Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/96B17934456311F18DBC63C9CE1D38B0.roa
File: 96B17934456311F18DBC63C9CE1D38B0.roa (raw, json)
Hash identifier: twChlcZ2KPLAIyA8GVzVcmLoPskT0W31Ti7rLOgn/zg=
Subject key identifier: C3:64:44:FE:8B:40:C8:66:2E:62:20:2F:CA:75:EF:FF:B4:C1:17:B5
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01C8A3
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/96B17934456311F18DBC63C9CE1D38B0.roa
Signing time: Fri 01 May 2026 13:42:26 +0000
ROA not before: Fri 01 May 2026 13:42:22 +0000
ROA not after: Wed 03 Jun 2026 13:42:22 +0000
asID: 17497
IP address blocks: 154.193.162.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 11 May 2026 00:07:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 116899 (0x1c8a3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: May 1 13:42:22 2026 GMT
Not After : Jun 3 13:42:22 2026 GMT
Subject: CN=69f4adc2-05fd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:79:58:45:00:08:3f:b2:e3:5e:98:56:aa:44:
af:00:d2:db:f0:1c:83:09:03:79:cd:9f:20:76:72:
e8:36:77:94:03:11:17:34:42:de:f3:44:49:5f:dd:
21:d5:bc:20:19:e0:b2:03:e5:74:fc:ed:5c:a5:78:
b1:bb:fb:89:58:68:d0:da:af:93:5a:f1:84:f6:5d:
98:be:1a:dc:01:30:27:bf:6b:84:ab:ba:07:e5:29:
03:d6:c6:36:df:f6:06:08:02:5c:c1:98:ae:49:cb:
d1:3e:37:79:20:a0:5e:f4:d9:87:fb:0f:94:70:d8:
6a:07:57:fa:f6:82:a7:1a:ff:67:87:c6:04:18:87:
a8:fe:9e:ea:94:f9:53:90:c5:61:44:6f:0f:09:13:
f8:5d:78:6a:cc:ef:50:c8:f9:b9:8b:69:3e:59:2b:
2d:97:5b:50:b1:97:75:71:76:c1:4e:cc:fb:c3:47:
32:64:31:83:73:e4:21:02:d6:eb:a0:af:d1:3c:98:
06:2e:65:c3:c8:39:2a:0f:55:83:62:93:c8:a4:fb:
c9:6e:53:ad:f2:35:79:b2:4f:11:8f:7f:e2:cb:4c:
a1:35:ec:fa:1d:a0:c9:8b:77:d2:c3:8b:ba:9d:38:
fd:ff:b4:77:52:66:3d:cd:e3:c2:77:36:02:e4:87:
a5:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:64:44:FE:8B:40:C8:66:2E:62:20:2F:CA:75:EF:FF:B4:C1:17:B5
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/96B17934456311F18DBC63C9CE1D38B0.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.193.162.0/24
Signature Algorithm: sha256WithRSAEncryption
c1:cc:23:27:b9:3c:eb:8a:91:3b:56:0d:7f:d1:5b:ec:c1:09:
39:3d:ab:2f:78:0d:1a:e6:bb:c0:b2:9d:07:cd:d8:33:13:bf:
d6:40:3d:34:fe:16:84:b4:01:b4:4f:e8:3c:57:00:e4:82:ba:
e1:b5:b9:a4:95:6e:b8:38:70:17:6b:33:cf:f7:48:9d:4b:41:
f3:32:ab:8d:fa:23:48:72:97:28:a7:71:7d:aa:aa:cc:a6:6b:
63:f2:6a:37:e0:88:ee:0b:9d:c2:53:8b:68:c0:63:d0:17:9e:
df:1a:66:a8:50:2b:be:4b:f3:07:8d:a3:1a:5e:ac:ed:4e:6e:
12:f5:69:09:6a:08:03:90:d9:9e:23:b5:0a:de:24:19:03:fe:
5a:75:c6:ca:48:8b:dd:83:0d:35:6f:84:69:05:a8:72:3f:a2:
d7:6b:b6:73:18:be:9b:9d:88:fa:ea:82:ff:95:58:ac:4f:ea:
34:c8:93:5e:25:4d:ec:29:62:10:c9:7b:07:fe:d5:04:db:ff:
c0:6e:d6:31:91:90:e1:c7:dd:b4:44:a5:70:b5:9c:47:d7:77:
93:ff:79:fa:dd:d5:56:20:7f:cc:7e:fa:8d:6b:a6:2b:04:6d:
15:75:ac:4b:1d:69:a4:9e:cb:eb:bd:66:9f:d6:56:bb:bf:cb:
5f:59:83:15
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAcijMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjYwNTAxMTM0MjIyWhcNMjYwNjAzMTM0MjIyWjAYMRYw
FAYDVQQDEw02OWY0YWRjMi0wNWZkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAxnlYRQAIP7LjXphWqkSvANLb8ByDCQN5zZ8gdnLoNneUAxEXNELe80RJ
X90h1bwgGeCyA+V0/O1cpXixu/uJWGjQ2q+TWvGE9l2YvhrcATAnv2uEq7oH5SkD
1sY23/YGCAJcwZiuScvRPjd5IKBe9NmH+w+UcNhqB1f69oKnGv9nh8YEGIeo/p7q
lPlTkMVhRG8PCRP4XXhqzO9QyPm5i2k+WSstl1tQsZd1cXbBTsz7w0cyZDGDc+Qh
AtbroK/RPJgGLmXDyDkqD1WDYpPIpPvJblOt8jV5sk8Rj3/iy0yhNez6HaDJi3fS
w4u6nTj9/7R3UmY9zePCdzYC5IellQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFMNk
RP6LQMhmLmIgL8p17/+0wRe1MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC85NkIxNzkzNDQ1NjMxMUYxOERCQzYzQzlDRTFEMzhCMC5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmsGiMA0GCSqGSIb3DQEB
CwUAA4IBAQDBzCMnuTzripE7Vg1/0VvswQk5PasveA0a5rvAsp0HzdgzE7/WQD00
/haEtAG0T+g8VwDkgrrhtbmklW64OHAXazPP90idS0HzMquN+iNIcpcop3F9qqrM
pmtj8mo34IjuC53CU4towGPQF57fGmaoUCu+S/MHjaMaXqztTm4S9WkJaggDkNme
I7UK3iQZA/5adcbKSIvdgw01b4RpBahyP6LXa7ZzGL6bnYj66oL/lVisT+o0yJNe
JU3sKWIQyXsH/tUE2//AbtYxkZDhx920RKVwtZxH13eT/3n63dVWIH/MfvqNa6Yr
BG0VdaxLHWmknsvrvWaf1la7v8tfWYMV
-----END CERTIFICATE-----
Generated at Sat May 9 11:03:42 2026 by rpki-client