Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/71397A4045E411F1B15BFCE3CE1D38B0.roa
File: 71397A4045E411F1B15BFCE3CE1D38B0.roa (raw, json)
Hash identifier: avtwwLiKhCPkVkopMlXTrQJspwQ0bfciM7ewqiWLkkg=
Subject key identifier: A2:DB:55:8B:0D:AF:29:FD:40:97:EA:17:83:10:A2:A5:01:D0:C8:B1
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01C904
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/71397A4045E411F1B15BFCE3CE1D38B0.roa
Signing time: Sat 02 May 2026 05:04:48 +0000
ROA not before: Sat 02 May 2026 05:03:19 +0000
ROA not after: Sat 28 Apr 2029 05:03:19 +0000
asID: 17561
IP address blocks: 154.198.9.0/24 maxlen: 24
154.198.10.0/24 maxlen: 24
154.201.7.0/24 maxlen: 24
154.201.8.0/24 maxlen: 24
154.201.9.0/24 maxlen: 24
154.201.10.0/24 maxlen: 24
154.201.11.0/24 maxlen: 24
154.201.40.0/24 maxlen: 24
154.213.211.0/24 maxlen: 24
154.213.212.0/24 maxlen: 24
154.222.77.0/24 maxlen: 24
154.222.136.0/24 maxlen: 24
154.223.230.0/24 maxlen: 24
154.223.231.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 11 May 2026 00:07:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 116996 (0x1c904)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: May 2 05:03:19 2026 GMT
Not After : Apr 28 05:03:19 2029 GMT
Subject: CN=69f585f0-955b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:19:a3:6c:63:f9:3d:31:91:29:f6:2b:14:8f:
c6:2c:89:02:ff:80:36:8a:54:8e:46:22:fc:92:27:
a2:bb:6f:29:13:a6:ea:99:88:e3:08:a3:34:29:ba:
1d:92:a9:07:80:2f:d4:04:e2:c7:0d:ef:80:c4:35:
8d:51:aa:35:67:32:fa:36:38:c7:07:d0:8d:e6:91:
10:ce:cb:06:f8:72:03:71:39:2d:46:33:19:39:8e:
4a:db:26:7a:7f:71:7b:2e:4a:d1:ea:32:02:56:a3:
fa:c7:46:d0:1a:d4:91:2d:87:bf:9f:c3:fd:96:53:
93:2e:b1:61:3f:a9:27:21:5f:d7:64:b2:80:b7:45:
61:ad:29:a2:74:e1:e6:1b:f5:71:58:f6:95:e9:e0:
18:d1:b9:27:8b:36:57:bc:1e:96:ee:be:2d:37:2b:
6f:85:cf:51:d4:fc:33:16:f9:6e:84:42:9f:2c:14:
b7:b7:67:0d:df:9d:5e:16:92:0a:5a:30:a4:29:5a:
b3:0b:c5:21:54:c5:ee:ff:85:04:33:25:76:22:86:
98:4b:17:0a:f3:3d:19:32:7a:af:d0:94:53:ab:1a:
65:d0:0e:48:4b:73:00:2f:35:d5:73:6f:b4:6d:1c:
5b:da:7c:65:c3:7e:92:b1:7a:53:48:9c:a8:e6:71:
d6:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:DB:55:8B:0D:AF:29:FD:40:97:EA:17:83:10:A2:A5:01:D0:C8:B1
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/71397A4045E411F1B15BFCE3CE1D38B0.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.198.9.0-154.198.10.255
