Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/B38F3DC43FBA11F18AF6A9D5CE1D38B0.roa
File: B38F3DC43FBA11F18AF6A9D5CE1D38B0.roa (raw, json)
Hash identifier: Hk8FWJc2YU10mPVD0Z2xUajcldYpzmbRdrnSsEq3VrA=
Subject key identifier: BD:FA:C4:A7:97:35:0F:43:DB:A7:B5:97:3B:69:F5:76:7D:B1:87:DD
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01C71B
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/B38F3DC43FBA11F18AF6A9D5CE1D38B0.roa
Signing time: Fri 24 Apr 2026 08:50:54 +0000
ROA not before: Fri 24 Apr 2026 08:50:49 +0000
ROA not after: Sun 31 May 2026 08:50:49 +0000
asID: 62240
IP address blocks: 154.194.7.0/24 maxlen: 24
154.194.38.0/24 maxlen: 24
154.194.83.0/24 maxlen: 24
154.194.84.0/24 maxlen: 24
154.194.85.0/24 maxlen: 24
154.194.118.0/24 maxlen: 24
154.195.121.0/24 maxlen: 24
154.195.122.0/24 maxlen: 24
154.196.84.0/24 maxlen: 24
154.196.85.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 11 May 2026 00:07:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 116507 (0x1c71b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Apr 24 08:50:49 2026 GMT
Not After : May 31 08:50:49 2026 GMT
Subject: CN=69eb2eee-6753
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:fc:f4:2b:c0:2f:b5:86:b4:35:31:f2:68:f7:
36:e2:96:7d:3e:56:f6:59:8e:92:5c:b0:e7:7d:76:
d6:8a:83:5f:37:40:9f:0f:fa:85:7d:04:a6:86:49:
f0:86:ea:21:50:a4:41:e0:2e:24:a6:19:6d:e5:c0:
fd:b9:20:93:79:3a:67:5d:92:15:03:8a:5d:61:e2:
72:3b:42:7e:ea:bd:fe:63:ad:31:c1:c1:11:f0:8d:
64:5a:ee:f5:39:da:68:7f:30:f5:7c:3b:e5:85:de:
7a:35:41:81:7b:70:5c:b0:52:8d:08:60:de:e3:83:
b2:32:33:56:7f:33:c0:e4:14:96:1d:0a:84:fd:e2:
94:98:97:a9:df:60:f3:09:0d:b7:d3:b0:57:6b:20:
82:ab:52:05:26:cd:5d:91:9c:6b:05:a5:e0:4a:50:
fa:7d:8b:7d:a0:e5:f7:47:b7:47:4e:b0:07:38:d6:
ed:d7:97:81:fb:a5:8b:0b:a5:e6:0a:85:79:7a:3b:
a4:f0:67:7a:9e:80:1e:ee:d0:97:6a:d9:67:2a:b0:
f3:ec:3f:00:e6:e5:8a:57:d5:0c:01:af:48:d5:06:
d8:eb:4c:c9:9a:95:56:d4:b2:4b:c3:33:dc:35:49:
9e:06:f0:d3:6f:42:32:0f:08:05:fd:bb:40:54:97:
f0:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:FA:C4:A7:97:35:0F:43:DB:A7:B5:97:3B:69:F5:76:7D:B1:87:DD
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/B38F3DC43FBA11F18AF6A9D5CE1D38B0.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.194.7.0/24
154.194.38.0/24
