwMrpCQEOqPJ
n6Ij80y/SCFryM9IYXKHR9g89OKkEEBPFo9Sd6BCtn7CiU82dCPTPuR64/q7lieA
Qsbo1mxDzm8NrABA1SbYyo9cCmt/GXMJZzEuxDRIE5CBq0mwbaVigPKObvPTsHj3
QSBio6j6nX8BV79Qi72vm//UYotMVQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFJrP
tMUcgJKVs2vZL7MDaIq+3Ib1MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC80RTcyNDM1RTUxM0IxMUYxOEFCODlCQ0VDRTFEMzhCMC5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBmlYQMA0GCSqGSIb3DQEB
CwUAA4IBAQB8JmQNYDmW5HoRWze6qqazq8O7YgFo0iyzRhhh1rGpOHkTRxpeyp1m
k/Lcw5SvrHHO+XcPJVXSliHrUW0WAjVWDy57zaVimAYOob72eKPgqXawg+GmYfot
N3zXMJMkeUWDA0+iVMyOciOY7JHLXgOIfGwpCpqg6CBiztcLcrnROs7zI7/1gfPW
l4koNmbbOaSWM7L+op6UfX0cfkbVFF0NzvC4fqKNlCroLfNjCfzr3+GNhmOOZJc1
TT3Ctt4Rf34OYTEQpGxwHRi5nvZJt9Qmk2aZrB19BF4mTKAULrrfUxFokfyAiXfm
8HVScG0mB0KaCA8ES5m3jG69039FzJe4
-----END CERTIFICATE-----
Generated at Thu May 21 13:20:41 2026 by rpki-client