Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/955ED30452CB11F18C189ECDCE1D38B0.roa
File: 955ED30452CB11F18C189ECDCE1D38B0.roa (raw, json)
Hash identifier: hCqSfDakLRIJGMDJ8XC8nnKAD+qlP/3nd8aobRVx4L8=
Subject key identifier: A4:14:6D:76:B7:42:9C:21:6F:57:F4:0F:7E:77:5E:2A:9B:5D:F7:09
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01CC4D
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/955ED30452CB11F18C189ECDCE1D38B0.roa
Signing time: Mon 18 May 2026 15:09:37 +0000
ROA not before: Mon 18 May 2026 15:09:31 +0000
ROA not after: Sun 14 Jun 2026 15:09:31 +0000
asID: 147176
IP address blocks: 154.197.102.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 12 Jun 2026 00:07:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 117837 (0x1cc4d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: May 18 15:09:31 2026 GMT
Not After : Jun 14 15:09:31 2026 GMT
Subject: CN=6a0b2bb0-e4f1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:cd:cc:b4:55:01:bb:c0:e2:43:4a:44:76:c7:
c2:dd:fe:ab:68:40:08:bb:87:7c:2d:fb:79:03:cb:
a2:12:8b:c9:bb:86:2c:88:35:11:5e:4d:6b:6d:cb:
6d:a6:c3:7c:c0:64:31:6f:70:0e:c0:dd:2a:b0:09:
82:c1:5a:56:16:ca:f4:8d:2d:ac:42:0f:8e:34:31:
4a:fe:05:ce:1a:60:a5:5d:54:1c:7d:62:c1:d3:4c:
7c:1b:ff:57:28:2a:68:94:a6:e9:2b:d4:13:5f:f1:
46:53:4d:25:4e:03:53:41:16:9a:3d:ef:4c:54:cd:
2f:a7:7a:ac:3e:09:cc:4d:ab:40:b0:a3:92:76:39:
3a:e0:2a:f1:8e:19:c7:a3:fd:d6:48:1d:9e:b3:92:
66:ba:96:ed:d3:7c:83:8b:ca:74:37:a0:b2:77:4b:
9f:7d:c7:06:5f:21:ad:6a:0a:d0:68:3e:5b:c1:2f:
99:87:0b:84:06:f9:b0:86:23:cd:71:6e:64:03:39:
29:c2:8d:c1:b9:19:52:2a:cc:7f:e8:f6:3f:b7:a1:
9c:84:da:38:62:a2:f1:a0:16:f2:2d:5c:0c:7d:64:
fe:c4:51:be:08:37:d8:92:21:9e:f1:73:37:2a:5d:
81:5f:5e:d1:b6:b9:38:5d:0c:58:a1:bf:67:52:09:
2a:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:14:6D:76:B7:42:9C:21:6F:57:F4:0F:7E:77:5E:2A:9B:5D:F7:09
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/955ED30452CB11F18C189ECDCE1D38B0.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.197.102.0/24
Signature Algorithm: sha256WithRSAEncryption
7e:d9:2e:d1:52:c0:f5:81:60:0b:9d:a6:01:77:83:ed:bd:50:
b8:80:2f:75:66:41:5e:02:a5:be:fb:88:74:19:c3:6e:fb:68:
75:1d:7e:25:94:d4:c1:a2:ca:80:5e:4e:60:83:08:2b:fd:13:
de:d3:b0:2d:f2:21:af:74:a4:0d:ad:e0:1c:88:b1:91:f0:5e:
47:c4:07:fb:a1:76:85:a1:82:bf:23:d2:04:4d:05:e3:65:0c:
87:d8:45:b1:1d:49:4f:0f:13:5c:8b:2f:e9:a8:73:c7:69:54:
2c:ab:f4:fd:ea:01:39:7e:52:1d:f8:6e:5e:17:88:7c:20:32:
46:45:c2:66:3e:c4:57:9b:bc:67:34:72:68:76:47:97:f1:2a:
8a:fb:ea:cf:39:13:a2:be:50:6d:dd:b8:f7:4e:63:84:66:e9:
e7:25:7b:75:7f:63:89:20:fb:75:eb:e9:95:10:ff:cc:a1:50:
7d:e3:eb:7f:4c:03:ad:cd:04:07:75:12:b6:bf:14:67:10:21:
2d:de:82:34:72:cf:71:d1:74:f8:21:ef:62:2d:1a:b4:63:96:
96:fc:45:b2:a1:19:e5:5f:61:d1:06:b3:fa:32:53:bc:0c:43:
64:85:5f:64:3e:d2:1c:47:6f:04:f6:79:ae:74:0f:34:31:1a:
e2:69:2b:9d
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAcxNMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjYwNTE4MTUwOTMxWhcNMjYwNjE0MTUwOTMxWjAYMRYw
FAYDVQQDEw02YTBiMmJiMC1lNGYxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA0M3MtFUBu8DiQ0pEdsfC3f6raEAIu4d8Lft5A8uiEovJu4YsiDURXk1r
bcttpsN8wGQxb3AOwN0qsAmCwVpWFsr0jS2sQg+ONDFK/gXOGmClXVQcfWLB00x8
G/9XKCpolKbpK9QTX/FGU00lTgNTQRaaPe9MVM0vp3qsPgnMTatAsKOSdjk64Crx
jhnHo/3WSB2es5Jmupbt03yDi8p0N6Cyd0uffccGXyGtagrQaD5bwS+ZhwuEBvmw
hiPNcW5kAzkpwo3BuRlSKsx/6PY/t6GchNo4YqLxoBbyLVwMfWT+xFG+CDfYkiGe
8XM3Kl2BX17Rtrk4XQxYob9nUgkq7QIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFKQU
bXa3Qpwhb1f0D353XiqbXfcJMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC85NTVFRDMwNDUyQ0IxMUYxOEMxODlFQ0RDRTFEMzhCMC5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmsVmMA0GCSqGSIb3DQEB
CwUAA4IBAQB+2S7RUsD1gWALnaYBd4PtvVC4gC91ZkFeAqW++4h0GcNu+2h1HX4l
lNTBosqAXk5ggwgr/RPe07At8iGvdKQNreAciLGR8F5HxAf7oXaFoYK/I9IETQXj
ZQyH2EWxHUlPDxNciy/pqHPHaVQsq/T96gE5flId+G5eF4h8IDJGRcJmPsRXm7xn
NHJodkeX8SqK++rPOROivlBt3bj3TmOEZunnJXt1f2OJIPt16+mVEP/MoVB94+t/
TAOtzQQHdRK2vxRnECEt3oI0cs9x0XT4Ie9iLRq0Y5aW/EWyoRnlX2HRBrP6MlO8
DENkhV9kPtIcR28E9nmudA80MRriaSud
-----END CERTIFICATE-----
Generated at Wed Jun 10 04:57:44 2026 by rpki-client