Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/CD82CB5A3FAC11F1877E9A00CF1D38B0.roa
File: CD82CB5A3FAC11F1877E9A00CF1D38B0.roa (raw, json)
Hash identifier: IPZ3ZkDanbR/AYXB9OB0oIINDIycMBFapz0Mq9+LXCs=
Subject key identifier: 04:A4:4E:EF:A3:12:D2:6D:63:92:12:D1:F7:03:6B:16:CD:EE:D8:F0
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01C6F2
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/CD82CB5A3FAC11F1877E9A00CF1D38B0.roa
Signing time: Fri 24 Apr 2026 07:11:24 +0000
ROA not before: Fri 24 Apr 2026 07:11:19 +0000
ROA not after: Sat 30 May 2026 07:11:19 +0000
asID: 401696
IP address blocks: 154.201.64.0/19 maxlen: 24
154.201.94.0/23 maxlen: 24
154.201.94.0/24 maxlen: 24
154.201.95.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 11 May 2026 00:07:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 116466 (0x1c6f2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Apr 24 07:11:19 2026 GMT
Not After : May 30 07:11:19 2026 GMT
Subject: CN=69eb179c-9a51
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:3a:9e:11:e6:ee:9f:99:89:16:98:b4:f3:0f:
39:08:35:0a:c8:b0:f1:c7:e9:d3:ad:51:ee:c3:90:
49:a0:38:fb:69:47:27:b0:38:bf:23:38:37:94:6e:
7e:93:54:0b:45:0c:c8:79:76:11:1c:94:ad:6b:b9:
cc:d0:42:d0:09:83:7d:83:44:ad:88:00:7f:df:c5:
64:a1:ba:c1:8b:6d:60:ac:ca:fc:a9:d6:fa:eb:50:
8f:d6:80:a6:73:3b:c9:75:7e:20:65:7d:4d:27:d4:
4b:ee:26:a6:72:38:10:da:01:d3:7d:44:f2:05:16:
a5:00:0d:cf:a6:00:4f:21:8d:65:e6:2e:07:a3:10:
41:f7:30:77:12:c5:cb:a8:67:d8:a8:64:17:52:47:
98:43:61:c5:5d:cf:a3:2d:81:3e:a7:b5:df:24:6e:
f6:e6:71:8c:01:a2:d7:44:33:55:17:5b:f1:a4:f6:
97:32:5c:e4:bb:e9:25:eb:1e:c1:07:b5:6b:a2:b7:
ec:81:50:56:ba:ed:6c:21:98:00:26:ee:0d:05:fd:
9e:95:a3:ef:fb:cd:de:71:16:1b:c5:c3:d2:6a:08:
79:2b:b1:ea:29:25:cc:1f:3a:bb:04:ab:59:fc:eb:
90:37:f7:2f:b7:da:49:45:42:5b:5f:fb:0a:d6:61:
06:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:A4:4E:EF:A3:12:D2:6D:63:92:12:D1:F7:03:6B:16:CD:EE:D8:F0
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/CD82CB5A3FAC11F1877E9A00CF1D38B0.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.201.64.0/19
Signature Algorithm: sha256WithRSAEncryption
46:2b:c9:8b:69:5c:46:fd:43:5e:1a:5b:d5:f0:c8:44:90:a0:
3b:ad:09:15:c8:5d:21:2e:43:a2:08:ad:28:25:99:01:d8:fe:
06:e0:67:9a:38:29:19:74:9e:a8:b4:db:ff:b2:88:0f:a1:a2:
ef:f6:18:28:e9:04:08:37:23:ad:71:a8:04:e8:88:97:eb:0d:
22:30:7f:59:0d:43:69:c4:77:9b:3c:cd:08:6e:d7:98:12:63:
0c:dc:28:e9:dd:f3:22:36:e7:69:f5:38:24:a6:0d:6d:7c:14:
de:30:55:02:f8:2f:df:66:73:a3:33:b5:46:47:4c:4a:e6:a2:
ae:7b:be:03:16:32:74:76:7e:35:18:ed:44:be:43:7c:a5:27:
ac:94:32:47:88:67:ec:e7:35:a9:23:ba:d7:09:43:3f:19:db:
92:8f:73:b3:29:f2:5d:1a:66:e5:3a:8b:1f:37:b1:67:5b:f9:
fe:45:e1:19:9a:ca:3d:38:66:a8:57:06:64:2a:78:5c:c8:e7:
30:16:13:b8:54:c2:2e:1b:ec:a8:54:8c:f2:d0:80:ba:e4:b4:
8d:c9:fd:d0:16:6e:96:b3:0f:1a:fa:93:ca:37:21:de:f5:33:
4e:43:38:64:59:66:97:3c:9f:6b:54:75:e9:06:c7:7a:89:74:
50:03:cd:65
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAcbyMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjYwNDI0MDcxMTE5WhcNMjYwNTMwMDcxMTE5WjAYMRYw
FAYDVQQDEw02OWViMTc5Yy05YTUxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAwDqeEebun5mJFpi08w85CDUKyLDxx+nTrVHuw5BJoDj7aUcnsDi/Izg3
lG5+k1QLRQzIeXYRHJSta7nM0ELQCYN9g0StiAB/38VkobrBi21grMr8qdb661CP
1oCmczvJdX4gZX1NJ9RL7iamcjgQ2gHTfUTyBRalAA3PpgBPIY1l5i4HoxBB9zB3
EsXLqGfYqGQXUkeYQ2HFXc+jLYE+p7XfJG725nGMAaLXRDNVF1vxpPaXMlzku+kl
6x7BB7VrorfsgVBWuu1sIZgAJu4NBf2elaPv+83ecRYbxcPSagh5K7HqKSXMHzq7
BKtZ/OuQN/cvt9pJRUJbX/sK1mEG0wIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFASk
Tu+jEtJtY5IS0fcDaxbN7tjwMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9DRDgyQ0I1QTNGQUMxMUYxODc3RTlBMDBDRjFEMzhCMC5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQFmslAMA0GCSqGSIb3DQEB
CwUAA4IBAQBGK8mLaVxG/UNeGlvV8MhEkKA7rQkVyF0hLkOiCK0oJZkB2P4G4Gea
OCkZdJ6otNv/sogPoaLv9hgo6QQINyOtcagE6IiX6w0iMH9ZDUNpxHebPM0IbteY
EmMM3Cjp3fMiNudp9Tgkpg1tfBTeMFUC+C/fZnOjM7VGR0xK5qKue74DFjJ0dn41
GO1EvkN8pSeslDJHiGfs5zWpI7rXCUM/GduSj3OzKfJdGmblOosfN7FnW/n+ReEZ
mso9OGaoVwZkKnhcyOcwFhO4VMIuG+yoVIzy0IC65LSNyf3QFm6Wsw8a+pPKNyHe
9TNOQzhkWWaXPJ9rVHXpBsd6iXRQA81l
-----END CERTIFICATE-----
Generated at Sat May 9 11:00:44 2026 by rpki-client