Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/85E35B704AAB11F18B8E44F3CE1D38B0.roa
File: 85E35B704AAB11F18B8E44F3CE1D38B0.roa (raw, json)
Hash identifier: vGAMzEbHHM/BU/UPb9YtYQ6rFqaGMnRHysYj+Wj/uj8=
Subject key identifier: 10:2B:76:02:2A:A4:2B:38:C0:43:A8:54:88:DA:E1:2C:CC:19:DD:34
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01CA3E
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/85E35B704AAB11F18B8E44F3CE1D38B0.roa
Signing time: Fri 08 May 2026 06:59:58 +0000
ROA not before: Fri 08 May 2026 06:59:52 +0000
ROA not after: Mon 07 May 2029 06:59:52 +0000
asID: 17561
IP address blocks: 154.95.171.0/24 maxlen: 24
154.95.172.0/24 maxlen: 24
154.95.173.0/24 maxlen: 24
154.95.174.0/24 maxlen: 24
154.95.175.0/24 maxlen: 24
154.95.176.0/24 maxlen: 24
154.95.177.0/24 maxlen: 24
154.95.178.0/24 maxlen: 24
154.95.179.0/24 maxlen: 24
154.95.180.0/24 maxlen: 24
154.95.181.0/24 maxlen: 24
154.95.182.0/24 maxlen: 24
154.95.183.0/24 maxlen: 24
154.95.184.0/24 maxlen: 24
154.95.185.0/24 maxlen: 24
154.95.186.0/24 maxlen: 24
154.95.187.0/24 maxlen: 24
154.95.188.0/24 maxlen: 24
154.95.189.0/24 maxlen: 24
154.95.190.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 11 May 2026 00:07:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 117310 (0x1ca3e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: May 8 06:59:52 2026 GMT
Not After : May 7 06:59:52 2029 GMT
Subject: CN=69fd89ed-c587
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:a2:0e:88:83:d2:6b:6e:48:74:a2:ac:be:9b:
d9:e6:8f:3f:63:df:b1:30:43:ef:6b:26:e6:44:ea:
ab:04:77:67:92:47:63:5b:c2:95:eb:af:a4:44:57:
dc:0a:6a:90:6a:57:7c:ed:30:34:dc:06:b4:c3:84:
24:db:4a:c9:35:90:31:4c:74:4c:45:34:57:20:b2:
68:61:12:18:21:52:7e:fb:ee:3d:de:8b:1d:1f:65:
d6:f4:47:da:35:18:d7:43:00:26:9b:1e:58:a9:ad:
38:48:8f:e0:d8:8b:64:75:0d:61:11:e2:d3:b2:94:
31:fd:29:9a:19:39:c0:aa:ba:ad:d2:aa:c7:50:d1:
f0:2c:4e:8d:20:3a:80:f1:ff:6a:2d:d6:25:c9:17:
0a:15:f5:f2:0d:29:07:83:35:ed:77:80:ae:0f:99:
18:61:18:d0:c4:7a:0d:a2:c5:fc:99:ad:75:e8:9f:
b5:37:55:12:48:24:cf:05:49:7e:d1:e9:e6:b2:7e:
7d:01:62:c8:13:70:b0:73:88:27:ba:01:a9:97:c3:
a2:15:73:f7:ee:e8:35:28:bb:d2:13:31:12:54:48:
83:89:bf:92:f1:6b:25:31:a3:ae:a0:62:06:ac:44:
90:3e:18:74:1b:49:c2:a5:95:1f:ad:ea:b6:af:60:
01:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:2B:76:02:2A:A4:2B:38:C0:43:A8:54:88:DA:E1:2C:CC:19:DD:34
