Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/945174CC446A11F191804EE4CE1D38B0.roa
File: 945174CC446A11F191804EE4CE1D38B0.roa (raw, json)
Hash identifier: CG/ycv8vigwAO3pGiCMFiKUvyuFdMerP2XAa0dhrdUc=
Subject key identifier: 43:DB:6A:8F:CD:D0:B1:CC:30:97:E0:13:5B:22:1E:8C:64:A0:44:75
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01C7F7
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/945174CC446A11F191804EE4CE1D38B0.roa
Signing time: Thu 30 Apr 2026 07:59:57 +0000
ROA not before: Thu 30 Apr 2026 07:59:53 +0000
ROA not after: Mon 30 Apr 2029 07:59:53 +0000
asID: 17561
IP address blocks: 154.197.119.0/24 maxlen: 24
154.198.9.0/24 maxlen: 24
154.198.10.0/24 maxlen: 24
154.201.7.0/24 maxlen: 24
154.201.8.0/24 maxlen: 24
154.201.9.0/24 maxlen: 24
154.201.10.0/24 maxlen: 24
154.201.11.0/24 maxlen: 24
154.201.40.0/24 maxlen: 24
154.207.64.0/24 maxlen: 24
154.207.65.0/24 maxlen: 24
154.207.66.0/24 maxlen: 24
154.209.65.0/24 maxlen: 24
154.209.70.0/24 maxlen: 24
154.213.211.0/24 maxlen: 24
154.213.212.0/24 maxlen: 24
154.222.77.0/24 maxlen: 24
154.222.136.0/24 maxlen: 24
154.223.230.0/24 maxlen: 24
154.223.231.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 11 May 2026 00:07:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 116727 (0x1c7f7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Apr 30 07:59:53 2026 GMT
Not After : Apr 30 07:59:53 2029 GMT
Subject: CN=69f30bfd-8193
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:20:71:ac:0b:44:2c:34:48:3e:82:05:2b:bc:
c2:65:b6:07:72:da:bc:31:7b:b4:9a:82:ac:e0:33:
87:18:a6:ee:87:7b:89:4f:2b:f0:d9:67:10:17:28:
0f:a3:b2:2d:8e:8e:64:0e:37:1a:ab:8d:fe:43:3d:
72:95:d5:3e:2a:44:dd:e6:d8:25:9c:41:73:e1:dd:
87:a3:56:d6:71:b1:a0:f0:fc:79:54:51:b1:fa:78:
65:c9:3b:db:12:51:ad:f2:bc:81:59:c9:74:9e:85:
62:fd:4e:b4:9f:da:12:67:74:0e:e1:10:38:90:3c:
11:68:f5:02:8b:b9:07:9e:4c:b0:49:fd:20:f1:fe:
c2:08:d1:74:5d:ad:e8:06:c1:21:c3:77:57:bd:e2:
55:bb:37:95:27:de:1c:72:a6:fa:83:0b:b9:a1:f0:
67:5a:a1:3e:27:54:18:11:c0:69:bc:85:67:93:9c:
e0:73:63:d4:ed:23:b7:bc:fd:48:52:39:a9:93:8f:
32:47:6b:7e:c5:8a:21:1c:c0:ec:b2:03:3c:c9:09:
2e:5d:d1:57:0a:c1:61:d8:ed:76:57:ae:19:20:15:
70:65:9f:4d:ee:f7:dc:29:a9:70:30:eb:e8:2d:6f:
4c:16:2e:9f:72:bf:10:eb:d6:d5:81:65:29:21:8a:
58:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:DB:6A:8F:CD:D0:B1:CC:30:97:E0:13:5B:22:1E:8C:64:A0:44:75
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/945174CC446A11F191804EE4CE1D38B0.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.197.119.0/24
