Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/691F4BF63FBC11F19202C5DFCE1D38B0.roa
File: 691F4BF63FBC11F19202C5DFCE1D38B0.roa (raw, json)
Hash identifier: gewPCVd/wJXPM8Yk8yxQU600Yrs3xxA87oA8WtquMRw=
Subject key identifier: E4:16:C4:B5:09:11:41:AD:AD:9D:06:35:AA:0E:85:DE:A5:5B:7F:77
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01C71F
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/691F4BF63FBC11F19202C5DFCE1D38B0.roa
Signing time: Fri 24 Apr 2026 09:03:08 +0000
ROA not before: Fri 24 Apr 2026 09:03:02 +0000
ROA not after: Sun 31 May 2026 09:03:02 +0000
asID: 62240
IP address blocks: 154.194.76.0/24 maxlen: 24
154.194.77.0/24 maxlen: 24
154.195.0.0/24 maxlen: 24
154.195.1.0/24 maxlen: 24
154.195.100.0/24 maxlen: 24
154.195.126.0/24 maxlen: 24
154.196.16.0/24 maxlen: 24
154.196.17.0/24 maxlen: 24
154.196.19.0/24 maxlen: 24
154.196.47.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 11 May 2026 00:07:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 116511 (0x1c71f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Apr 24 09:03:02 2026 GMT
Not After : May 31 09:03:02 2026 GMT
Subject: CN=69eb31cc-df21
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:d8:1e:3a:22:32:e6:4b:1c:32:12:a0:e9:f8:
6a:f3:d3:5b:c6:48:d7:a8:4e:34:e1:6a:3a:24:35:
ff:6f:2f:d1:50:9b:7a:0a:2a:41:5a:e2:81:49:c3:
b6:50:c0:81:42:fc:c5:77:b7:7f:2d:83:5d:2f:9f:
bd:00:f8:85:27:2a:ed:26:fa:cc:86:07:67:7f:d0:
9c:dc:31:12:9d:8e:3a:7a:b2:65:8b:84:16:a7:94:
86:a3:a8:b9:f0:91:f8:86:69:fb:4b:ab:5b:c8:e4:
e9:30:af:2c:8d:dd:89:10:18:a9:55:9e:0b:10:5e:
d7:af:2e:ef:f1:84:1e:fc:44:6d:58:18:55:e4:e2:
7d:9a:fa:05:3a:4a:02:b0:4b:6c:32:fc:01:91:6f:
fa:05:0a:d9:d5:12:13:79:15:6d:06:4b:88:1b:06:
48:b7:99:45:b2:73:ec:e0:d3:64:fd:c2:05:73:cb:
42:13:45:e4:da:e6:c4:b3:02:e9:7c:5d:c0:ef:fe:
45:78:d8:90:fb:05:b9:b5:64:fe:4c:15:dd:c5:47:
21:7c:ed:19:d1:3e:31:98:07:69:0a:79:ef:99:a5:
96:94:36:37:f9:e0:73:9e:0f:e0:c0:90:cc:26:c2:
dc:90:b3:dc:a4:38:df:2f:c0:91:85:fd:4e:4b:13:
71:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:16:C4:B5:09:11:41:AD:AD:9D:06:35:AA:0E:85:DE:A5:5B:7F:77
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/691F4BF63FBC11F19202C5DFCE1D38B0.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.194.76.0/23