154.201.7.0-154.201.11.255
154.201.40.0/24
154.213.211.0-154.213.212.255
154.222.77.0/24
154.222.136.0/24
154.223.230.0/23
Signature Algorithm: sha256WithRSAEncryption
97:35:df:ae:49:31:a6:6e:b9:e7:b2:a2:c8:33:24:20:61:b5:
54:14:4b:0c:97:e1:90:d4:fa:62:57:ce:ee:ad:b6:7e:46:32:
1d:a8:64:80:69:18:9d:b4:54:e3:fe:88:84:3b:c9:0a:24:26:
f6:b7:a6:74:e0:01:5c:8e:3f:06:bd:be:9d:5b:6e:ab:54:ae:
96:38:2a:21:a0:ce:af:9c:52:d0:11:54:a5:ee:5b:f2:b9:45:
66:0c:82:74:23:28:6a:9a:12:4a:cd:c3:7e:b9:ff:2a:51:3b:
46:96:0c:fb:58:3f:ba:9a:7a:f5:10:2d:72:f3:87:40:38:00:
38:4e:c4:1f:82:5b:32:8f:af:67:5a:7b:45:e8:46:c9:42:da:
93:17:64:20:b9:7b:9f:42:78:88:c4:90:e5:8c:f7:a1:c2:61:
10:7d:fc:1c:19:85:6f:36:1b:97:93:dd:3d:74:95:dc:dc:be:
75:24:3f:f3:e8:bc:13:c1:5f:1c:b0:7b:10:39:83:57:45:12:
f6:02:78:41:8a:24:c5:d9:7f:5b:e6:f2:b2:6a:f6:ce:1b:b2:
81:e5:0e:e6:b2:d6:83:20:96:bf:2e:95:ca:7b:d6:b7:54:5e:
6b:d4:90:02:85:70:ef:a9:f4:9b:e8:79:80:72:36:25:0d:f3:
20:7f:91:12
-----BEGIN CERTIFICATE-----
MIIFwDCCBKigAwIBAgIDAckEMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjYwNTAyMDUwMzE5WhcNMjkwNDI4MDUwMzE5WjAYMRYw
FAYDVQQDEw02OWY1ODVmMC05NTViMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAyhmjbGP5PTGRKfYrFI/GLIkC/4A2ilSORiL8kieiu28pE6bqmYjjCKM0
KbodkqkHgC/UBOLHDe+AxDWNUao1ZzL6NjjHB9CN5pEQzssG+HIDcTktRjMZOY5K
2yZ6f3F7LkrR6jICVqP6x0bQGtSRLYe/n8P9llOTLrFhP6knIV/XZLKAt0VhrSmi
dOHmG/VxWPaV6eAY0bknizZXvB6W7r4tNytvhc9R1PwzFvluhEKfLBS3t2cN351e
FpIKWjCkKVqzC8UhVMXu/4UEMyV2IoaYSxcK8z0ZMnqv0JRTqxpl0A5IS3MALzXV
c2+0bRxb2nxlw36SsXpTSJyo5nHWSQIDAQABo4IC4TCCAt0wHQYDVR0OBBYEFKLb
VYsNryn9QJfqF4MQoqUB0MixMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC83MTM5N0E0MDQ1RTQxMUYxQjE1QkZDRTNDRTFEMzhCMC5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMFsGCCsGAQUFBwEHAQH/BEwwSjBIBAIAATBCMAwDBACaxgkDBACaxgowDAME
AJrJBwMEAprJCAMEAJrJKDAMAwQAmtXTAwQAmtXUAwQAmt5NAwQAmt6IAwQBmt/m
MA0GCSqGSIb3DQEBCwUAA4IBAQCXNd+uSTGmbrnnsqLIMyQgYbVUFEsMl+GQ1Ppi
V87urbZ+RjIdqGSAaRidtFTj/oiEO8kKJCb2t6Z04AFcjj8Gvb6dW26rVK6WOCoh
oM6vnFLQEVSl7lvyuUVmDIJ0IyhqmhJKzcN+uf8qUTtGlgz7WD+6mnr1EC1y84dA
OAA4TsQfglsyj69nWntF6EbJQtqTF2QguXufQniIxJDljPehwmEQffwcGYVvNhuX
k909dJXc3L51JD/z6LwTwV8csHsQOYNXRRL2AnhBiiTF2X9b5vKyavbOG7KB5Q7m
staDIJa/LpXKe9a3VF5r1JAChXDvqfSb6HmAcjYlDfMgf5ES
-----END CERTIFICATE-----
Generated at Sat May 9 11:04:00 2026 by rpki-client