154.198.9.0-154.198.10.255
154.201.7.0-154.201.11.255
154.201.40.0/24
154.207.64.0-154.207.66.255
154.209.65.0/24
154.209.70.0/24
154.213.211.0-154.213.212.255
154.222.77.0/24
154.222.136.0/24
154.223.230.0/23
Signature Algorithm: sha256WithRSAEncryption
be:08:8b:e6:ec:e0:00:d3:fa:84:b4:0c:e7:01:c9:cc:23:3f:
5a:f5:87:a0:53:cf:8a:af:33:a9:66:86:62:39:54:7d:a7:e3:
e7:5e:a2:bb:74:d8:55:1e:3e:b8:f5:1d:85:3f:d0:7d:f5:75:
38:70:29:7a:ee:ef:00:47:86:23:fa:e7:ed:16:52:72:b8:39:
a5:81:63:6e:a8:ec:71:b0:7a:cb:6b:3f:38:81:a8:53:14:9e:
68:63:df:8d:60:be:e5:d7:31:13:16:c2:22:39:d1:1b:b3:2d:
5f:75:c6:c1:da:4f:3b:1d:ee:a8:9e:71:32:aa:b0:b3:c6:4c:
10:cd:40:9a:af:4d:75:85:7b:4c:80:4a:ab:71:8e:43:2b:cf:
ec:9f:23:dc:84:f9:27:0f:71:f3:e5:34:23:38:46:aa:37:22:
53:9a:4e:38:88:5a:4c:b6:36:a9:7a:9c:e1:87:ae:57:28:d9:
70:ef:70:17:da:d8:72:3a:d6:3d:ba:fe:6c:45:36:4d:7c:59:
51:2e:20:0d:c2:38:90:fb:96:69:a6:dc:51:f7:a5:0a:fb:a7:
85:41:aa:50:cc:8f:74:bc:db:cc:49:38:da:1e:8a:da:8b:4f:
8e:f0:fd:b3:e2:07:61:6c:47:13:67:20:3c:1c:64:4f:01:e1:
54:82:b7:47
-----BEGIN CERTIFICATE-----
MIIF4DCCBMigAwIBAgIDAcf3MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjYwNDMwMDc1OTUzWhcNMjkwNDMwMDc1OTUzWjAYMRYw
FAYDVQQDEw02OWYzMGJmZC04MTkzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAoiBxrAtELDRIPoIFK7zCZbYHctq8MXu0moKs4DOHGKbuh3uJTyvw2WcQ
FygPo7Itjo5kDjcaq43+Qz1yldU+KkTd5tglnEFz4d2Ho1bWcbGg8Px5VFGx+nhl
yTvbElGt8ryBWcl0noVi/U60n9oSZ3QO4RA4kDwRaPUCi7kHnkywSf0g8f7CCNF0
Xa3oBsEhw3dXveJVuzeVJ94ccqb6gwu5ofBnWqE+J1QYEcBpvIVnk5zgc2PU7SO3
vP1IUjmpk48yR2t+xYohHMDssgM8yQkuXdFXCsFh2O12V64ZIBVwZZ9N7vfcKalw
MOvoLW9MFi6fcr8Q69bVgWUpIYpYYwIDAQABo4IDATCCAv0wHQYDVR0OBBYEFEPb
ao/N0LHMMJfgE1siHoxkoER1MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC85NDUxNzRDQzQ0NkExMUYxOTE4MDRFRTRDRTFEMzhCMC5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMHsGCCsGAQUFBwEHAQH/BGwwajBoBAIAATBiAwQAmsV3MAwDBACaxgkDBACa
xgowDAMEAJrJBwMEAprJCAMEAJrJKDAMAwQGms9AAwQAms9CAwQAmtFBAwQAmtFG
MAwDBACa1dMDBACa1dQDBACa3k0DBACa3ogDBAGa3+YwDQYJKoZIhvcNAQELBQAD
ggEBAL4Ii+bs4ADT+oS0DOcBycwjP1r1h6BTz4qvM6lmhmI5VH2n4+deort02FUe
Prj1HYU/0H31dThwKXru7wBHhiP65+0WUnK4OaWBY26o7HGwestrPziBqFMUnmhj
341gvuXXMRMWwiI50RuzLV91xsHaTzsd7qiecTKqsLPGTBDNQJqvTXWFe0yASqtx
jkMrz+yfI9yE+ScPcfPlNCM4Rqo3IlOaTjiIWky2Nql6nOGHrlco2XDvcBfa2HI6
1j26/mxFNk18WVEuIA3COJD7lmmm3FH3pQr7p4VBqlDMj3S828xJONoeitqLT47w
/bPiB2FsRxNnIDwcZE8B4VSCt0c=
-----END CERTIFICATE-----
Generated at Sat May 9 11:02:33 2026 by rpki-client