Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/517054F0447B11F1BEB8BDC7CE1D38B0.roa
File: 517054F0447B11F1BEB8BDC7CE1D38B0.roa (raw, json)
Hash identifier: pIvPIEEppEfAz/bs4UouWnVSY5gvQ2viXrGKjCU14Fg=
Subject key identifier: B1:61:71:6E:6E:61:70:64:7B:E9:55:3E:31:17:61:59:BA:5D:95:FC
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01C819
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/517054F0447B11F1BEB8BDC7CE1D38B0.roa
Signing time: Thu 30 Apr 2026 09:59:47 +0000
ROA not before: Thu 30 Apr 2026 09:59:41 +0000
ROA not after: Fri 07 May 2027 09:59:41 +0000
asID: 212238
IP address blocks: 154.198.16.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Thu 07 May 2026 00:07:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 116761 (0x1c819)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Apr 30 09:59:41 2026 GMT
Not After : May 7 09:59:41 2027 GMT
Subject: CN=69f32812-c443
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:12:8d:4c:15:e8:d3:e4:c7:7a:4d:97:ac:45:
fa:ce:f4:c6:d9:2e:e8:3e:b7:4d:bb:b8:8e:af:63:
ae:75:50:dd:cb:31:68:d3:1b:a8:f8:fc:80:1a:6a:
b8:87:0c:ef:54:04:38:f0:84:41:a6:4b:87:11:4f:
ba:ae:d7:ae:8b:9a:2c:ff:c5:f6:bf:8c:12:96:b9:
69:74:0d:9f:25:7d:ee:94:cb:c1:b0:8a:2c:a5:bb:
f2:bd:e5:1b:b3:bb:cd:38:f3:59:b9:49:07:79:45:
bb:6f:b9:75:19:3d:a1:17:51:1a:25:e3:98:aa:ef:
42:11:4a:c9:51:fd:23:2f:bf:3c:b7:ff:e9:17:8b:
e7:63:9b:bd:a0:ec:30:37:06:d2:5b:4a:05:71:91:
0c:ec:8f:13:ab:2e:14:af:53:b2:76:b4:a0:0d:5e:
b5:c5:de:11:20:4d:72:79:d2:60:2d:4f:8b:76:b7:
5e:7e:2f:86:b7:54:75:4f:46:84:c4:07:40:f0:a1:
77:b1:24:76:9a:7e:fb:3a:2b:c5:1d:0c:22:b0:e4:
f0:7d:2f:15:b6:a1:5d:e5:aa:06:29:22:c6:f3:fa:
3a:4f:49:66:0f:46:50:fa:9e:fc:86:6a:51:0e:01:
c8:7e:d3:9a:0a:c3:62:1e:b8:09:d4:07:50:60:8a:
ae:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:61:71:6E:6E:61:70:64:7B:E9:55:3E:31:17:61:59:BA:5D:95:FC
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/517054F0447B11F1BEB8BDC7CE1D38B0.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.198.16.0/24
Signature Algorithm: sha256WithRSAEncryption
52:ad:f7:09:0c:b5:bd:7a:20:68:79:af:80:bb:d7:cf:1f:55:
18:bb:dd:d0:1e:cc:7e:6e:47:a9:17:7c:2a:68:9b:44:0d:14:
d1:5d:da:87:b2:d2:5f:1d:94:ff:8c:28:0c:29:75:43:43:57:
b4:a8:ba:fe:b5:1c:78:d1:65:16:4c:ba:e3:59:81:47:fb:97:
6c:1e:07:d4:c1:bb:29:cc:3c:e3:11:80:65:87:c1:0e:b6:08:
2e:61:fe:b9:c9:4d:8b:68:0f:9c:73:3a:2a:2d:61:c6:6d:b4:
de:bd:d6:b6:f5:75:a2:f9:ec:45:a1:0e:fe:c2:7e:68:ae:cc:
26:35:50:d0:d7:b4:6d:7d:a3:89:53:ac:79:6f:64:87:fa:82:
f3:a8:08:b6:ba:59:c4:ac:34:96:97:d5:94:85:9d:87:04:f2:
12:b8:12:40:26:cd:13:23:7b:18:c4:72:ec:fc:f3:41:3f:45:
21:a4:16:8c:a8:3a:ab:de:35:af:e0:e6:14:03:3a:6c:f7:be:
fb:f7:7b:94:fc:10:d8:e2:48:aa:77:03:68:74:fd:d1:07:83:
5a:7b:f3:eb:31:e6:a6:ec:59:36:18:2f:80:23:bc:da:3c:92:
e1:d9:31:dc:6b:fc:a4:ea:10:e5:ca:0d:88:2e:59:11:ee:d6:
e8:dc:4d:56
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAcgZMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjYwNDMwMDk1OTQxWhcNMjcwNTA3MDk1OTQxWjAYMRYw
FAYDVQQDEw02OWYzMjgxMi1jNDQzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAwBKNTBXo0+THek2XrEX6zvTG2S7oPrdNu7iOr2OudVDdyzFo0xuo+PyA
Gmq4hwzvVAQ48IRBpkuHEU+6rteui5os/8X2v4wSlrlpdA2fJX3ulMvBsIospbvy
veUbs7vNOPNZuUkHeUW7b7l1GT2hF1EaJeOYqu9CEUrJUf0jL788t//pF4vnY5u9
oOwwNwbSW0oFcZEM7I8Tqy4Ur1OydrSgDV61xd4RIE1yedJgLU+Ldrdefi+Gt1R1
T0aExAdA8KF3sSR2mn77OivFHQwisOTwfS8VtqFd5aoGKSLG8/o6T0lmD0ZQ+p78
hmpRDgHIftOaCsNiHrgJ1AdQYIqu9wIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFLFh
cW5uYXBke+lVPjEXYVm6XZX8MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC81MTcwNTRGMDQ0N0IxMUYxQkVCOEJEQzdDRTFEMzhCMC5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmsYQMA0GCSqGSIb3DQEB
CwUAA4IBAQBSrfcJDLW9eiBoea+Au9fPH1UYu93QHsx+bkepF3wqaJtEDRTRXdqH
stJfHZT/jCgMKXVDQ1e0qLr+tRx40WUWTLrjWYFH+5dsHgfUwbspzDzjEYBlh8EO
tgguYf65yU2LaA+cczoqLWHGbbTevda29XWi+exFoQ7+wn5orswmNVDQ17RtfaOJ
U6x5b2SH+oLzqAi2ulnErDSWl9WUhZ2HBPISuBJAJs0TI3sYxHLs/PNBP0UhpBaM
qDqr3jWv4OYUAzps977793uU/BDY4kiqdwNodP3RB4Nae/PrMeam7Fk2GC+AI7za
PJLh2THca/yk6hDlyg2ILlkR7tbo3E1W
-----END CERTIFICATE-----
Generated at Tue May 5 23:15:55 2026 by rpki-client