Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/96E84E4E479A11F1B584B5C9CE1D38B0.roa
File: 96E84E4E479A11F1B584B5C9CE1D38B0.roa (raw, json)
Hash identifier: nwAgv9ntVok0ZNr0eke+05emVKXDRebDfZPw3cRXv9U=
Subject key identifier: 3E:F7:FC:9F:BE:11:03:3F:E3:54:DA:2E:A7:E4:3D:1E:0E:BD:3D:30
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01C957
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/96E84E4E479A11F1B584B5C9CE1D38B0.roa
Signing time: Mon 04 May 2026 09:21:11 +0000
ROA not before: Mon 04 May 2026 09:21:06 +0000
ROA not after: Mon 08 Jun 2026 09:21:06 +0000
asID: 45194
IP address blocks: 154.84.252.0/24 maxlen: 24
154.84.253.0/24 maxlen: 24
154.84.254.0/24 maxlen: 24
154.84.255.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 11 May 2026 00:07:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 117079 (0x1c957)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: May 4 09:21:06 2026 GMT
Not After : Jun 8 09:21:06 2026 GMT
Subject: CN=69f86507-db40
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:cb:1d:51:d9:82:63:37:32:50:c4:5e:c1:2c:
4e:d6:cb:f5:bb:f0:c9:b0:48:72:d3:51:0d:15:40:
2e:7d:df:d5:08:d1:0f:f5:79:66:e1:de:42:04:57:
22:fd:3e:9e:0e:2e:c9:7d:0c:b4:63:a7:62:77:79:
51:3c:1b:e7:64:4d:43:52:77:66:de:e9:21:1f:54:
25:34:4b:5f:bf:fa:91:e0:32:a6:f7:60:ae:c7:31:
bc:8e:63:b2:64:70:a7:63:a4:9f:1a:07:fe:6c:32:
78:6d:f5:0a:3d:1c:3a:c9:09:44:2a:a1:b7:d9:ac:
30:9c:3a:b9:19:d0:2d:e9:d7:4d:c0:a8:59:2c:03:
5d:21:a6:7c:a0:25:af:5a:eb:a9:56:41:29:97:7f:
cb:0e:b0:1c:fb:d5:bd:20:65:6d:36:34:fa:75:41:
50:b1:c6:47:13:40:12:18:b0:d7:74:2b:82:a7:25:
c7:c1:b4:37:3e:63:c5:1a:3a:49:ae:44:22:e1:02:
be:bd:7d:8d:9e:5a:6e:a4:d9:69:52:a8:19:e4:6b:
b3:70:d1:be:52:d8:f2:96:95:b4:64:23:7e:c1:77:
49:36:69:8a:0e:54:5c:03:a8:95:5a:97:28:bb:7e:
46:f9:58:4a:60:93:49:e2:e8:55:de:cd:d0:be:8b:
99:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:F7:FC:9F:BE:11:03:3F:E3:54:DA:2E:A7:E4:3D:1E:0E:BD:3D:30
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/96E84E4E479A11F1B584B5C9CE1D38B0.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.84.252.0/22
Signature Algorithm: sha256WithRSAEncryption
07:1e:cf:bd:5c:17:9e:a0:2a:20:e1:4f:6a:c7:92:d6:f2:c4:
f7:ba:b9:ab:8b:21:e2:e9:44:b3:e7:ca:d7:b0:c9:9c:34:d2:
6d:7e:d8:da:46:8f:97:ba:fe:08:d9:d4:ca:81:6e:97:1a:dd:
1d:9f:f0:1f:83:7c:69:09:64:cf:42:68:e0:e8:38:c9:7b:5f:
cf:cc:4d:65:06:b0:f9:41:f3:4b:47:a9:4e:ad:3d:69:5b:70:
41:34:7b:ec:64:d2:3d:39:13:c5:16:7b:ca:ad:e6:6a:2e:50:
7a:70:1b:9f:64:ea:e8:73:aa:14:77:cf:e0:c2:ee:f6:10:12:
fb:90:5b:45:ca:71:ee:45:a9:18:55:77:f3:44:b0:c7:78:63:
f8:9e:37:04:b0:52:68:02:0c:3a:83:02:a2:87:84:be:1d:0d:
80:96:af:2f:2a:ea:95:c9:bc:02:3b:7b:46:10:af:9c:9d:70:
f7:fd:0c:f6:49:32:cc:72:71:ad:a7:7a:c5:66:f3:57:2c:76:
b1:27:48:d1:09:5a:b9:09:fc:eb:11:4a:38:96:48:71:78:eb:
28:1f:95:1c:23:36:85:be:c5:cc:f5:4d:4b:52:89:cc:83:8d:
7a:05:9f:5a:03:c9:ef:b9:14:ec:13:59:0b:10:6b:ec:fa:a9:
85:64:52:c5
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAclXMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjYwNTA0MDkyMTA2WhcNMjYwNjA4MDkyMTA2WjAYMRYw
FAYDVQQDEw02OWY4NjUwNy1kYjQwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAsssdUdmCYzcyUMRewSxO1sv1u/DJsEhy01ENFUAufd/VCNEP9Xlm4d5C
BFci/T6eDi7JfQy0Y6did3lRPBvnZE1DUndm3ukhH1QlNEtfv/qR4DKm92CuxzG8
jmOyZHCnY6SfGgf+bDJ4bfUKPRw6yQlEKqG32awwnDq5GdAt6ddNwKhZLANdIaZ8
oCWvWuupVkEpl3/LDrAc+9W9IGVtNjT6dUFQscZHE0ASGLDXdCuCpyXHwbQ3PmPF
GjpJrkQi4QK+vX2NnlpupNlpUqgZ5GuzcNG+UtjylpW0ZCN+wXdJNmmKDlRcA6iV
Wpcou35G+VhKYJNJ4uhV3s3QvouZcQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFD73
/J++EQM/41TaLqfkPR4OvT0wMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC85NkU4NEU0RTQ3OUExMUYxQjU4NEI1QzlDRTFEMzhCMC5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCmlT8MA0GCSqGSIb3DQEB
CwUAA4IBAQAHHs+9XBeeoCog4U9qx5LW8sT3urmriyHi6USz58rXsMmcNNJtftja
Ro+Xuv4I2dTKgW6XGt0dn/Afg3xpCWTPQmjg6DjJe1/PzE1lBrD5QfNLR6lOrT1p
W3BBNHvsZNI9ORPFFnvKreZqLlB6cBufZOroc6oUd8/gwu72EBL7kFtFynHuRakY
VXfzRLDHeGP4njcEsFJoAgw6gwKih4S+HQ2Alq8vKuqVybwCO3tGEK+cnXD3/Qz2
STLMcnGtp3rFZvNXLHaxJ0jRCVq5CfzrEUo4lkhxeOsoH5UcIzaFvsXM9U1LUonM
g416BZ9aA8nvuRTsE1kLEGvs+qmFZFLF
-----END CERTIFICATE-----
Generated at Sat May 9 11:04:01 2026 by rpki-client