Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/B88339804B8011F1ABFEB801CF1D38B0.roa
File: B88339804B8011F1ABFEB801CF1D38B0.roa (raw, json)
Hash identifier: WUxiyoAkekSlRx5gmWhV3mLORWknej4x9c3ObYJ63kU=
Subject key identifier: DA:93:4F:23:B7:45:35:D0:CF:5C:1C:8D:C2:5D:C4:25:96:4A:62:FA
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01CA94
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/B88339804B8011F1ABFEB801CF1D38B0.roa
Signing time: Sat 09 May 2026 08:26:05 +0000
ROA not before: Sat 09 May 2026 08:25:59 +0000
ROA not after: Sat 15 Aug 2026 08:25:59 +0000
asID: 139871
IP address blocks: 154.197.109.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 11 May 2026 00:07:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 117396 (0x1ca94)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: May 9 08:25:59 2026 GMT
Not After : Aug 15 08:25:59 2026 GMT
Subject: CN=69feef9d-275d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:98:3d:c2:31:01:83:61:dc:61:69:c1:6c:83:
88:08:72:e2:ad:10:8e:1f:50:dc:ba:3f:11:b6:b1:
69:9c:3b:6e:ef:c4:30:43:96:c9:80:c1:8f:ae:87:
47:9d:f8:dd:bc:a5:b9:48:ec:f2:a7:22:49:b6:f6:
31:65:58:9a:cc:19:e5:1d:8b:c8:7a:b8:65:75:79:
77:68:bf:ab:9a:fb:c7:06:84:cb:bc:74:42:42:4e:
53:bc:12:c6:5a:1e:45:98:42:49:0e:2b:62:14:32:
6a:0f:1a:65:50:9d:79:b7:fb:e9:d0:c9:db:cb:02:
b8:b5:4e:24:dc:e7:93:74:97:aa:7f:bd:c6:39:ef:
a4:d7:30:94:61:42:e5:a1:38:94:4c:73:c6:e1:63:
10:84:30:88:60:f5:5c:7d:51:24:61:b1:ae:69:9d:
b4:86:91:e1:ea:6e:dc:64:00:13:c6:c0:e7:42:9d:
1e:88:e7:b7:91:19:34:f0:09:56:14:f1:b0:56:10:
80:c4:1f:90:95:7a:0a:9a:ea:00:37:ca:18:56:57:
c0:b5:dd:dd:d2:db:61:e0:c2:36:0f:51:5f:e3:87:
62:09:c0:f4:90:56:16:03:bc:81:40:f6:9a:7b:33:
39:54:4c:3c:31:3a:c4:e8:64:4b:6c:77:56:81:e6:
70:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:93:4F:23:B7:45:35:D0:CF:5C:1C:8D:C2:5D:C4:25:96:4A:62:FA
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/B88339804B8011F1ABFEB801CF1D38B0.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.197.109.0/24
Signature Algorithm: sha256WithRSAEncryption
9d:32:2c:a9:ca:bb:af:e8:b8:a7:f2:e6:83:3e:6a:4d:b0:ba:
c0:10:c8:8d:e2:5f:22:90:b4:8b:00:3a:ea:b5:c0:44:be:30:
85:e4:5a:9d:6d:d5:0d:0e:61:a3:c5:c8:86:be:77:ce:2f:6c:
35:72:9c:73:e8:03:5c:4a:8b:91:7c:c5:ef:ab:46:e5:94:a7:
ff:f6:87:a3:f2:71:cb:a7:d2:0c:1d:f4:63:e2:b3:73:68:78:
35:fe:91:bf:9e:e8:a3:35:57:d7:8c:3e:7a:4a:f6:02:83:45:
fe:45:66:e5:62:f2:13:43:de:d7:b4:84:8d:98:2f:73:16:7c:
d9:4f:ed:9a:02:be:e4:33:64:c2:23:39:b1:bb:f0:9e:42:23:
87:13:10:4d:8d:f6:ec:d3:25:b9:f4:6d:40:ff:87:3d:83:04:
65:1f:7e:38:ff:60:35:c2:32:56:27:4c:94:25:19:2c:46:e1:
65:ad:d6:c6:e8:1d:8f:e0:43:4c:53:56:bf:37:02:d1:7a:f2:
03:e1:35:44:b1:9b:39:0b:f8:ec:5c:23:65:a9:1f:57:d5:20:
7a:32:e6:c8:90:72:2f:ea:fb:b8:a7:f4:dd:8e:78:f5:b7:29:
f0:0d:43:ff:f0:49:1e:81:19:1c:c1:b3:f1:64:8c:10:88:a1:
0c:7b:15:68
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAcqUMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjYwNTA5MDgyNTU5WhcNMjYwODE1MDgyNTU5WjAYMRYw
FAYDVQQDEw02OWZlZWY5ZC0yNzVkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA1Jg9wjEBg2HcYWnBbIOICHLirRCOH1Dcuj8RtrFpnDtu78QwQ5bJgMGP
rodHnfjdvKW5SOzypyJJtvYxZViazBnlHYvIerhldXl3aL+rmvvHBoTLvHRCQk5T
vBLGWh5FmEJJDitiFDJqDxplUJ15t/vp0MnbywK4tU4k3OeTdJeqf73GOe+k1zCU
YULloTiUTHPG4WMQhDCIYPVcfVEkYbGuaZ20hpHh6m7cZAATxsDnQp0eiOe3kRk0
8AlWFPGwVhCAxB+QlXoKmuoAN8oYVlfAtd3d0tth4MI2D1Ff44diCcD0kFYWA7yB
QPaaezM5VEw8MTrE6GRLbHdWgeZwaQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFNqT
TyO3RTXQz1wcjcJdxCWWSmL6MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9CODgzMzk4MDRCODAxMUYxQUJGRUI4MDFDRjFEMzhCMC5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmsVtMA0GCSqGSIb3DQEB
CwUAA4IBAQCdMiypyruv6Lin8uaDPmpNsLrAEMiN4l8ikLSLADrqtcBEvjCF5Fqd
bdUNDmGjxciGvnfOL2w1cpxz6ANcSouRfMXvq0bllKf/9oej8nHLp9IMHfRj4rNz
aHg1/pG/nuijNVfXjD56SvYCg0X+RWblYvITQ97XtISNmC9zFnzZT+2aAr7kM2TC
Izmxu/CeQiOHExBNjfbs0yW59G1A/4c9gwRlH344/2A1wjJWJ0yUJRksRuFlrdbG
6B2P4ENMU1a/NwLRevID4TVEsZs5C/jsXCNlqR9X1SB6MubIkHIv6vu4p/Tdjnj1
tynwDUP/8EkegRkcwbPxZIwQiKEMexVo
-----END CERTIFICATE-----
Generated at Sat May 9 11:04:00 2026 by rpki-client