Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/A7F89074457711F1AA1D0EC2CE1D38B0.roa
File: A7F89074457711F1AA1D0EC2CE1D38B0.roa (raw, json)
Hash identifier: V5aWrkZwNJY0ZCHXv3D/QToN9qmh5QYA8g6nXRytPqk=
Subject key identifier: 0D:E2:CE:E0:06:41:1A:BB:F7:35:77:F4:71:86:61:D9:70:04:77:B2
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01C8B3
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/A7F89074457711F1AA1D0EC2CE1D38B0.roa
Signing time: Fri 01 May 2026 16:06:05 +0000
ROA not before: Fri 01 May 2026 16:05:59 +0000
ROA not after: Fri 05 Jun 2026 16:05:59 +0000
asID: 44559
IP address blocks: 154.209.205.0/24 maxlen: 24
154.209.207.0/24 maxlen: 24
154.218.27.0/24 maxlen: 24
154.219.193.0/24 maxlen: 24
154.219.194.0/24 maxlen: 24
154.219.197.0/24 maxlen: 24
154.219.200.0/24 maxlen: 24
154.219.204.0/24 maxlen: 24
154.219.205.0/24 maxlen: 24
154.219.206.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 11 May 2026 00:07:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 116915 (0x1c8b3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: May 1 16:05:59 2026 GMT
Not After : Jun 5 16:05:59 2026 GMT
Subject: CN=69f4cf6d-b047
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:97:c8:f8:6e:cf:9d:cc:91:31:53:28:d1:6b:
46:6f:a8:eb:03:51:55:95:67:a7:41:49:5b:ba:22:
35:dd:86:2e:25:cf:9e:35:e1:49:ea:66:b7:a1:ce:
4f:ce:7c:da:c7:bf:0d:de:c8:e5:81:40:71:b3:a1:
7c:ff:42:4e:ca:85:90:a9:24:5a:35:09:70:3f:73:
01:06:cd:9f:b4:77:ba:58:79:d3:c7:fc:87:4f:43:
70:15:30:8c:38:63:25:74:14:e9:df:1a:c2:a1:95:
ea:e7:b6:21:c8:c2:5c:02:7e:75:71:e0:a9:a9:1d:
e9:a2:80:b2:e4:fc:f4:f5:91:19:95:2c:93:ff:a5:
2c:51:87:21:b9:15:d8:55:b5:78:e7:c2:fc:3e:d7:
50:97:95:f1:44:1a:fa:ae:f3:5b:b5:13:b3:e8:25:
30:95:33:f2:5c:f6:e7:66:29:81:d0:d6:58:df:1f:
1b:2e:db:3d:7b:db:36:ad:31:99:e6:b2:ef:3f:38:
8a:c2:af:e5:07:28:ea:ec:da:53:b8:83:c1:6c:4e:
28:61:a0:20:9f:32:be:29:9a:fd:ff:76:06:bf:ca:
bb:60:6f:c4:a7:5c:43:89:62:22:6a:54:54:3a:ce:
ce:a9:36:31:0b:b1:86:36:f8:a7:86:ab:0b:a2:c6:
a6:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:E2:CE:E0:06:41:1A:BB:F7:35:77:F4:71:86:61:D9:70:04:77:B2
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/A7F89074457711F1AA1D0EC2CE1D38B0.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.209.205.0/24
154.209.207.0/24
154.218.27.0/24