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/85E35B704AAB11F18B8E44F3CE1D38B0.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.95.171.0-154.95.190.255
Signature Algorithm: sha256WithRSAEncryption
12:01:45:fb:81:38:cc:fc:b4:2f:c7:51:b7:45:ad:e9:b6:f7:
32:f2:4c:ad:8e:0f:da:ee:95:80:bf:53:74:87:f7:71:63:86:
ef:88:70:27:3c:c4:22:4b:9b:11:d9:7d:3b:da:4a:b4:5d:57:
f0:ab:c6:8c:12:37:72:61:d9:e0:93:12:4a:e0:e0:ff:a7:0f:
dd:6e:1f:03:c1:83:f9:ea:c2:46:b5:2b:8b:34:bd:21:22:cd:
66:56:fc:f3:54:1c:75:01:ea:68:81:b8:e2:1f:54:3a:f3:d8:
1d:d3:e9:e7:87:e2:bf:67:ba:c0:ae:10:98:57:3c:35:23:58:
34:aa:ef:26:6b:34:c7:b7:60:36:84:65:30:67:84:16:f6:7b:
ac:5d:57:32:44:c1:9b:97:02:46:47:d6:64:f8:c7:c6:b5:86:
5a:11:2e:1d:76:f8:09:4c:02:0e:44:68:42:f2:2f:09:1f:87:
92:76:eb:f4:e6:cf:58:29:d2:4f:40:c7:d4:f2:29:25:38:cf:
95:7d:ea:d2:95:22:95:7f:f4:b5:44:26:b4:33:3b:bf:a8:53:
70:a4:70:27:60:99:21:5f:76:31:4f:13:0f:e8:8e:7a:24:12:
26:f1:ff:b2:70:ac:4d:48:96:d1:11:f7:a4:45:9b:f9:71:d3:
9b:88:8b:52
-----BEGIN CERTIFICATE-----
MIIFjDCCBHSgAwIBAgIDAco+MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjYwNTA4MDY1OTUyWhcNMjkwNTA3MDY1OTUyWjAYMRYw
FAYDVQQDEw02OWZkODllZC1jNTg3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAlaIOiIPSa25IdKKsvpvZ5o8/Y9+xMEPvaybmROqrBHdnkkdjW8KV66+k
RFfcCmqQald87TA03Aa0w4Qk20rJNZAxTHRMRTRXILJoYRIYIVJ+++493osdH2XW
9EfaNRjXQwAmmx5Yqa04SI/g2ItkdQ1hEeLTspQx/SmaGTnAqrqt0qrHUNHwLE6N
IDqA8f9qLdYlyRcKFfXyDSkHgzXtd4CuD5kYYRjQxHoNosX8ma116J+1N1USSCTP
BUl+0enmsn59AWLIE3Cwc4gnugGpl8OiFXP37ug1KLvSEzESVEiDib+S8WslMaOu
oGIGrESQPhh0G0nCpZUfreq2r2ABDQIDAQABo4ICrTCCAqkwHQYDVR0OBBYEFBAr
dgIqpCs4wEOoVIja4SzMGd00MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC84NUUzNUI3MDRBQUIxMUYxOEI4RTQ0RjNDRTFEMzhCMC5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBACaX6sDBACaX74wDQYJ
KoZIhvcNAQELBQADggEBABIBRfuBOMz8tC/HUbdFrem29zLyTK2OD9rulYC/U3SH
93Fjhu+IcCc8xCJLmxHZfTvaSrRdV/CrxowSN3Jh2eCTEkrg4P+nD91uHwPBg/nq
wka1K4s0vSEizWZW/PNUHHUB6miBuOIfVDrz2B3T6eeH4r9nusCuEJhXPDUjWDSq
7yZrNMe3YDaEZTBnhBb2e6xdVzJEwZuXAkZH1mT4x8a1hloRLh12+AlMAg5EaELy
Lwkfh5J26/Tmz1gp0k9Ax9TyKSU4z5V96tKVIpV/9LVEJrQzO7+oU3CkcCdgmSFf
djFPEw/ojnokEibx/7JwrE1IltER96RFm/lx05uIi1I=
-----END CERTIFICATE-----
Generated at Sat May 9 11:01:56 2026 by rpki-client