Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/BF7033F8455C11F197E31EA2CE1D38B0.roa
File: BF7033F8455C11F197E31EA2CE1D38B0.roa (raw, json)
Hash identifier: RgrkW7X0iNmP+OjI1uwSqqgIWCIfazljVVWYfjSxWKY=
Subject key identifier: 20:C8:97:34:A1:8A:CD:35:A8:F3:BB:10:C3:33:48:61:D8:9E:CD:7F
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01C897
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/BF7033F8455C11F197E31EA2CE1D38B0.roa
Signing time: Fri 01 May 2026 12:53:28 +0000
ROA not before: Fri 01 May 2026 12:53:23 +0000
ROA not after: Fri 07 May 2027 12:53:23 +0000
asID: 212238
IP address blocks: 154.198.16.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Thu 07 May 2026 00:07:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 116887 (0x1c897)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: May 1 12:53:23 2026 GMT
Not After : May 7 12:53:23 2027 GMT
Subject: CN=69f4a248-e805
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:bc:89:25:a4:1f:49:b5:81:00:60:dd:2c:48:
3b:6c:25:d9:55:a1:be:a8:52:0a:6d:c6:6c:06:01:
1a:0b:81:46:c9:62:c9:61:e0:e7:fe:3e:14:94:f8:
b9:d9:47:6f:f0:b0:5b:df:1a:f9:ab:4d:42:71:c8:
81:5b:28:90:47:63:20:fd:94:0e:c4:ce:c0:db:b8:
ca:94:09:b2:48:ef:fb:b5:8c:16:92:78:a4:bf:86:
15:91:48:7d:7b:8e:6b:a2:fa:14:95:91:c0:f4:90:
59:71:75:f5:39:2c:66:24:c7:bd:b8:fe:7c:a1:00:
58:41:e1:a1:8e:dc:a2:27:4f:a8:72:6c:64:d3:bc:
a5:85:cf:bc:1c:cd:5c:96:c3:a0:73:1b:57:53:b6:
f0:b6:48:e6:25:6d:ec:85:b3:df:1a:d0:0d:0e:21:
8c:62:92:a8:73:a5:88:54:1e:e1:e5:2e:0e:07:91:
66:49:f7:74:cd:74:d6:3d:51:f2:c7:2e:f9:03:4a:
2f:f4:75:32:ec:70:99:08:36:d8:78:9f:aa:85:d0:
fd:65:6e:7e:47:20:fb:66:ea:f9:c9:1c:35:ea:2a:
54:dd:12:b8:bb:7b:d7:32:3c:a6:75:e1:20:b8:0e:
a5:39:19:ce:ea:41:ca:10:24:12:ff:bf:dc:2d:a1:
2a:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:C8:97:34:A1:8A:CD:35:A8:F3:BB:10:C3:33:48:61:D8:9E:CD:7F
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/BF7033F8455C11F197E31EA2CE1D38B0.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.198.16.0/24
Signature Algorithm: sha256WithRSAEncryption
cd:d0:ce:8f:4c:9c:2d:83:4a:fa:67:50:cb:40:51:13:f6:73:
bc:0c:c4:b9:d7:ce:bd:c1:6d:be:60:6c:f4:35:44:2a:11:c6:
40:f2:cd:4e:1f:a8:cb:b6:db:2f:1f:ff:43:be:b6:4d:4f:99:
f0:19:37:24:b4:81:a2:fb:7a:8a:41:fd:38:56:45:c6:92:a6:
25:d0:4e:93:8b:d9:61:5d:7d:21:53:4c:cb:b0:f0:a0:c4:14:
38:50:1f:a3:e0:0c:ad:1d:05:9a:56:c3:79:a7:35:03:f4:a7:
56:62:6a:ef:a0:b3:a1:55:d6:c8:ce:45:8a:e7:ed:b1:05:f0:
c8:9a:90:7b:8f:84:db:c6:20:18:99:f3:a9:73:31:a0:15:a5:
b3:5c:db:3c:3c:3a:82:7a:08:a5:cd:7a:45:b3:60:8a:a7:58:
00:53:db:15:d7:6a:5d:25:44:4a:ff:f9:a8:ce:f5:3d:17:1b:
cc:9a:99:a7:25:bc:10:2d:53:8f:48:da:ef:62:a3:3b:75:2d:
bf:e7:c6:8f:54:ef:af:1d:59:3e:a0:17:af:49:64:53:b1:e4:
e2:d2:a0:07:c8:b9:0d:c6:63:17:a3:cb:8c:a9:2f:bd:0d:7e:
b2:86:f4:d9:69:0d:00:e2:bd:ff:6c:75:df:ad:ea:da:cb:02:
49:fe:05:2b
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAciXMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjYwNTAxMTI1MzIzWhcNMjcwNTA3MTI1MzIzWjAYMRYw
FAYDVQQDEw02OWY0YTI0OC1lODA1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA6ryJJaQfSbWBAGDdLEg7bCXZVaG+qFIKbcZsBgEaC4FGyWLJYeDn/j4U
lPi52Udv8LBb3xr5q01CcciBWyiQR2Mg/ZQOxM7A27jKlAmySO/7tYwWknikv4YV
kUh9e45rovoUlZHA9JBZcXX1OSxmJMe9uP58oQBYQeGhjtyiJ0+ocmxk07ylhc+8
HM1clsOgcxtXU7bwtkjmJW3shbPfGtANDiGMYpKoc6WIVB7h5S4OB5FmSfd0zXTW
PVHyxy75A0ov9HUy7HCZCDbYeJ+qhdD9ZW5+RyD7Zur5yRw16ipU3RK4u3vXMjym
deEguA6lORnO6kHKECQS/7/cLaEqBwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFCDI
lzShis01qPO7EMMzSGHYns1/MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9CRjcwMzNGODQ1NUMxMUYxOTdFMzFFQTJDRTFEMzhCMC5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmsYQMA0GCSqGSIb3DQEB
CwUAA4IBAQDN0M6PTJwtg0r6Z1DLQFET9nO8DMS51869wW2+YGz0NUQqEcZA8s1O
H6jLttsvH/9DvrZNT5nwGTcktIGi+3qKQf04VkXGkqYl0E6Ti9lhXX0hU0zLsPCg
xBQ4UB+j4AytHQWaVsN5pzUD9KdWYmrvoLOhVdbIzkWK5+2xBfDImpB7j4TbxiAY
mfOpczGgFaWzXNs8PDqCegilzXpFs2CKp1gAU9sV12pdJURK//mozvU9FxvMmpmn
JbwQLVOPSNrvYqM7dS2/58aPVO+vHVk+oBevSWRTseTi0qAHyLkNxmMXo8uMqS+9
DX6yhvTZaQ0A4r3/bHXfreraywJJ/gUr
-----END CERTIFICATE-----
Generated at Tue May 5 23:15:53 2026 by rpki-client