Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/98F5D9E63E6B11F18A4A12C8CE1D38B0.roa
File: 98F5D9E63E6B11F18A4A12C8CE1D38B0.roa (raw, json)
Hash identifier: 6KIxv0iuiV9O9lkmKnGqi/zoOekV2GyQKrwNJ5H+Luw=
Subject key identifier: 09:D8:61:02:DC:3B:BE:1F:C2:A6:18:CE:61:4D:70:27:E8:0F:9E:11
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01C699
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/98F5D9E63E6B11F18A4A12C8CE1D38B0.roa
Signing time: Wed 22 Apr 2026 16:52:08 +0000
ROA not before: Wed 22 Apr 2026 16:52:02 +0000
ROA not after: Tue 09 Jun 2026 16:52:02 +0000
asID: 2914
IP address blocks: 154.83.11.0/24 maxlen: 24
154.92.199.0/24 maxlen: 24
154.92.206.0/24 maxlen: 24
154.92.208.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 11 May 2026 00:07:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 116377 (0x1c699)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Apr 22 16:52:02 2026 GMT
Not After : Jun 9 16:52:02 2026 GMT
Subject: CN=69e8fcb8-0fdf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:ca:d6:ca:cd:a8:25:1c:39:c5:55:a0:b9:29:
2e:a6:f1:a2:bc:1f:02:1f:d6:c6:ce:0c:d1:60:de:
cb:a7:db:b2:15:15:5b:88:49:0d:50:3c:31:49:b6:
75:33:79:26:8b:ed:0a:74:a8:ab:da:e8:9d:f7:41:
a4:12:66:15:4f:9d:30:08:04:be:6d:71:db:3e:b5:
33:1a:27:9f:ad:a1:d9:7b:f8:e5:69:5d:a4:95:85:
da:c6:6e:81:1b:bb:e7:af:46:51:06:8f:85:be:01:
d6:75:46:9d:f1:dc:05:c3:e3:57:35:d2:fc:b6:68:
38:44:bc:9b:c3:f9:3f:e7:bd:e6:06:d0:b8:92:e6:
18:33:bf:58:92:9d:3e:b4:b4:de:9b:85:c3:15:05:
4c:1b:71:f2:22:e5:3b:c0:0f:53:19:e1:91:1d:c3:
51:84:a2:21:5e:5f:e8:d5:3f:60:6a:78:2e:6f:b7:
50:ba:74:82:c6:f2:80:b4:c3:1e:16:a2:a4:8c:5c:
f0:79:ec:2e:7c:df:7e:a5:79:15:ed:cb:79:00:ee:
14:30:e5:17:22:04:b3:84:a5:aa:33:ad:cb:95:dd:
9f:80:65:7e:35:aa:4d:84:f7:ab:33:e3:b2:49:06:
af:54:0a:89:33:49:82:27:22:b4:df:85:eb:b7:6a:
c9:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:D8:61:02:DC:3B:BE:1F:C2:A6:18:CE:61:4D:70:27:E8:0F:9E:11
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/98F5D9E63E6B11F18A4A12C8CE1D38B0.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.83.11.0/24
154.92.199.0/24
154.92.206.0/24
154.92.208.0/24
Signature Algorithm: sha256WithRSAEncryption
0e:06:6b:89:23:34:19:fe:21:68:ae:47:d0:88:f1:2d:6b:66:
69:a0:c9:31:f2:ed:4b:2d:bb:bc:cb:e0:b6:ca:81:e7:f0:01:
42:81:68:d8:41:4a:e9:86:e6:f7:3f:83:07:59:65:8e:18:74:
93:54:d5:57:13:81:b7:98:93:a4:b5:a7:fb:fb:4d:d0:86:35:
f8:14:89:65:48:e0:95:de:a9:2b:88:ba:ba:92:90:54:82:5b:
e1:a1:36:3a:85:6b:93:8d:83:f8:fc:13:be:23:27:52:31:c9:
3a:16:6e:e0:a6:84:2e:95:e3:c0:35:6e:3f:aa:19:a5:14:0d:
3b:db:dd:ba:45:96:29:e3:af:89:69:ce:60:5d:1a:1c:fb:6a:
44:2c:a9:c3:aa:95:ce:cb:6b:1e:27:0c:27:f8:07:a1:74:64:
87:2c:c3:88:38:80:b6:5d:d1:86:d3:04:4c:1e:5e:6a:2d:8f:
9d:1b:11:a7:82:24:10:4c:d9:d2:2a:19:69:04:9a:78:e3:11:
1c:2e:4c:0d:bb:95:14:eb:4e:c3:5b:d5:99:79:f6:eb:34:51:
36:0b:80:cd:e5:6e:8d:96:4f:6d:00:1a:33:67:6a:02:74:a1:
fe:e7:65:ac:c2:2c:38:cf:b5:13:a1:5f:d6:4c:04:20:68:6b:
4e:d4:79:7d
-----BEGIN CERTIFICATE-----
MIIFljCCBH6gAwIBAgIDAcaZMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjYwNDIyMTY1MjAyWhcNMjYwNjA5MTY1MjAyWjAYMRYw
FAYDVQQDEw02OWU4ZmNiOC0wZmRmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEApsrWys2oJRw5xVWguSkupvGivB8CH9bGzgzRYN7Lp9uyFRVbiEkNUDwx
SbZ1M3kmi+0KdKir2uid90GkEmYVT50wCAS+bXHbPrUzGiefraHZe/jlaV2klYXa
xm6BG7vnr0ZRBo+FvgHWdUad8dwFw+NXNdL8tmg4RLybw/k/573mBtC4kuYYM79Y
kp0+tLTem4XDFQVMG3HyIuU7wA9TGeGRHcNRhKIhXl/o1T9gangub7dQunSCxvKA
tMMeFqKkjFzweewufN9+pXkV7ct5AO4UMOUXIgSzhKWqM63Lld2fgGV+NapNhPer
M+OySQavVAqJM0mCJyK034Xrt2rJfQIDAQABo4ICtzCCArMwHQYDVR0OBBYEFAnY
YQLcO74fwqYYzmFNcCfoD54RMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC85OEY1RDlFNjNFNkIxMUYxOEE0QTEyQzhDRTFEMzhCMC5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAmlMLAwQAmlzHAwQAmlzO
AwQAmlzQMA0GCSqGSIb3DQEBCwUAA4IBAQAOBmuJIzQZ/iForkfQiPEta2ZpoMkx
8u1LLbu8y+C2yoHn8AFCgWjYQUrphub3P4MHWWWOGHSTVNVXE4G3mJOktaf7+03Q
hjX4FIllSOCV3qkriLq6kpBUglvhoTY6hWuTjYP4/BO+IydSMck6Fm7gpoQulePA
NW4/qhmlFA072926RZYp46+Jac5gXRoc+2pELKnDqpXOy2seJwwn+AehdGSHLMOI
OIC2XdGG0wRMHl5qLY+dGxGngiQQTNnSKhlpBJp44xEcLkwNu5UU607DW9WZefbr
NFE2C4DN5W6Nlk9tABozZ2oCdKH+52Wswiw4z7UToV/WTAQgaGtO1Hl9
-----END CERTIFICATE-----
Generated at Sat May 9 11:03:00 2026 by rpki-client