Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/BE5E2F2C488811F1BB4E84E9CE1D38B0.roa
File: BE5E2F2C488811F1BB4E84E9CE1D38B0.roa (raw, json)
Hash identifier: NnF/pi6gNFFVm8nORpKIzq5+gIOXE6DEfLnDE0tV5uI=
Subject key identifier: 49:88:50:54:A3:32:AD:3A:EE:0F:C6:F3:39:26:62:54:E3:47:44:DD
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01C95C
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/BE5E2F2C488811F1BB4E84E9CE1D38B0.roa
Signing time: Tue 05 May 2026 13:45:57 +0000
ROA not before: Tue 05 May 2026 13:45:53 +0000
ROA not after: Sat 13 Jun 2026 13:45:53 +0000
asID: 200758
IP address blocks: 154.84.154.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 11 May 2026 00:07:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 117084 (0x1c95c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: May 5 13:45:53 2026 GMT
Not After : Jun 13 13:45:53 2026 GMT
Subject: CN=69f9f495-21c2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:e5:12:c8:f5:1c:1e:5c:ad:af:64:97:fd:0b:
dc:b8:53:e7:d1:e8:3c:84:25:6f:d8:b7:33:97:52:
42:aa:a7:88:95:8a:45:64:43:55:85:81:5b:7b:e1:
f7:eb:34:67:7b:86:e8:90:83:42:20:61:86:a5:18:
15:7f:54:ac:08:38:12:09:4b:9f:86:68:05:02:1b:
79:c6:c0:f1:71:f8:fa:94:a1:60:48:2b:1f:88:da:
67:1f:ff:88:64:c8:ba:9b:c0:17:02:2c:06:05:30:
eb:43:60:aa:31:d4:f1:22:73:a2:0f:2a:b4:be:9f:
f0:67:31:b1:06:57:7b:da:c7:0f:08:33:e5:ce:a5:
0d:d5:28:6f:fb:26:62:b3:ce:76:1a:41:6c:df:12:
f4:9b:ed:66:22:52:97:df:40:be:7b:98:20:b1:44:
ad:e0:d9:d9:7d:15:26:e7:6d:72:60:46:f0:f0:c2:
46:2f:9b:ab:55:6c:d2:fd:90:2e:44:9c:63:a8:06:
e5:21:75:28:fd:bf:f8:96:a1:49:c5:48:f6:c5:c2:
d2:e2:d8:9d:5a:16:c2:77:56:97:fc:6e:83:a5:4c:
2f:23:44:65:ba:ec:9e:02:de:07:59:31:ff:cc:19:
71:da:84:ee:7c:c1:4b:b4:de:88:03:08:06:12:dd:
e7:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:88:50:54:A3:32:AD:3A:EE:0F:C6:F3:39:26:62:54:E3:47:44:DD
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/BE5E2F2C488811F1BB4E84E9CE1D38B0.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.84.154.0/24
Signature Algorithm: sha256WithRSAEncryption
74:10:72:30:13:51:30:bb:00:d6:36:97:39:8f:e7:95:21:a6:
7a:b8:f5:95:1b:2f:b4:c9:1c:b2:c6:4d:3c:94:fc:0a:c7:fa:
0f:84:a3:4a:18:26:ca:20:57:56:f9:e9:24:91:3c:4a:ce:1c:
dd:07:d3:dd:fa:d0:5a:4c:25:3a:d6:57:2e:26:b0:a8:f6:39:
44:51:dd:46:0b:8d:88:82:67:f2:a9:43:c7:5b:90:a5:3a:bd:
aa:c8:cc:43:2e:31:70:c7:64:b7:62:67:38:1c:b5:dc:ed:2f:
45:d6:eb:b4:aa:4c:5c:18:31:50:64:76:47:76:00:24:45:81:
c5:cf:83:a7:71:ae:c5:3c:e2:b5:27:02:04:01:73:30:e4:b9:
cf:42:7a:49:52:0e:ae:c6:79:b9:ff:af:ec:ba:d2:d3:cd:10:
87:d2:f7:2d:d4:ae:12:e6:9d:7f:66:19:95:30:9c:f3:23:a3:
b2:50:c7:4a:f8:c3:23:ca:56:a0:07:dc:b4:95:b0:ec:4e:0b:
8a:e4:a7:51:7c:4c:44:ec:50:69:8c:ad:80:8f:3d:17:df:9b:
e3:0a:17:61:ae:cc:af:ba:ba:22:e8:59:32:fd:64:7c:14:26:
f6:b4:c8:05:ca:44:d7:39:a8:ee:f6:0e:bf:8d:a6:b6:81:18:
df:4e:8e:4a
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAclcMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjYwNTA1MTM0NTUzWhcNMjYwNjEzMTM0NTUzWjAYMRYw
FAYDVQQDEw02OWY5ZjQ5NS0yMWMyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA7OUSyPUcHlytr2SX/QvcuFPn0eg8hCVv2Lczl1JCqqeIlYpFZENVhYFb
e+H36zRne4bokINCIGGGpRgVf1SsCDgSCUufhmgFAht5xsDxcfj6lKFgSCsfiNpn
H/+IZMi6m8AXAiwGBTDrQ2CqMdTxInOiDyq0vp/wZzGxBld72scPCDPlzqUN1Shv
+yZis852GkFs3xL0m+1mIlKX30C+e5ggsUSt4NnZfRUm521yYEbw8MJGL5urVWzS
/ZAuRJxjqAblIXUo/b/4lqFJxUj2xcLS4tidWhbCd1aX/G6DpUwvI0RluuyeAt4H
WTH/zBlx2oTufMFLtN6IAwgGEt3n3QIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFEmI
UFSjMq067g/G8zkmYlTjR0TdMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9CRTVFMkYyQzQ4ODgxMUYxQkI0RTg0RTlDRTFEMzhCMC5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmlSaMA0GCSqGSIb3DQEB
CwUAA4IBAQB0EHIwE1EwuwDWNpc5j+eVIaZ6uPWVGy+0yRyyxk08lPwKx/oPhKNK
GCbKIFdW+ekkkTxKzhzdB9Pd+tBaTCU61lcuJrCo9jlEUd1GC42IgmfyqUPHW5Cl
Or2qyMxDLjFwx2S3Ymc4HLXc7S9F1uu0qkxcGDFQZHZHdgAkRYHFz4Onca7FPOK1
JwIEAXMw5LnPQnpJUg6uxnm5/6/sutLTzRCH0vct1K4S5p1/ZhmVMJzzI6OyUMdK
+MMjylagB9y0lbDsTguK5KdRfExE7FBpjK2Ajz0X35vjChdhrsyvuroi6Fky/WR8
FCb2tMgFykTXOaju9g6/jaa2gRjfTo5K
-----END CERTIFICATE-----
Generated at Sat May 9 11:02:33 2026 by rpki-client