Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/9FD1E2F84AB611F1B8B82AB6CE1D38B0.roa
File: 9FD1E2F84AB611F1B8B82AB6CE1D38B0.roa (raw, json)
Hash identifier: wu1mWKjm1qY0NV7uAd0FT2i6viP0zyDrLjx+9peL5g8=
Subject key identifier: 9D:D4:C4:13:3E:0F:60:32:B5:31:5E:B5:65:E2:2D:7F:C6:81:D6:EF
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01CA57
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/9FD1E2F84AB611F1B8B82AB6CE1D38B0.roa
Signing time: Fri 08 May 2026 08:19:25 +0000
ROA not before: Fri 08 May 2026 08:19:20 +0000
ROA not after: Mon 07 May 2029 08:19:20 +0000
asID: 17561
IP address blocks: 154.208.136.0/24 maxlen: 24
154.208.137.0/24 maxlen: 24
154.208.138.0/24 maxlen: 24
154.208.139.0/24 maxlen: 24
154.208.140.0/24 maxlen: 24
154.208.141.0/24 maxlen: 24
154.208.142.0/24 maxlen: 24
154.208.143.0/24 maxlen: 24
154.208.144.0/24 maxlen: 24
154.208.145.0/24 maxlen: 24
154.208.146.0/24 maxlen: 24
154.208.147.0/24 maxlen: 24
154.208.148.0/24 maxlen: 24
154.208.149.0/24 maxlen: 24
154.208.150.0/24 maxlen: 24
154.208.151.0/24 maxlen: 24
154.208.152.0/24 maxlen: 24
154.208.153.0/24 maxlen: 24
154.208.154.0/24 maxlen: 24
154.208.155.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 11 May 2026 00:07:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 117335 (0x1ca57)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: May 8 08:19:20 2026 GMT
Not After : May 7 08:19:20 2029 GMT
Subject: CN=69fd9c8d-e61a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:9d:6e:86:b0:63:da:da:0a:5f:7a:ca:70:74:
ec:29:62:3e:66:1b:4e:0c:3c:f6:b9:66:aa:9e:95:
d7:fc:9f:5b:39:47:2b:eb:8d:0a:a1:3c:13:d6:4e:
9f:80:d4:c3:ce:39:db:12:7d:3a:45:6c:57:d9:bd:
13:f0:b8:e5:21:28:92:4a:aa:54:2f:a4:7f:6e:6d:
0d:40:93:ce:14:88:91:55:c8:94:d9:40:02:bf:ef:
e8:4e:95:2a:eb:66:22:4a:65:d5:33:26:ea:89:03:
9e:64:fd:a2:a8:0b:81:b6:52:86:dd:d0:59:0b:f1:
6a:46:f7:bf:a7:47:23:5a:06:7d:5f:a0:cd:b5:99:
16:8c:f8:23:93:b2:23:0b:5b:32:51:7a:d1:6f:09:
d8:73:c7:d1:2d:40:03:57:1f:2e:42:c8:79:a2:6b:
b9:5e:ab:d5:fd:fe:df:90:7c:c2:65:5c:e0:be:fa:
18:78:b8:09:53:87:83:c7:db:14:f4:79:64:d4:2a:
ef:cd:ba:81:c3:fb:89:d1:27:34:04:5a:ad:8a:97:
aa:66:ff:98:3f:e2:a5:50:e0:43:39:be:c4:41:11:
db:8a:49:66:11:01:65:5f:f0:8a:55:72:d3:05:bc:
27:71:1e:61:31:a3:0b:99:83:1c:4c:eb:6f:68:98:
