Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/8C236D14458211F1A768F501CF1D38B0.roa
File: 8C236D14458211F1A768F501CF1D38B0.roa (raw, json)
Hash identifier: /j6HGKfHzeRQHkpuqx8F6EAOSpTRmEh08EfmCxp+DkA=
Subject key identifier: 49:A0:A5:56:9E:B9:EC:E8:81:04:A4:39:03:A8:41:6F:F8:6D:C0:5F
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01C8CB
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/8C236D14458211F1A768F501CF1D38B0.roa
Signing time: Fri 01 May 2026 17:24:03 +0000
ROA not before: Fri 01 May 2026 17:23:58 +0000
ROA not after: Fri 05 Jun 2026 17:23:58 +0000
asID: 49505
IP address blocks: 154.209.218.0/24 maxlen: 24
154.209.219.0/24 maxlen: 24
154.209.220.0/24 maxlen: 24
154.209.221.0/24 maxlen: 24
154.209.222.0/24 maxlen: 24
154.209.223.0/24 maxlen: 24
154.211.9.0/24 maxlen: 24
154.211.10.0/24 maxlen: 24
154.211.11.0/24 maxlen: 24
154.211.16.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 11 May 2026 00:07:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 116939 (0x1c8cb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: May 1 17:23:58 2026 GMT
Not After : Jun 5 17:23:58 2026 GMT
Subject: CN=69f4e1b3-13e0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:19:9b:c8:74:c3:0f:ed:55:0b:10:81:f1:28:
9f:2a:dd:e3:13:f0:51:32:7d:70:73:91:5d:1e:74:
7b:a0:10:98:2d:4d:3e:9a:d2:4c:d0:de:4a:cd:31:
ba:a2:89:7e:8f:b0:72:ea:31:9f:fb:58:23:1c:72:
90:e4:30:39:38:43:03:f0:1d:80:0c:f7:09:5d:96:
21:59:3d:89:bd:39:d6:e8:5f:0f:b9:52:89:5e:14:
1d:01:09:e5:7b:00:07:a3:a5:ba:c1:5f:41:ff:61:
f9:b4:79:46:90:05:d4:a9:a3:93:c6:48:cd:92:5f:
9d:07:7a:5f:a9:8c:44:dc:d6:ea:ba:69:5c:a5:46:
28:36:45:22:48:c0:01:43:a7:e9:b0:6c:79:e5:29:
e1:8d:1e:25:3b:34:47:7c:26:35:ce:88:a7:6d:ed:
c9:ee:53:ac:bc:f7:b6:a2:7d:ce:fc:8b:2a:1a:e5:
56:c1:65:d3:1b:14:5f:25:b8:7e:2a:8a:9d:34:73:
94:fa:fb:9e:7f:8a:be:83:17:c8:23:27:4b:1a:e2:
56:cc:4d:25:0e:0a:86:a6:25:55:e5:66:d9:0d:91:
c5:3d:c7:79:d0:3d:8f:54:72:e4:c1:5f:45:d6:75:
e4:f3:e4:e8:49:b0:2d:4b:e5:50:d2:1a:cf:74:af:
e7:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:A0:A5:56:9E:B9:EC:E8:81:04:A4:39:03:A8:41:6F:F8:6D:C0:5F
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/8C236D14458211F1A768F501CF1D38B0.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.209.218.0-154.209.223.255
