Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/8112718858EA11F1A49454A4CE1D38B0.roa
File: 8112718858EA11F1A49454A4CE1D38B0.roa (raw, json)
Hash identifier: tmReEn9jaHFy7Dkds/1U9Nhsqy9xlbiBtV60C3Y1Ylg=
Subject key identifier: 56:31:05:14:52:2E:87:D6:88:E8:2A:D7:83:24:C5:E8:B5:60:9A:5A
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01CFA9
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/8112718858EA11F1A49454A4CE1D38B0.roa
Signing time: Tue 26 May 2026 10:06:04 +0000
ROA not before: Tue 26 May 2026 10:05:52 +0000
ROA not after: Wed 07 Oct 2026 10:05:52 +0000
asID: 134789
IP address blocks: 154.196.138.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 08 Jun 2026 12:13:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 118697 (0x1cfa9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: May 26 10:05:52 2026 GMT
Not After : Oct 7 10:05:52 2026 GMT
Subject: CN=6a15708c-f708
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:fb:a5:40:22:6e:02:fc:eb:b9:3c:93:2d:65:
c3:d8:74:b9:30:b0:13:e6:45:b4:97:72:bf:50:45:
f1:ca:91:5b:6e:7e:8c:91:f1:09:b7:09:c0:08:6f:
1a:9f:90:39:5d:70:9d:b3:28:ea:3a:d2:6f:04:c8:
11:dd:de:d2:e5:ce:69:5b:75:f2:08:bd:18:5a:f0:
df:68:4d:ef:eb:95:86:e2:1f:c7:0c:ca:aa:1e:2e:
72:60:6f:87:37:2b:44:02:f1:75:1e:48:79:6e:c4:
c6:a2:32:63:68:6a:4e:ba:f0:c9:50:49:31:6d:1c:
23:c0:10:8a:f0:f6:0a:8b:e5:a2:8c:fe:43:60:33:
a2:b4:20:f9:eb:ab:03:05:5f:e0:07:73:f0:a2:6c:
85:49:13:70:ae:ef:af:39:63:5e:a2:a0:77:65:16:
82:35:3e:5a:73:12:84:e1:9f:2c:54:16:b9:51:67:
26:90:1d:96:4f:14:43:43:32:c4:ca:72:d8:d2:74:
db:9b:3f:16:ee:54:d9:51:d3:00:93:95:d1:d4:4c:
ce:eb:b4:4e:e2:b7:44:1d:d2:c2:ec:6b:ab:c7:1c:
29:6d:61:3d:91:39:87:cc:b0:66:4a:05:78:fd:b1:
d9:d1:f9:51:17:37:15:dd:73:4d:1a:27:c9:09:ce:
5b:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:31:05:14:52:2E:87:D6:88:E8:2A:D7:83:24:C5:E8:B5:60:9A:5A
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/8112718858EA11F1A49454A4CE1D38B0.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.196.138.0/24
Signature Algorithm: sha256WithRSAEncryption
0b:ea:34:f3:84:02:6f:25:78:2c:6a:ea:d4:f2:3f:e9:41:2c:
15:12:d9:a0:c5:a9:48:4b:5d:9c:34:23:7a:c9:60:fa:65:b3:
86:ff:66:28:66:1e:4d:9f:b4:80:bd:4b:85:b0:2e:b4:0e:c4:
d0:9c:0c:c8:49:32:10:a1:3b:02:c8:43:20:c8:c1:fb:3f:17:
ef:8f:28:db:a4:7e:3c:61:21:7b:87:9a:0e:68:06:16:f6:1f:
6a:79:13:ce:44:99:36:9a:4d:10:18:ff:61:ec:28:50:cf:c9:
c9:2b:8f:b0:86:c5:6a:fc:80:2f:4c:ec:52:c1:ea:5d:24:da:
ad:19:80:66:c6:93:c0:06:e1:71:0a:26:de:bc:f9:c3:1c:5a:
dd:23:bb:f9:52:4d:33:c1:2b:13:c5:58:74:ac:9d:c0:7c:7b:
90:5a:8f:6b:91:70:1f:d6:42:13:43:46:9a:71:7b:73:66:3c:
0a:4b:e8:35:9a:d8:43:f0:07:e1:ef:f3:79:96:b2:44:35:7f:
39:42:e7:98:24:fc:d6:da:dd:fd:be:9b:c1:4f:3b:07:48:10:
38:db:07:0a:ab:e0:b2:ca:7c:2e:e2:36:2e:e3:81:bf:18:ca:
ef:de:9e:10:f2:89:cd:38:9a:1f:24:85:40:f9:c6:e2:b9:33:
94:22:81:3a
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAc+pMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjYwNTI2MTAwNTUyWhcNMjYxMDA3MTAwNTUyWjAYMRYw
FAYDVQQDEw02YTE1NzA4Yy1mNzA4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAxfulQCJuAvzruTyTLWXD2HS5MLAT5kW0l3K/UEXxypFbbn6MkfEJtwnA
CG8an5A5XXCdsyjqOtJvBMgR3d7S5c5pW3XyCL0YWvDfaE3v65WG4h/HDMqqHi5y
YG+HNytEAvF1Hkh5bsTGojJjaGpOuvDJUEkxbRwjwBCK8PYKi+WijP5DYDOitCD5
66sDBV/gB3PwomyFSRNwru+vOWNeoqB3ZRaCNT5acxKE4Z8sVBa5UWcmkB2WTxRD
QzLEynLY0nTbmz8W7lTZUdMAk5XR1EzO67RO4rdEHdLC7GurxxwpbWE9kTmHzLBm
SgV4/bHZ0flRFzcV3XNNGifJCc5b5wIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFFYx
BRRSLofWiOgq14Mkxei1YJpaMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC84MTEyNzE4ODU4RUExMUYxQTQ5NDU0QTRDRTFEMzhCMC5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmsSKMA0GCSqGSIb3DQEB
CwUAA4IBAQAL6jTzhAJvJXgsaurU8j/pQSwVEtmgxalIS12cNCN6yWD6ZbOG/2Yo
Zh5Nn7SAvUuFsC60DsTQnAzISTIQoTsCyEMgyMH7PxfvjyjbpH48YSF7h5oOaAYW
9h9qeRPORJk2mk0QGP9h7ChQz8nJK4+whsVq/IAvTOxSwepdJNqtGYBmxpPABuFx
CibevPnDHFrdI7v5Uk0zwSsTxVh0rJ3AfHuQWo9rkXAf1kITQ0aacXtzZjwKS+g1
mthD8Afh7/N5lrJENX85QueYJPzW2t39vpvBTzsHSBA42wcKq+Cyynwu4jYu44G/
GMrv3p4Q8onNOJofJIVA+cbiuTOUIoE6
-----END CERTIFICATE-----
Generated at Sat Jun 6 14:54:41 2026 by rpki-client