Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/544A0E6A455B11F19CF56518CF1D38B0.roa
File: 544A0E6A455B11F19CF56518CF1D38B0.roa (raw, json)
Hash identifier: N0yh267O98Yc4JuSFCJzKPrJuE16j6oYqyonhxzjLSk=
Subject key identifier: E8:7F:42:7A:A7:42:BF:35:65:4A:D1:E7:3E:99:2D:BB:A1:1A:59:A5
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01C893
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/544A0E6A455B11F19CF56518CF1D38B0.roa
Signing time: Fri 01 May 2026 12:43:19 +0000
ROA not before: Fri 01 May 2026 12:43:14 +0000
ROA not after: Sun 17 May 2026 12:43:14 +0000
asID: 139880
IP address blocks: 154.206.128.0/18 maxlen: 24
154.215.64.0/18 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 11 May 2026 00:07:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 116883 (0x1c893)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: May 1 12:43:14 2026 GMT
Not After : May 17 12:43:14 2026 GMT
Subject: CN=69f49fe7-46d9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:2c:58:d8:9f:ca:8d:dc:19:67:e4:00:1f:ec:
01:1b:03:0e:46:aa:7f:f5:c0:8e:f4:7a:73:00:45:
d9:72:d3:2e:35:03:9a:b4:b4:30:3f:63:28:fe:49:
e5:34:fa:ce:1f:fe:4e:c8:7a:37:af:be:ed:86:47:
3e:93:3d:44:e2:7c:9d:2c:16:b0:e2:d0:9b:b8:7a:
34:91:84:e8:9e:f0:1c:3c:d7:d5:c4:75:8e:12:77:
f7:e5:cf:e8:d2:b5:1b:2f:6b:ec:b0:ed:f9:e0:f2:
16:17:58:0e:50:24:48:c1:be:e8:66:b4:ec:5f:63:
08:a0:f5:25:cc:fa:8f:6b:93:73:52:75:ae:1a:8a:
6a:f2:f9:ef:fd:63:68:d9:e0:02:96:22:99:bc:3e:
d3:af:e7:7c:55:47:5d:b3:78:e1:03:2b:57:ca:ea:
07:0b:6e:26:1b:0d:58:37:04:c1:43:18:8e:18:23:
07:5c:22:5e:90:bf:ea:da:8c:c4:4a:1f:f4:ef:b4:
53:5a:6b:e3:09:5b:62:32:d1:1c:a2:02:c4:3c:44:
81:14:1f:03:76:37:b3:74:e7:fa:f3:bd:9e:c1:b4:
58:f0:18:f7:bc:8f:41:16:07:30:56:ea:61:66:6f:
43:8c:94:47:cf:a1:5f:d8:98:61:0e:06:3e:a6:1d:
02:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:7F:42:7A:A7:42:BF:35:65:4A:D1:E7:3E:99:2D:BB:A1:1A:59:A5
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/544A0E6A455B11F19CF56518CF1D38B0.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.206.128.0/18
154.215.64.0/18
Signature Algorithm: sha256WithRSAEncryption
25:4a:71:c6:14:e9:83:e1:95:bf:ce:b9:27:ed:7a:3b:18:9e:
0d:7b:8f:a0:ef:33:65:8c:32:96:28:91:8b:61:bb:dd:3b:8e:
75:ed:ab:bc:56:63:7f:f1:d2:1f:34:32:ca:ca:00:cc:37:d9:
4f:bd:0a:77:19:fa:45:08:3d:7b:b3:10:66:d1:03:ed:a7:c7:
74:46:ab:06:75:9d:1b:b3:9c:25:6b:4d:7b:63:7a:f2:cc:47:
50:8e:a7:0c:30:ba:1d:46:83:52:ab:d5:67:9c:86:9b:68:5c:
c8:94:79:ae:d6:2b:7d:22:b7:80:1e:5f:7d:d0:42:7a:11:ff:
f1:98:d7:19:9c:d0:47:d6:47:c1:b4:07:14:c6:31:25:ff:eb:
6f:dc:ea:dd:c8:e0:29:91:c0:8c:9a:63:35:e3:37:2b:e8:64:
34:74:fa:b6:7d:ce:02:61:9b:fe:7a:6f:92:73:c3:8e:39:61:
e5:49:e4:0f:f9:7b:43:b6:1e:33:a5:38:f4:f2:d8:eb:9d:d4:
f6:fd:f7:1d:f5:b1:01:6a:4e:37:ec:60:01:b8:e9:49:58:53:
b1:c1:bd:2e:6a:46:b3:88:29:69:e6:48:c2:e0:e3:7d:95:4f:
74:2a:c4:45:d7:e4:22:0d:11:01:43:f5:e8:1b:ae:24:6d:5b:
59:91:a8:f7
-----BEGIN CERTIFICATE-----
MIIFijCCBHKgAwIBAgIDAciTMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjYwNTAxMTI0MzE0WhcNMjYwNTE3MTI0MzE0WjAYMRYw
FAYDVQQDEw02OWY0OWZlNy00NmQ5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAsixY2J/KjdwZZ+QAH+wBGwMORqp/9cCO9HpzAEXZctMuNQOatLQwP2Mo
/knlNPrOH/5OyHo3r77thkc+kz1E4nydLBaw4tCbuHo0kYTonvAcPNfVxHWOEnf3
5c/o0rUbL2vssO354PIWF1gOUCRIwb7oZrTsX2MIoPUlzPqPa5NzUnWuGopq8vnv
/WNo2eACliKZvD7Tr+d8VUdds3jhAytXyuoHC24mGw1YNwTBQxiOGCMHXCJekL/q
2ozESh/077RTWmvjCVtiMtEcogLEPESBFB8DdjezdOf6872ewbRY8Bj3vI9BFgcw
VuphZm9DjJRHz6Ff2JhhDgY+ph0CxwIDAQABo4ICqzCCAqcwHQYDVR0OBBYEFOh/
QnqnQr81ZUrR5z6ZLbuhGlmlMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC81NDRBMEU2QTQ1NUIxMUYxOUNGNTY1MThDRjFEMzhCMC5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQGms6AAwQGmtdAMA0GCSqG
SIb3DQEBCwUAA4IBAQAlSnHGFOmD4ZW/zrkn7Xo7GJ4Ne4+g7zNljDKWKJGLYbvd
O4517au8VmN/8dIfNDLKygDMN9lPvQp3GfpFCD17sxBm0QPtp8d0RqsGdZ0bs5wl
a017Y3ryzEdQjqcMMLodRoNSq9VnnIabaFzIlHmu1it9IreAHl990EJ6Ef/xmNcZ
nNBH1kfBtAcUxjEl/+tv3OrdyOApkcCMmmM14zcr6GQ0dPq2fc4CYZv+em+Sc8OO
OWHlSeQP+XtDth4zpTj08tjrndT2/fcd9bEBak437GABuOlJWFOxwb0uakaziClp
5kjC4ON9lU90KsRF1+QiDREBQ/XoG64kbVtZkaj3
-----END CERTIFICATE-----
Generated at Sat May 9 11:03:52 2026 by rpki-client