Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/8C4F23283EED11F1AF1CDAEDCE1D38B0.roa
File: 8C4F23283EED11F1AF1CDAEDCE1D38B0.roa (raw, json)
Hash identifier: Aofrd4rqsSpsvjR1WetSo9P4WQnuLlLPQC8A7Z0ghFA=
Subject key identifier: 3F:7F:ED:2A:95:F9:A8:34:04:68:0D:6E:92:33:D0:FD:54:14:FF:ED
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01C6CF
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/8C4F23283EED11F1AF1CDAEDCE1D38B0.roa
Signing time: Thu 23 Apr 2026 08:22:21 +0000
ROA not before: Thu 23 Apr 2026 08:22:16 +0000
ROA not after: Sat 30 May 2026 08:22:16 +0000
asID: 9304
IP address blocks: 154.200.130.0/24 maxlen: 24
154.200.154.0/24 maxlen: 24
154.200.156.0/24 maxlen: 24
154.200.157.0/24 maxlen: 24
154.200.158.0/24 maxlen: 24
154.200.159.0/24 maxlen: 24
154.200.161.0/24 maxlen: 24
154.200.162.0/24 maxlen: 24
154.200.191.0/24 maxlen: 24
154.211.211.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 11 May 2026 00:07:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 116431 (0x1c6cf)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Apr 23 08:22:16 2026 GMT
Not After : May 30 08:22:16 2026 GMT
Subject: CN=69e9d6bd-2485
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f1:82:22:2c:54:9f:8e:f4:fa:da:f7:db:6d:67:
31:7d:54:e7:49:61:61:50:69:92:e3:69:f9:18:34:
1e:80:97:ac:14:9c:60:55:94:40:cb:44:97:9a:6c:
a1:c1:fb:96:be:7d:5f:84:fe:ec:d6:f9:d8:50:e4:
2d:7f:2e:fb:a2:0f:f2:e3:e5:fa:f5:1e:a8:03:c9:
4e:84:f4:28:56:76:17:e3:0f:11:2f:bd:6f:06:f7:
5b:d9:0c:cd:b6:f3:a6:1e:11:d2:ab:84:7f:35:d7:
51:b1:aa:06:e2:4f:84:ef:d5:e4:ea:a7:0d:5f:a8:
e3:8b:59:46:97:3c:7c:51:70:90:be:5b:d9:f9:fa:
e5:fa:47:6f:52:20:a9:04:6f:89:53:f9:c5:d3:b0:
96:91:c0:84:a0:41:77:2d:67:86:11:50:ba:47:be:
4a:40:89:e2:be:74:57:dd:1c:08:c7:95:1b:ff:47:
e2:d4:c4:96:b3:67:82:fd:ba:3d:65:e7:e0:ed:11:
e3:ea:47:e9:00:29:c9:8b:c9:8c:78:66:41:3d:9c:
e4:55:3f:50:08:b8:41:66:fb:ba:43:88:41:a8:02:
95:07:88:c2:20:3f:88:d3:b1:66:5e:f3:35:a3:f3:
e2:c2:e3:2d:7e:ff:01:0f:6d:99:8c:2b:d9:88:7e:
f5:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:7F:ED:2A:95:F9:A8:34:04:68:0D:6E:92:33:D0:FD:54:14:FF:ED
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/8C4F23283EED11F1AF1CDAEDCE1D38B0.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.200.130.0/24
