Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/97EC486C4AAC11F18773BFF7CE1D38B0.roa
File: 97EC486C4AAC11F18773BFF7CE1D38B0.roa (raw, json)
Hash identifier: HSn9/yC8zNKLNKmd9SDNLoZz3ZKtWCrptPc1BwIuncw=
Subject key identifier: 01:BD:08:B4:F8:19:57:E6:EE:2F:22:06:D5:D6:DF:6A:C7:85:D0:FB
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01CA40
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/97EC486C4AAC11F18773BFF7CE1D38B0.roa
Signing time: Fri 08 May 2026 07:07:37 +0000
ROA not before: Fri 08 May 2026 07:07:32 +0000
ROA not after: Mon 07 May 2029 07:07:32 +0000
asID: 17561
IP address blocks: 154.95.191.0/24 maxlen: 24
154.95.192.0/24 maxlen: 24
154.95.193.0/24 maxlen: 24
154.95.194.0/24 maxlen: 24
154.95.195.0/24 maxlen: 24
154.95.196.0/24 maxlen: 24
154.95.197.0/24 maxlen: 24
154.95.198.0/24 maxlen: 24
154.95.199.0/24 maxlen: 24
154.95.200.0/24 maxlen: 24
154.95.201.0/24 maxlen: 24
154.95.202.0/24 maxlen: 24
154.95.203.0/24 maxlen: 24
154.95.204.0/24 maxlen: 24
154.95.205.0/24 maxlen: 24
154.95.206.0/24 maxlen: 24
154.95.207.0/24 maxlen: 24
154.95.208.0/24 maxlen: 24
154.95.209.0/24 maxlen: 24
154.95.210.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 11 May 2026 00:07:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 117312 (0x1ca40)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: May 8 07:07:32 2026 GMT
Not After : May 7 07:07:32 2029 GMT
Subject: CN=69fd8bb9-32d2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:35:21:43:92:6c:fb:25:df:d7:73:0e:ac:32:
57:93:8a:c5:30:57:80:ac:e2:a8:30:58:bd:0e:e3:
c4:82:1a:d1:25:4c:6c:70:4f:98:8b:03:35:5c:aa:
ee:e8:49:74:17:97:89:0b:25:36:92:eb:c6:94:ed:
ad:53:94:ae:b8:73:35:b8:d3:57:76:5d:ca:3d:de:
1a:7d:7a:50:2b:94:9e:1a:fe:cc:72:63:00:6f:98:
07:0d:50:a0:1c:82:90:4b:88:04:25:31:6e:74:a3:
62:b6:11:55:01:96:97:49:de:f3:07:e9:97:6c:69:
a8:bc:78:b7:23:94:30:65:63:4f:ed:15:20:6f:49:
9a:85:f3:c7:c0:81:2f:1d:21:7b:12:f1:1a:f2:d3:
fc:60:7b:3c:11:76:c5:ab:98:9e:ec:fb:fe:dc:6f:
90:50:c7:28:c2:92:f7:af:c0:24:c0:f9:cf:75:43:
16:e1:b4:a5:90:17:5c:d3:6a:6d:ba:df:e9:d7:37:
96:ee:47:f9:02:b3:a1:5f:f3:8b:a5:b9:4c:b3:7d:
6c:7c:5c:8a:ab:5a:f5:af:6a:04:f3:f8:13:f5:4a:
5b:5a:6b:c4:96:5f:ae:54:d4:e5:d1:0c:2d:48:a4:
b2:dd:75:dd:c4:a2:bc:17:07:ad:3a:b9:8a:18:40:
d5:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:BD:08:B4:F8:19:57:E6:EE:2F:22:06:D5:D6:DF:6A:C7:85:D0:FB