154.219.193.0-154.219.194.255
154.219.197.0/24
154.219.200.0/24
154.219.204.0-154.219.206.255
Signature Algorithm: sha256WithRSAEncryption
8b:19:25:e3:ca:bf:ab:4f:c0:82:46:2f:de:d0:30:f8:75:cb:
fe:a6:ee:9f:e2:e8:f9:f2:fb:5d:89:28:48:6b:08:01:71:21:
9a:50:77:5c:fe:19:24:cc:62:8d:56:8a:5d:27:1d:20:30:4d:
36:b7:7e:e6:62:4d:d8:50:09:a1:01:15:ee:5c:ca:e7:5d:cd:
0f:69:b8:e4:1b:0c:10:36:ff:9f:88:40:d9:24:37:db:6a:e9:
43:20:ed:24:09:0c:31:c0:44:06:8e:40:81:79:cb:e4:fc:90:
60:8d:85:70:69:1e:6d:a6:4f:c1:c9:23:94:4d:dd:46:b7:ee:
fb:ff:cd:07:3a:8f:d4:ac:17:7e:b9:16:75:dd:c3:b0:94:9c:
4e:34:05:89:8d:54:ed:e8:ac:7e:c9:b1:61:1e:45:00:91:4c:
25:46:d3:f0:ed:41:83:ff:df:6a:d7:19:fb:22:7a:dd:f6:fb:
bc:5a:35:5d:bf:67:e6:db:c1:f2:fc:52:5c:1a:0c:46:eb:ee:
b5:ed:2f:32:af:c2:79:8a:ab:cc:92:7a:7f:22:22:d6:4a:f9:
34:4f:3a:6f:39:01:3e:02:e0:11:f8:bd:33:50:6d:42:56:e4:
62:ef:66:25:2e:50:b2:4a:46:35:a3:7b:bd:10:3a:ac:60:a8:
8b:d1:4a:57
-----BEGIN CERTIFICATE-----
MIIFuDCCBKCgAwIBAgIDAcizMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjYwNTAxMTYwNTU5WhcNMjYwNjA1MTYwNTU5WjAYMRYw
FAYDVQQDEw02OWY0Y2Y2ZC1iMDQ3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAyJfI+G7PncyRMVMo0WtGb6jrA1FVlWenQUlbuiI13YYuJc+eNeFJ6ma3
oc5Pznzax78N3sjlgUBxs6F8/0JOyoWQqSRaNQlwP3MBBs2ftHe6WHnTx/yHT0Nw
FTCMOGMldBTp3xrCoZXq57YhyMJcAn51ceCpqR3pooCy5Pz09ZEZlSyT/6UsUYch
uRXYVbV458L8PtdQl5XxRBr6rvNbtROz6CUwlTPyXPbnZimB0NZY3x8bLts9e9s2
rTGZ5rLvPziKwq/lByjq7NpTuIPBbE4oYaAgnzK+KZr9/3YGv8q7YG/Ep1xDiWIi
alRUOs7OqTYxC7GGNvinhqsLosam4wIDAQABo4IC2TCCAtUwHQYDVR0OBBYEFA3i
zuAGQRq79zV39HGGYdlwBHeyMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9BN0Y4OTA3NDQ1NzcxMUYxQUExRDBFQzJDRTFEMzhCMC5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMFMGCCsGAQUFBwEHAQH/BEQwQjBABAIAATA6AwQAmtHNAwQAmtHPAwQAmtob
MAwDBACa28EDBACa28IDBACa28UDBACa28gwDAMEAprbzAMEAJrbzjANBgkqhkiG
9w0BAQsFAAOCAQEAixkl48q/q0/AgkYv3tAw+HXL/qbun+Lo+fL7XYkoSGsIAXEh
mlB3XP4ZJMxijVaKXScdIDBNNrd+5mJN2FAJoQEV7lzK513ND2m45BsMEDb/n4hA
2SQ322rpQyDtJAkMMcBEBo5AgXnL5PyQYI2FcGkebaZPwckjlE3dRrfu+//NBzqP
1KwXfrkWdd3DsJScTjQFiY1U7eisfsmxYR5FAJFMJUbT8O1Bg//fatcZ+yJ63fb7
vFo1Xb9n5tvB8vxSXBoMRuvute0vMq/CeYqrzJJ6fyIi1kr5NE86bzkBPgLgEfi9
M1BtQlbkYu9mJS5QskpGNaN7vRA6rGCoi9FKVw==
-----END CERTIFICATE-----
Generated at Sat May 9 11:03:40 2026 by rpki-client