a2:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:D4:C4:13:3E:0F:60:32:B5:31:5E:B5:65:E2:2D:7F:C6:81:D6:EF
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/9FD1E2F84AB611F1B8B82AB6CE1D38B0.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.208.136.0-154.208.155.255
Signature Algorithm: sha256WithRSAEncryption
41:bb:94:35:6c:eb:3f:bc:d8:3f:8f:73:d3:91:b0:44:ad:f8:
dc:da:6b:d2:53:af:7f:f3:a5:70:87:63:30:af:6d:a0:18:fd:
7e:e5:cf:fd:79:65:14:d1:d2:23:e9:a7:cb:67:ee:6d:60:c4:
d4:d2:0b:ba:76:64:35:49:ea:0f:61:71:e6:15:91:b7:26:d7:
03:10:22:73:3e:17:b2:a5:d0:a0:8a:25:25:8a:df:c8:4d:34:
39:2e:46:4e:c7:ba:1a:09:e7:c4:a5:00:c8:19:94:89:c6:1a:
a5:bf:9f:35:e6:3e:c8:75:d2:f5:e2:1e:db:4b:f0:e5:e7:60:
2f:73:06:be:6b:b8:d2:70:d9:16:8b:16:e7:1e:54:c5:f5:bd:
6e:06:c8:ac:2a:ad:96:c6:06:89:01:fe:75:c8:b0:2e:ac:71:
5a:12:7e:48:fb:f4:ec:66:76:8d:7d:7b:f4:fa:07:0e:68:e8:
94:e5:08:13:b9:e8:8b:fb:e7:e6:05:2f:6a:5b:32:17:ba:20:
cb:6b:5c:2a:3c:5d:01:e5:97:ec:3b:4f:46:4d:0b:5b:9a:d6:
b7:45:b6:eb:01:82:6f:0f:ec:26:ed:ff:ec:60:b8:2d:b9:77:
71:96:3e:fd:83:9f:56:c7:87:22:70:a6:b2:7a:a8:2a:a0:b0:
40:96:43:dc
-----BEGIN CERTIFICATE-----
MIIFjDCCBHSgAwIBAgIDAcpXMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjYwNTA4MDgxOTIwWhcNMjkwNTA3MDgxOTIwWjAYMRYw
FAYDVQQDEw02OWZkOWM4ZC1lNjFhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA251uhrBj2toKX3rKcHTsKWI+ZhtODDz2uWaqnpXX/J9bOUcr640KoTwT
1k6fgNTDzjnbEn06RWxX2b0T8LjlISiSSqpUL6R/bm0NQJPOFIiRVciU2UACv+/o
TpUq62YiSmXVMybqiQOeZP2iqAuBtlKG3dBZC/FqRve/p0cjWgZ9X6DNtZkWjPgj
k7IjC1syUXrRbwnYc8fRLUADVx8uQsh5omu5XqvV/f7fkHzCZVzgvvoYeLgJU4eD
x9sU9Hlk1CrvzbqBw/uJ0Sc0BFqtipeqZv+YP+KlUOBDOb7EQRHbiklmEQFlX/CK
VXLTBbwncR5hMaMLmYMcTOtvaJiiVwIDAQABo4ICrTCCAqkwHQYDVR0OBBYEFJ3U
xBM+D2AytTFetWXiLX/GgdbvMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC85RkQxRTJGODRBQjYxMUYxQjhCODJBQjZDRTFEMzhCMC5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAOa0IgDBAKa0JgwDQYJ
KoZIhvcNAQELBQADggEBAEG7lDVs6z+82D+Pc9ORsESt+Nzaa9JTr3/zpXCHYzCv
baAY/X7lz/15ZRTR0iPpp8tn7m1gxNTSC7p2ZDVJ6g9hceYVkbcm1wMQInM+F7Kl
0KCKJSWK38hNNDkuRk7HuhoJ58SlAMgZlInGGqW/nzXmPsh10vXiHttL8OXnYC9z
Br5ruNJw2RaLFuceVMX1vW4GyKwqrZbGBokB/nXIsC6scVoSfkj79Oxmdo19e/T6
Bw5o6JTlCBO56Iv75+YFL2pbMhe6IMtrXCo8XQHll+w7T0ZNC1ua1rdFtusBgm8P
7Cbt/+xguC25d3GWPv2Dn1bHhyJwprJ6qCqgsECWQ9w=
-----END CERTIFICATE-----
Generated at Sat May 9 11:00:12 2026 by rpki-client