Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/58D8556C448F11F18A4B36BFCE1D38B0.roa
File: 58D8556C448F11F18A4B36BFCE1D38B0.roa (raw, json)
Hash identifier: cFpxbdEZq6bxmX30bke8nLaiDx+4aWA2f7OZcHM4tbI=
Subject key identifier: 2C:1D:E6:C8:65:D2:0C:21:B6:C4:75:AF:B1:E8:38:5E:81:F0:75:8E
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01C831
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/58D8556C448F11F18A4B36BFCE1D38B0.roa
Signing time: Thu 30 Apr 2026 12:23:09 +0000
ROA not before: Thu 30 Apr 2026 12:23:04 +0000
ROA not after: Fri 05 Jun 2026 12:23:04 +0000
asID: 49505
IP address blocks: 154.211.17.0/24 maxlen: 24
154.211.18.0/24 maxlen: 24
154.211.19.0/24 maxlen: 24
154.212.28.0/24 maxlen: 24
154.212.29.0/24 maxlen: 24
154.212.30.0/24 maxlen: 24
154.212.31.0/24 maxlen: 24
154.213.0.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 11 May 2026 00:07:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 116785 (0x1c831)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Apr 30 12:23:04 2026 GMT
Not After : Jun 5 12:23:04 2026 GMT
Subject: CN=69f349ad-b4f9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:4d:5b:09:c1:6c:a9:d3:72:af:8f:fc:88:cd:
de:e8:c7:42:47:16:39:bb:59:75:1b:74:31:5a:a9:
b7:ce:0d:72:a3:9b:da:ac:1a:2c:4e:0a:74:a8:06:
27:98:34:56:cf:4a:b6:99:94:bd:fa:85:2c:97:8e:
7f:e4:b6:1f:c9:1c:44:96:ce:28:18:52:5d:04:9c:
b5:4c:9a:3a:8e:80:43:22:19:09:51:54:74:4b:dd:
f6:6f:6d:2c:88:3c:f4:ca:45:62:12:38:99:8b:b8:
ad:f5:27:07:d2:1b:ac:88:54:ea:ad:26:e8:2c:e8:
b1:32:7d:28:2b:69:cf:52:7b:6d:9e:2c:74:7b:49:
84:06:88:1b:b1:22:a8:1b:55:7e:56:c7:f8:be:a8:
3e:17:9f:15:4f:e6:10:73:94:3d:5d:a3:1e:44:12:
60:19:b7:f4:b4:88:7f:67:5d:d0:30:53:c7:cf:e3:
c6:3e:9b:e8:cd:f5:70:74:42:30:61:b0:ed:7a:e5:
72:65:70:99:24:48:0c:73:66:d4:92:15:74:b7:bd:
05:87:3b:ea:77:a7:04:55:b2:1d:b4:61:a5:a5:1b:
3e:d3:7b:68:90:3d:09:e0:08:85:83:42:7c:32:63:
74:32:3b:93:a3:59:4e:a5:82:8c:87:8d:40:b3:aa:
cd:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:1D:E6:C8:65:D2:0C:21:B6:C4:75:AF:B1:E8:38:5E:81:F0:75:8E
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/58D8556C448F11F18A4B36BFCE1D38B0.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.211.17.0-154.211.19.255
154.212.28.0/22
154.213.0.0/24
Signature Algorithm: sha256WithRSAEncryption
a1:f0:25:e9:c0:51:e8:57:d9:66:ea:a0:ac:07:71:33:ed:28:
3a:78:6c:4d:b6:4f:e2:75:ba:c3:85:9b:c9:e0:5d:1c:aa:26:
39:a3:a6:62:ee:1c:bb:55:35:5e:48:73:07:fc:68:7d:8c:74:
2a:7e:b5:b9:9b:48:02:9a:52:fa:38:56:2f:a7:5a:02:75:eb:
01:6b:02:14:86:f0:b4:3c:3e:43:92:f0:8e:b6:00:c1:20:95:
b8:3c:3c:f7:fd:ec:e2:5c:f9:22:cf:de:a0:a1:44:65:23:d6:
37:d0:38:37:99:e0:4f:98:2d:6d:de:49:2c:16:f7:dc:dc:46:
6c:a6:ac:42:3a:7a:19:b7:9a:7d:e3:ee:dc:c5:3c:02:98:8e:
22:6d:4b:7d:2f:3c:a0:30:ab:32:c4:ef:b2:2f:73:e8:a9:32:
0c:54:74:1e:f1:ce:1b:62:ea:51:96:f6:fc:80:2b:b7:95:08:
de:ce:0f:26:fd:c2:b6:48:0a:c0:c8:ee:97:ff:97:4f:13:7d:
d9:db:39:95:de:a1:f4:f8:6d:8b:db:19:cb:75:ec:26:4d:ed:
ee:05:d8:67:ae:d8:6a:e9:54:f0:a4:73:9c:04:e7:3a:fa:25:
d5:04:d1:f3:05:1a:40:06:cd:81:86:cc:09:42:77:01:50:2b:
3c:2b:a3:b5
-----BEGIN CERTIFICATE-----
MIIFmDCCBICgAwIBAgIDAcgxMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjYwNDMwMTIyMzA0WhcNMjYwNjA1MTIyMzA0WjAYMRYw
FAYDVQQDEw02OWYzNDlhZC1iNGY5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAvU1bCcFsqdNyr4/8iM3e6MdCRxY5u1l1G3QxWqm3zg1yo5varBosTgp0
qAYnmDRWz0q2mZS9+oUsl45/5LYfyRxEls4oGFJdBJy1TJo6joBDIhkJUVR0S932
b20siDz0ykViEjiZi7it9ScH0husiFTqrSboLOixMn0oK2nPUnttnix0e0mEBogb
sSKoG1V+Vsf4vqg+F58VT+YQc5Q9XaMeRBJgGbf0tIh/Z13QMFPHz+PGPpvozfVw
dEIwYbDteuVyZXCZJEgMc2bUkhV0t70Fhzvqd6cEVbIdtGGlpRs+03tokD0J4AiF
g0J8MmN0MjuTo1lOpYKMh41As6rNqwIDAQABo4ICuTCCArUwHQYDVR0OBBYEFCwd
5shl0gwhtsR1r7HoOF6B8HWOMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC81OEQ4NTU2QzQ0OEYxMUYxOEE0QjM2QkZDRTFEMzhCMC5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBACa0xEDBAKa0xADBAKa
1BwDBACa1QAwDQYJKoZIhvcNAQELBQADggEBAKHwJenAUehX2WbqoKwHcTPtKDp4
bE22T+J1usOFm8ngXRyqJjmjpmLuHLtVNV5Icwf8aH2MdCp+tbmbSAKaUvo4Vi+n
WgJ16wFrAhSG8LQ8PkOS8I62AMEglbg8PPf97OJc+SLP3qChRGUj1jfQODeZ4E+Y
LW3eSSwW99zcRmymrEI6ehm3mn3j7tzFPAKYjiJtS30vPKAwqzLE77Ivc+ipMgxU
dB7xzhti6lGW9vyAK7eVCN7ODyb9wrZICsDI7pf/l08TfdnbOZXeofT4bYvbGct1
7CZN7e4F2Geu2GrpVPCkc5wE5zr6JdUE0fMFGkAGzYGGzAlCdwFQKzwro7U=
-----END CERTIFICATE-----
Generated at Sat May 9 11:02:14 2026 by rpki-client