154.194.83.0-154.194.85.255
154.194.118.0/24
154.195.121.0-154.195.122.255
154.196.84.0/23
Signature Algorithm: sha256WithRSAEncryption
5f:c1:a5:e0:bf:e6:b5:ec:22:8e:2c:9c:c0:eb:1c:58:d3:de:
d2:9d:b8:8e:c1:87:1e:31:9a:e3:62:e1:d2:84:12:d9:c1:75:
58:49:8c:16:4e:d1:b8:a2:a5:7b:ba:d1:75:34:f5:b8:cb:92:
d7:ef:2e:98:84:ef:15:a9:f4:a5:92:2a:65:0e:b9:ee:92:b1:
39:8c:ee:c3:71:64:fc:5f:d7:94:1b:e3:35:3e:7e:e0:b5:ff:
0d:de:f7:c2:5a:ba:6b:6d:ed:bc:f4:ce:c2:af:54:5f:3a:2c:
87:86:20:d4:46:23:ac:80:76:cd:02:88:0e:5e:63:f2:b0:0b:
b1:b4:f2:75:b1:3a:e0:25:69:8b:f0:13:2c:c3:62:0f:9e:1c:
51:e2:a0:e7:f2:cc:2c:dc:2b:a9:6f:b3:61:e9:12:f3:88:8a:
b7:b3:9c:59:4f:9d:1d:85:04:ec:d3:ac:c9:79:e3:e9:7c:8a:
0e:e9:3e:d5:a8:c1:60:db:24:4f:78:3c:d5:33:be:78:e5:b8:
3a:60:82:6c:bc:29:09:07:fb:0f:9b:05:3b:26:2b:af:dd:87:
af:05:84:83:a4:a0:95:89:6d:be:be:b4:83:fc:bd:55:a6:1a:
26:a1:ac:a9:97:b9:a8:86:28:ba:2b:ba:16:8d:79:98:90:51:
12:f7:f5:7d
-----BEGIN CERTIFICATE-----
MIIFsjCCBJqgAwIBAgIDAccbMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjYwNDI0MDg1MDQ5WhcNMjYwNTMxMDg1MDQ5WjAYMRYw
FAYDVQQDEw02OWViMmVlZS02NzUzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA0vz0K8AvtYa0NTHyaPc24pZ9Plb2WY6SXLDnfXbWioNfN0CfD/qFfQSm
hknwhuohUKRB4C4kphlt5cD9uSCTeTpnXZIVA4pdYeJyO0J+6r3+Y60xwcER8I1k
Wu71OdpofzD1fDvlhd56NUGBe3BcsFKNCGDe44OyMjNWfzPA5BSWHQqE/eKUmJep
32DzCQ2307BXayCCq1IFJs1dkZxrBaXgSlD6fYt9oOX3R7dHTrAHONbt15eB+6WL
C6XmCoV5ejuk8Gd6noAe7tCXatlnKrDz7D8A5uWKV9UMAa9I1QbY60zJmpVW1LJL
wzPcNUmeBvDTb0IyDwgF/btAVJfwrQIDAQABo4IC0zCCAs8wHQYDVR0OBBYEFL36
xKeXNQ9D26e1lztp9XZ9sYfdMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9CMzhGM0RDNDNGQkExMUYxOEFGNkE5RDVDRTFEMzhCMC5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sME0GCCsGAQUFBwEHAQH/BD4wPDA6BAIAATA0AwQAmsIHAwQAmsImMAwDBACa
wlMDBAGawlQDBACawnYwDAMEAJrDeQMEAJrDegMEAZrEVDANBgkqhkiG9w0BAQsF
AAOCAQEAX8Gl4L/mtewijiycwOscWNPe0p24jsGHHjGa42Lh0oQS2cF1WEmMFk7R
uKKle7rRdTT1uMuS1+8umITvFan0pZIqZQ657pKxOYzuw3Fk/F/XlBvjNT5+4LX/
Dd73wlq6a23tvPTOwq9UXzosh4Yg1EYjrIB2zQKIDl5j8rALsbTydbE64CVpi/AT
LMNiD54cUeKg5/LMLNwrqW+zYekS84iKt7OcWU+dHYUE7NOsyXnj6XyKDuk+1ajB
YNskT3g81TO+eOW4OmCCbLwpCQf7D5sFOyYrr92HrwWEg6SglYltvr60g/y9VaYa
JqGsqZe5qIYouiu6Fo15mJBREvf1fQ==
-----END CERTIFICATE-----
Generated at Sat May 9 10:59:53 2026 by rpki-client