154.211.9.0-154.211.11.255
154.211.16.0/24
Signature Algorithm: sha256WithRSAEncryption
a9:2d:ec:ce:41:e5:a4:ac:ba:5a:53:2c:49:0a:fe:86:fd:60:
f0:9d:09:00:bc:84:a4:52:cd:85:9b:2e:df:4b:a8:a7:4d:d2:
ee:c4:fb:2d:cf:84:0a:7b:f3:b3:20:75:37:c1:97:62:6b:8c:
8e:f2:18:1c:b9:17:5a:9a:f3:46:dc:6b:e2:4c:0c:97:d1:5d:
89:d3:2d:af:35:d4:82:27:3f:3e:75:f7:b9:84:92:66:5e:fb:
eb:8d:25:2f:20:a1:ce:48:7e:03:ab:b6:35:15:05:50:79:19:
0d:29:06:56:bf:d8:47:ca:2b:de:3d:07:05:45:2f:0b:f5:fc:
b0:e8:bc:0a:4a:3a:56:05:66:3d:36:29:d6:c2:3e:4e:95:19:
51:25:5d:f0:5a:63:6a:61:93:15:12:92:6c:b5:8c:d7:43:b6:
b5:70:43:3d:4d:ea:74:15:a8:c2:17:c6:80:93:b7:22:af:5e:
f4:37:98:d1:cf:ed:fc:82:0e:cc:50:10:19:7e:4f:9a:6a:43:
cb:78:5b:d8:0d:d0:ae:d3:73:de:5b:c7:c8:15:dd:1c:e7:3d:
7c:a3:bb:78:a9:b3:37:fe:0a:c8:a9:57:f2:0c:0e:94:ed:d9:
70:cb:e8:81:78:83:da:76:a1:c5:7e:2a:d6:64:5d:63:e4:d1:
33:df:70:2e
-----BEGIN CERTIFICATE-----
MIIFoDCCBIigAwIBAgIDAcjLMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjYwNTAxMTcyMzU4WhcNMjYwNjA1MTcyMzU4WjAYMRYw
FAYDVQQDEw02OWY0ZTFiMy0xM2UwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAlxmbyHTDD+1VCxCB8SifKt3jE/BRMn1wc5FdHnR7oBCYLU0+mtJM0N5K
zTG6ool+j7By6jGf+1gjHHKQ5DA5OEMD8B2ADPcJXZYhWT2JvTnW6F8PuVKJXhQd
AQnlewAHo6W6wV9B/2H5tHlGkAXUqaOTxkjNkl+dB3pfqYxE3NbqumlcpUYoNkUi
SMABQ6fpsGx55SnhjR4lOzRHfCY1zoinbe3J7lOsvPe2on3O/IsqGuVWwWXTGxRf
Jbh+KoqdNHOU+vuef4q+gxfIIydLGuJWzE0lDgqGpiVV5WbZDZHFPcd50D2PVHLk
wV9F1nXk8+ToSbAtS+VQ0hrPdK/nbQIDAQABo4ICwTCCAr0wHQYDVR0OBBYEFEmg
pVaeuezogQSkOQOoQW/4bcBfMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC84QzIzNkQxNDQ1ODIxMUYxQTc2OEY1MDFDRjFEMzhCMC5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMDsGCCsGAQUFBwEHAQH/BCwwKjAoBAIAATAiMAwDBAGa0doDBAWa0cAwDAME
AJrTCQMEAprTCAMEAJrTEDANBgkqhkiG9w0BAQsFAAOCAQEAqS3szkHlpKy6WlMs
SQr+hv1g8J0JALyEpFLNhZsu30uop03S7sT7Lc+ECnvzsyB1N8GXYmuMjvIYHLkX
WprzRtxr4kwMl9FdidMtrzXUgic/PnX3uYSSZl77640lLyChzkh+A6u2NRUFUHkZ
DSkGVr/YR8or3j0HBUUvC/X8sOi8Cko6VgVmPTYp1sI+TpUZUSVd8FpjamGTFRKS
bLWM10O2tXBDPU3qdBWowhfGgJO3Iq9e9DeY0c/t/IIOzFAQGX5PmmpDy3hb2A3Q
rtNz3lvHyBXdHOc9fKO7eKmzN/4KyKlX8gwOlO3ZcMvogXiD2nahxX4q1mRdY+TR
M99wLg==
-----END CERTIFICATE-----
Generated at Sat May 9 11:02:33 2026 by rpki-client