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/97EC486C4AAC11F18773BFF7CE1D38B0.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.95.191.0-154.95.210.255
Signature Algorithm: sha256WithRSAEncryption
2b:a0:00:4f:6e:bf:3f:dd:eb:e9:fc:f8:db:e1:57:f5:a5:bc:
a4:75:30:71:11:bf:c7:f7:e1:d2:84:fe:e2:1c:8a:5c:29:fc:
c0:54:11:26:22:47:43:23:ab:cb:22:93:e4:f4:43:36:e9:d5:
86:9c:93:a7:57:a9:61:87:01:3b:db:e6:c7:de:7d:34:a2:9a:
4d:e4:09:a7:0e:0d:83:6e:13:35:ae:66:92:51:60:80:0e:49:
70:a5:48:3a:0e:93:f4:22:67:e6:ad:37:f7:01:bb:3a:b9:83:
8d:cf:39:26:6c:1f:6b:df:ef:82:49:74:3e:8d:ab:37:9f:33:
40:f7:8a:33:2d:69:be:b7:c9:13:b3:99:ed:07:58:74:a0:62:
ad:72:19:ba:c4:cd:4f:73:cc:ed:23:0a:83:bd:7e:f7:47:aa:
24:be:b0:98:78:81:3b:34:b5:76:c9:98:1d:06:94:57:ca:8e:
98:db:c4:21:85:d1:3f:a5:f7:1e:9b:aa:6c:2c:e1:6b:77:ff:
3b:4f:09:e3:7c:04:99:9a:ed:f0:7a:10:08:1c:44:b2:af:de:
20:ce:cd:6f:66:eb:74:09:25:8a:02:24:05:70:29:f2:2a:b4:
30:c4:e5:09:2a:13:17:4d:26:6f:c0:da:11:58:f7:60:bd:0e:
87:fb:81:0c
-----BEGIN CERTIFICATE-----
MIIFjDCCBHSgAwIBAgIDAcpAMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjYwNTA4MDcwNzMyWhcNMjkwNTA3MDcwNzMyWjAYMRYw
FAYDVQQDEw02OWZkOGJiOS0zMmQyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA7DUhQ5Js+yXf13MOrDJXk4rFMFeArOKoMFi9DuPEghrRJUxscE+YiwM1
XKru6El0F5eJCyU2kuvGlO2tU5SuuHM1uNNXdl3KPd4afXpQK5SeGv7McmMAb5gH
DVCgHIKQS4gEJTFudKNithFVAZaXSd7zB+mXbGmovHi3I5QwZWNP7RUgb0mahfPH
wIEvHSF7EvEa8tP8YHs8EXbFq5ie7Pv+3G+QUMcowpL3r8AkwPnPdUMW4bSlkBdc
02ptut/p1zeW7kf5ArOhX/OLpblMs31sfFyKq1r1r2oE8/gT9UpbWmvEll+uVNTl
0QwtSKSy3XXdxKK8FwetOrmKGEDVKQIDAQABo4ICrTCCAqkwHQYDVR0OBBYEFAG9
CLT4GVfm7i8iBtXW32rHhdD7MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC85N0VDNDg2QzRBQUMxMUYxODc3M0JGRjdDRTFEMzhCMC5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBACaX78DBACaX9IwDQYJ
KoZIhvcNAQELBQADggEBACugAE9uvz/d6+n8+NvhV/WlvKR1MHERv8f34dKE/uIc
ilwp/MBUESYiR0Mjq8sik+T0Qzbp1Yack6dXqWGHATvb5sfefTSimk3kCacODYNu
EzWuZpJRYIAOSXClSDoOk/QiZ+atN/cBuzq5g43POSZsH2vf74JJdD6NqzefM0D3
ijMtab63yROzme0HWHSgYq1yGbrEzU9zzO0jCoO9fvdHqiS+sJh4gTs0tXbJmB0G
lFfKjpjbxCGF0T+l9x6bqmws4Wt3/ztPCeN8BJma7fB6EAgcRLKv3iDOzW9m63QJ
JYoCJAVwKfIqtDDE5QkqExdNJm/A2hFY92C9Dof7gQw=
-----END CERTIFICATE-----
Generated at Sat May 9 11:03:59 2026 by rpki-client