Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/AD03EB52459711F1B3F979FFCE1D38B0.roa
File: AD03EB52459711F1B3F979FFCE1D38B0.roa (raw, json)
Hash identifier: AqxRCtGYAHOO5MnLaPqKeAuZw/Y+t1I+acjudMPIYB8=
Subject key identifier: AF:6F:AE:80:0A:93:85:8E:0E:A4:C4:78:8D:B8:AB:43:5B:5B:19:14
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01C8FB
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/AD03EB52459711F1B3F979FFCE1D38B0.roa
Signing time: Fri 01 May 2026 19:55:17 +0000
ROA not before: Fri 01 May 2026 19:55:13 +0000
ROA not after: Fri 05 Jun 2026 19:55:13 +0000
asID: 15221
IP address blocks: 154.198.32.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 11 May 2026 00:07:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 116987 (0x1c8fb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: May 1 19:55:13 2026 GMT
Not After : Jun 5 19:55:13 2026 GMT
Subject: CN=69f50525-919d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:fe:02:67:76:6c:eb:e3:ab:a0:18:1c:7a:c9:57:
dc:d7:58:b9:ed:8c:19:95:df:7c:a4:87:0b:94:2a:
97:32:e0:a3:3a:33:fc:7d:21:77:85:a7:e9:91:bc:
6a:d8:3a:5e:6f:c5:76:ba:5a:c3:c9:09:8b:78:80:
3b:61:b6:88:76:51:b1:7c:8d:d9:c7:ac:2b:25:da:
d4:6d:c5:13:81:03:6a:ab:0a:49:20:2f:b6:37:c5:
d8:33:eb:8d:7d:86:8f:8a:76:b8:f7:c3:a8:78:ef:
4e:ee:57:48:b5:04:9a:1a:53:4c:21:e6:54:3b:e1:
90:a2:fa:d7:ec:10:ad:76:47:7f:e1:11:36:92:87:
33:db:11:87:10:b0:ad:ca:0d:ec:6f:35:7f:6c:90:
cb:92:a6:ae:c5:ab:51:ea:e9:0f:84:c0:2d:89:7a:
60:87:59:e6:f2:c5:4b:da:fd:24:4b:11:40:67:57:
29:2b:d3:f3:06:41:4b:0a:67:25:9f:a8:e2:5c:f2:
d7:d1:ae:a2:2d:d9:17:37:c9:1d:98:94:2e:de:34:
ad:ff:1f:30:1b:16:94:ab:4d:5a:61:b3:16:e7:b8:
62:94:c4:ac:48:d7:ec:0e:af:eb:16:ac:26:94:77:
e7:4d:e6:f8:5e:bb:77:52:49:5e:bb:9d:dc:ad:b5:
d5:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:6F:AE:80:0A:93:85:8E:0E:A4:C4:78:8D:B8:AB:43:5B:5B:19:14
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/AD03EB52459711F1B3F979FFCE1D38B0.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.198.32.0/22
Signature Algorithm: sha256WithRSAEncryption
2b:b7:96:d9:53:09:de:23:6e:c3:cb:f2:6a:c3:0f:c8:61:c5:
e3:97:53:2e:5c:c3:b5:9b:b1:2d:ec:03:3f:1d:ec:4d:31:85:
5d:8d:a0:51:03:73:96:35:af:59:7b:ba:57:be:b2:fc:32:e5:
e4:00:ca:52:33:76:75:50:6a:10:e4:53:1b:d7:d8:28:79:b1:
96:70:e0:33:dd:9d:ac:7a:3a:c7:52:57:5b:cd:62:d4:25:8f:
0e:88:6a:b6:85:03:3f:c3:35:38:eb:65:23:4f:07:39:d4:e4:
d3:9e:e7:f5:43:a1:64:15:34:8b:32:fe:50:b6:cd:7a:45:de:
c0:4e:5d:ef:78:2a:58:5f:28:46:51:17:86:05:e6:2e:bc:7c:
12:b6:3f:cc:4c:8c:0d:d9:50:f8:ec:8f:87:7a:fd:a2:21:a5:
89:6f:08:6b:91:5b:ad:e5:d9:cb:5b:72:7f:84:ca:09:d7:5b:
c5:94:47:eb:48:f8:4e:e5:33:3d:84:97:6b:f7:98:3b:7c:2c:
87:5f:b6:a3:aa:ae:6a:9c:ac:43:4a:96:f5:20:61:f7:c6:60:
3f:c4:3e:4c:9a:2d:36:3d:33:3a:a9:dc:10:f4:64:d6:3a:9a:
7c:39:fa:55:b1:2f:4a:16:d5:4b:63:c4:12:72:d6:e9:48:9b:
17:3e:84:c2
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAcj7MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjYwNTAxMTk1NTEzWhcNMjYwNjA1MTk1NTEzWjAYMRYw
FAYDVQQDEw02OWY1MDUyNS05MTlkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA/gJndmzr46ugGBx6yVfc11i57YwZld98pIcLlCqXMuCjOjP8fSF3hafp
kbxq2Dpeb8V2ulrDyQmLeIA7YbaIdlGxfI3Zx6wrJdrUbcUTgQNqqwpJIC+2N8XY
M+uNfYaPina498OoeO9O7ldItQSaGlNMIeZUO+GQovrX7BCtdkd/4RE2kocz2xGH
ELCtyg3sbzV/bJDLkqauxatR6ukPhMAtiXpgh1nm8sVL2v0kSxFAZ1cpK9PzBkFL
Cmcln6jiXPLX0a6iLdkXN8kdmJQu3jSt/x8wGxaUq01aYbMW57hilMSsSNfsDq/r
FqwmlHfnTeb4Xrt3Ukleu53crbXVqQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFK9v
roAKk4WODqTEeI24q0NbWxkUMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9BRDAzRUI1MjQ1OTcxMUYxQjNGOTc5RkZDRTFEMzhCMC5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCmsYgMA0GCSqGSIb3DQEB
CwUAA4IBAQArt5bZUwneI27Dy/Jqww/IYcXjl1MuXMO1m7Et7AM/HexNMYVdjaBR
A3OWNa9Ze7pXvrL8MuXkAMpSM3Z1UGoQ5FMb19goebGWcOAz3Z2sejrHUldbzWLU
JY8OiGq2hQM/wzU462UjTwc51OTTnuf1Q6FkFTSLMv5Qts16Rd7ATl3veCpYXyhG
UReGBeYuvHwStj/MTIwN2VD47I+Hev2iIaWJbwhrkVut5dnLW3J/hMoJ11vFlEfr
SPhO5TM9hJdr95g7fCyHX7ajqq5qnKxDSpb1IGH3xmA/xD5Mmi02PTM6qdwQ9GTW
Opp8OfpVsS9KFtVLY8QSctbpSJsXPoTC
-----END CERTIFICATE-----
Generated at Sat May 9 11:00:45 2026 by rpki-client