Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/882F3B103F1611F1974B4CE4CE1D38B0.roa
File: 882F3B103F1611F1974B4CE4CE1D38B0.roa (raw, json)
Hash identifier: gQW2TjeDsxDAcf6bSFzCRdCc6ahvY4vStuAkHnk1xok=
Subject key identifier: 04:DD:EF:93:0C:D2:A9:26:EA:E3:EE:2C:13:17:CC:9D:00:F8:F2:84
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01C6E3
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/882F3B103F1611F1974B4CE4CE1D38B0.roa
Signing time: Thu 23 Apr 2026 13:15:44 +0000
ROA not before: Thu 23 Apr 2026 13:15:39 +0000
ROA not after: Thu 28 May 2026 13:15:39 +0000
asID: 200758
IP address blocks: 154.83.140.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 11 May 2026 00:07:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 116451 (0x1c6e3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Apr 23 13:15:39 2026 GMT
Not After : May 28 13:15:39 2026 GMT
Subject: CN=69ea1b7f-7682
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:ea:98:a4:f5:96:99:71:ab:b8:0e:39:6d:9b:
13:50:70:91:80:ac:5a:36:ef:a1:fb:76:8e:b3:e9:
41:90:1e:0d:d0:84:21:a3:5b:e6:f7:c7:d1:fb:bf:
e5:44:d7:b0:c8:70:a1:1d:a4:69:47:2c:0b:c4:c5:
cc:c1:6a:78:e1:10:9b:31:33:3e:c1:18:de:b0:01:
21:b9:6a:71:60:ed:a9:97:b4:18:1a:1b:bd:12:2c:
1e:7a:28:af:7c:d7:0c:25:66:4d:3c:15:34:67:1a:
aa:3a:3e:dd:b4:eb:01:fd:e3:87:f4:f4:83:90:85:
b7:b8:e2:35:c1:01:82:9d:ab:e4:96:6a:62:56:fc:
ce:84:fb:ea:e1:74:67:e1:54:e8:3a:81:29:2c:8f:
b0:07:54:37:42:e2:3e:cd:73:5b:c1:9f:96:ce:bf:
9c:5d:ab:b8:4c:84:a1:14:f1:56:0a:ad:fb:8d:8c:
9c:7f:b7:61:4e:e9:8a:67:50:69:0e:f3:a2:f6:b5:
dc:6b:a1:73:d5:ab:8a:0a:6e:68:63:95:21:26:d6:
15:a4:14:1a:df:a7:54:d8:cb:29:af:e1:de:cb:e1:
22:99:6f:e5:66:1b:ae:d0:65:40:67:62:9c:ba:aa:
d1:78:7a:ef:58:d4:7c:65:56:49:95:b6:3c:b5:ac:
5f:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:DD:EF:93:0C:D2:A9:26:EA:E3:EE:2C:13:17:CC:9D:00:F8:F2:84
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/882F3B103F1611F1974B4CE4CE1D38B0.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.83.140.0/24
Signature Algorithm: sha256WithRSAEncryption
b7:cb:ca:47:d2:0e:0c:91:54:80:ba:f1:73:b2:d8:59:7e:94:
c4:75:b0:b0:2a:43:72:ce:88:c8:80:b8:ac:2e:4c:fe:be:5b:
04:2b:d6:ac:8a:b2:50:3a:55:54:7f:f9:0f:78:e2:19:41:87:
28:57:c3:83:01:2e:3e:b8:be:e9:6b:06:95:6d:e2:82:ef:f7:
f7:0a:af:44:59:a5:39:4b:9b:42:7c:0c:7c:61:cf:30:f6:6a:
31:84:25:47:cd:f3:2c:c9:16:3d:63:3f:80:5a:60:0c:05:1b:
12:9d:40:74:a7:e4:31:a6:31:7e:9c:a6:0e:32:b4:c5:ba:2f:
72:05:d2:6a:c4:25:d4:1f:64:24:f0:59:40:2d:2d:4e:11:9d:
1d:77:86:c4:56:61:03:8a:37:b2:74:82:84:44:82:70:ff:f8:
53:89:04:5c:98:37:69:da:ad:f8:82:08:27:d9:25:05:d3:98:
82:7c:44:c8:dc:e0:9b:68:bc:21:c4:62:68:f0:7e:98:81:87:
71:68:61:88:31:bc:04:63:f8:ba:bc:34:7f:02:17:60:e7:00:
9c:38:58:32:4a:6d:bf:0a:ce:fa:a9:15:69:44:1b:33:7f:9b:
12:b9:3e:e2:a3:d2:14:1c:51:1a:13:b1:23:c8:a0:40:d3:d7:
c9:1b:0a:33
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAcbjMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjYwNDIzMTMxNTM5WhcNMjYwNTI4MTMxNTM5WjAYMRYw
FAYDVQQDEw02OWVhMWI3Zi03NjgyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA3eqYpPWWmXGruA45bZsTUHCRgKxaNu+h+3aOs+lBkB4N0IQho1vm98fR
+7/lRNewyHChHaRpRywLxMXMwWp44RCbMTM+wRjesAEhuWpxYO2pl7QYGhu9Eiwe
eiivfNcMJWZNPBU0ZxqqOj7dtOsB/eOH9PSDkIW3uOI1wQGCnavklmpiVvzOhPvq
4XRn4VToOoEpLI+wB1Q3QuI+zXNbwZ+Wzr+cXau4TIShFPFWCq37jYycf7dhTumK
Z1BpDvOi9rXca6Fz1auKCm5oY5UhJtYVpBQa36dU2Mspr+Hey+EimW/lZhuu0GVA
Z2KcuqrReHrvWNR8ZVZJlbY8taxfRwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFATd
75MM0qkm6uPuLBMXzJ0A+PKEMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC84ODJGM0IxMDNGMTYxMUYxOTc0QjRDRTRDRTFEMzhCMC5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmlOMMA0GCSqGSIb3DQEB
CwUAA4IBAQC3y8pH0g4MkVSAuvFzsthZfpTEdbCwKkNyzojIgLisLkz+vlsEK9as
irJQOlVUf/kPeOIZQYcoV8ODAS4+uL7pawaVbeKC7/f3Cq9EWaU5S5tCfAx8Yc8w
9moxhCVHzfMsyRY9Yz+AWmAMBRsSnUB0p+QxpjF+nKYOMrTFui9yBdJqxCXUH2Qk
8FlALS1OEZ0dd4bEVmEDijeydIKERIJw//hTiQRcmDdp2q34gggn2SUF05iCfETI
3OCbaLwhxGJo8H6YgYdxaGGIMbwEY/i6vDR/Ahdg5wCcOFgySm2/Cs76qRVpRBsz
f5sSuT7io9IUHFEaE7EjyKBA09fJGwoz
-----END CERTIFICATE-----
Generated at Sat May 9 11:01:03 2026 by rpki-client