154.195.0.0/23
154.195.100.0/24
154.195.126.0/24
154.196.16.0/23
154.196.19.0/24
154.196.47.0/24
Signature Algorithm: sha256WithRSAEncryption
28:c2:46:0f:31:fb:b8:36:f6:d1:fb:63:31:8c:1f:0c:ac:28:
02:e1:23:ea:82:a9:90:8b:2c:7f:01:4b:18:84:ff:e6:18:f6:
f1:98:c0:b2:47:0f:ef:67:66:9c:1e:34:1d:90:24:0a:c7:c0:
ba:9a:de:03:d0:92:4a:a1:5f:9d:07:55:6c:2d:c9:e1:02:24:
ae:af:3b:76:67:13:92:0c:ec:c3:c5:d8:89:33:1f:43:23:59:
64:11:9e:63:ef:2b:46:ca:4a:da:6e:86:93:1b:ed:92:4e:20:
a0:db:02:2c:a6:4e:40:33:f9:8d:f9:4a:e8:fa:e6:ad:23:71:
3a:5d:46:08:9c:ef:ec:2c:af:e1:46:9a:b4:02:28:89:72:4f:
fc:96:ec:94:23:0f:42:b2:0b:2d:42:8a:f1:e5:f1:a7:1b:50:
af:da:34:6a:c1:a0:9d:ef:f1:22:ef:a2:57:d2:c7:19:35:d8:
c8:53:f3:3c:c2:e1:6d:d5:a7:0a:91:cf:1e:23:c8:5a:3f:4a:
76:33:02:97:6b:c9:eb:a3:f5:dc:3b:73:52:42:9f:3c:c8:db:
ba:08:d9:74:de:8d:dc:ba:03:d7:f9:9a:b7:e3:c0:ee:1c:bc:
6f:7a:0f:3c:ed:f6:4f:c7:1f:02:a0:c5:ff:db:01:c1:f7:fa:
f7:b1:c4:7a
-----BEGIN CERTIFICATE-----
MIIFqDCCBJCgAwIBAgIDAccfMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjYwNDI0MDkwMzAyWhcNMjYwNTMxMDkwMzAyWjAYMRYw
FAYDVQQDEw02OWViMzFjYy1kZjIxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAptgeOiIy5kscMhKg6fhq89NbxkjXqE404Wo6JDX/by/RUJt6CipBWuKB
ScO2UMCBQvzFd7d/LYNdL5+9APiFJyrtJvrMhgdnf9Cc3DESnY46erJli4QWp5SG
o6i58JH4hmn7S6tbyOTpMK8sjd2JEBipVZ4LEF7Xry7v8YQe/ERtWBhV5OJ9mvoF
OkoCsEtsMvwBkW/6BQrZ1RITeRVtBkuIGwZIt5lFsnPs4NNk/cIFc8tCE0Xk2ubE
swLpfF3A7/5FeNiQ+wW5tWT+TBXdxUchfO0Z0T4xmAdpCnnvmaWWlDY3+eBzng/g
wJDMJsLckLPcpDjfL8CRhf1OSxNxGQIDAQABo4ICyTCCAsUwHQYDVR0OBBYEFOQW
xLUJEUGtrZ0GNaoOhd6lW393MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC82OTFGNEJGNjNGQkMxMUYxOTIwMkM1REZDRTFEMzhCMC5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQBmsJMAwQBmsMAAwQAmsNk
AwQAmsN+AwQBmsQQAwQAmsQTAwQAmsQvMA0GCSqGSIb3DQEBCwUAA4IBAQAowkYP
Mfu4NvbR+2MxjB8MrCgC4SPqgqmQiyx/AUsYhP/mGPbxmMCyRw/vZ2acHjQdkCQK
x8C6mt4D0JJKoV+dB1VsLcnhAiSurzt2ZxOSDOzDxdiJMx9DI1lkEZ5j7ytGykra
boaTG+2STiCg2wIspk5AM/mN+Uro+uatI3E6XUYInO/sLK/hRpq0AiiJck/8luyU
Iw9CsgstQorx5fGnG1Cv2jRqwaCd7/Ei76JX0scZNdjIU/M8wuFt1acKkc8eI8ha
P0p2MwKXa8nro/XcO3NSQp88yNu6CNl03o3cugPX+Zq348DuHLxveg887fZPxx8C
oMX/2wHB9/r3scR6
-----END CERTIFICATE-----
Generated at Sat May 9 11:01:58 2026 by rpki-client