154.200.154.0/24
154.200.156.0/22
154.200.161.0-154.200.162.255
154.200.191.0/24
154.211.211.0/24
Signature Algorithm: sha256WithRSAEncryption
8d:d6:c6:8e:36:fe:c0:f7:45:78:99:4d:c3:97:70:fc:45:a2:
a3:17:df:12:20:01:90:2b:34:dd:76:fc:1c:0c:d4:cf:85:8a:
53:b7:85:74:1f:0e:1d:91:72:75:e7:d0:23:32:c8:a9:1f:70:
7b:fa:05:94:e7:c8:65:57:78:83:4f:a0:f1:04:e2:d5:80:ad:
75:40:d1:15:b8:ec:6a:7c:f9:c5:3d:ff:e6:46:43:51:7d:88:
34:58:00:96:1a:8d:9d:a6:6f:20:06:e1:66:b3:ee:2e:1f:55:
8f:c5:9a:38:1c:62:cd:0a:ce:12:63:8b:a1:8d:b1:a0:ad:d5:
5f:50:cc:be:17:bc:47:f0:4a:cf:ef:3d:ab:d9:6f:57:c4:d5:
95:32:fb:a8:fe:2c:92:7c:1c:12:f8:0d:19:5c:d5:45:18:58:
f1:c5:19:eb:4c:a2:ec:2b:cd:d3:50:45:6d:01:a1:2d:a6:e1:
3e:91:88:30:d5:3f:5f:ed:09:e5:82:41:39:a9:90:60:32:0c:
c6:1e:00:6d:c3:4f:8b:b6:32:f3:86:7b:81:23:3b:ac:1c:85:
ef:37:9d:05:87:e8:0e:66:0c:94:d9:3d:e4:69:45:e0:b8:93:
55:39:e9:a8:f8:03:5a:09:0a:8f:44:de:d9:69:e0:d0:c9:9c:
10:4a:e9:b4
-----BEGIN CERTIFICATE-----
MIIFqjCCBJKgAwIBAgIDAcbPMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjYwNDIzMDgyMjE2WhcNMjYwNTMwMDgyMjE2WjAYMRYw
FAYDVQQDEw02OWU5ZDZiZC0yNDg1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA8YIiLFSfjvT62vfbbWcxfVTnSWFhUGmS42n5GDQegJesFJxgVZRAy0SX
mmyhwfuWvn1fhP7s1vnYUOQtfy77og/y4+X69R6oA8lOhPQoVnYX4w8RL71vBvdb
2QzNtvOmHhHSq4R/NddRsaoG4k+E79Xk6qcNX6jji1lGlzx8UXCQvlvZ+frl+kdv
UiCpBG+JU/nF07CWkcCEoEF3LWeGEVC6R75KQInivnRX3RwIx5Ub/0fi1MSWs2eC
/bo9Zefg7RHj6kfpACnJi8mMeGZBPZzkVT9QCLhBZvu6Q4hBqAKVB4jCID+I07Fm
XvM1o/PiwuMtfv8BD22ZjCvZiH71jwIDAQABo4ICyzCCAscwHQYDVR0OBBYEFD9/
7SqV+ag0BGgNbpIz0P1UFP/tMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC84QzRGMjMyODNFRUQxMUYxQUYxQ0RBRURDRTFEMzhCMC5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMEUGCCsGAQUFBwEHAQH/BDYwNDAyBAIAATAsAwQAmsiCAwQAmsiaAwQCmsic
MAwDBACayKEDBACayKIDBACayL8DBACa09MwDQYJKoZIhvcNAQELBQADggEBAI3W
xo42/sD3RXiZTcOXcPxFoqMX3xIgAZArNN12/BwM1M+FilO3hXQfDh2RcnXn0CMy
yKkfcHv6BZTnyGVXeINPoPEE4tWArXVA0RW47Gp8+cU9/+ZGQ1F9iDRYAJYajZ2m
byAG4Waz7i4fVY/FmjgcYs0KzhJji6GNsaCt1V9QzL4XvEfwSs/vPavZb1fE1ZUy
+6j+LJJ8HBL4DRlc1UUYWPHFGetMouwrzdNQRW0BoS2m4T6RiDDVP1/tCeWCQTmp
kGAyDMYeAG3DT4u2MvOGe4EjO6wche83nQWH6A5mDJTZPeRpReC4k1U56aj4A1oJ
Co9E3tlp4NDJnBBK6bQ=
-----END CERTIFICATE-----
Generated at Sat May 9 10:59:55 2026 by rpki-client