Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/CF9099EC460811F1BB830CBFCE1D38B0.roa
File: CF9099EC460811F1BB830CBFCE1D38B0.roa (raw, json)
Hash identifier: QQXVSNUy2Boz0fRVlyl8NjugFTqjxVsDfj+mFts4fJA=
Subject key identifier: 7F:50:CA:23:1B:8C:18:FD:78:FB:F8:39:73:B6:10:3E:33:BB:23:09
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01C91F
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/CF9099EC460811F1BB830CBFCE1D38B0.roa
Signing time: Sat 02 May 2026 09:25:08 +0000
ROA not before: Sat 02 May 2026 09:25:03 +0000
ROA not after: Tue 09 Jun 2026 09:25:03 +0000
asID: 140666
IP address blocks: 154.95.72.0/22 maxlen: 24
154.95.96.0/22 maxlen: 24
154.95.100.0/22 maxlen: 24
154.95.104.0/22 maxlen: 24
154.95.108.0/22 maxlen: 24
154.95.112.0/22 maxlen: 24
154.95.116.0/22 maxlen: 24
154.95.120.0/23 maxlen: 24
154.95.124.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 11 May 2026 00:07:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 117023 (0x1c91f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: May 2 09:25:03 2026 GMT
Not After : Jun 9 09:25:03 2026 GMT
Subject: CN=69f5c2f4-9484
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:fb:87:c0:7d:fe:5a:1d:31:a3:a6:64:4d:7a:
45:b7:65:f5:1d:df:9e:67:08:b3:83:bf:ca:90:51:
cd:cd:1b:e7:fd:48:4b:10:69:e6:8b:f9:1d:9a:3e:
7c:cb:b1:bf:fb:11:bd:57:7b:72:23:f0:fd:20:36:
fb:de:bc:15:7b:1b:b6:f9:fc:8c:22:7f:b7:87:60:
ef:e7:41:57:87:3b:47:03:33:b4:83:ef:a7:20:e7:
e4:cf:87:da:1f:33:b0:59:09:05:82:15:f7:82:79:
a2:b5:64:02:de:90:51:ae:0f:5d:6a:cf:0a:92:37:
78:5e:f0:a2:7c:1b:32:80:64:f5:1f:4f:3d:fe:84:
c3:37:ab:43:30:02:77:9a:bb:b4:b9:51:5c:e7:e7:
1f:7d:e8:08:ef:6e:48:6a:a4:c1:87:32:2e:54:73:
6c:8f:79:a5:90:cb:a6:c3:2a:54:38:5b:9e:9f:cd:
9f:38:70:91:94:ed:de:15:68:3b:16:b9:d2:95:32:
04:87:55:12:8f:2e:c6:54:68:5d:31:fd:c2:19:8c:
8b:33:75:2e:89:1e:dd:a6:44:5e:d0:b1:d3:09:46:
75:37:75:e3:5c:18:71:5b:44:3f:7d:e9:1a:ff:0d:
bb:1f:d1:23:6b:4e:76:99:47:23:4a:b3:7e:56:b0:
dc:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:50:CA:23:1B:8C:18:FD:78:FB:F8:39:73:B6:10:3E:33:BB:23:09
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/CF9099EC460811F1BB830CBFCE1D38B0.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.95.72.0/22
154.95.96.0-154.95.121.255
154.95.124.0/24
Signature Algorithm: sha256WithRSAEncryption
89:66:58:b6:c6:5f:26:a0:b4:7b:c1:9e:2e:c6:85:2f:38:d7:
05:ae:9e:dd:03:d1:47:2c:54:3a:1a:56:63:dd:a5:da:5a:c1:
53:8e:7e:e9:c0:a1:8b:f5:f2:eb:65:10:fb:7d:d4:12:57:79:
00:a6:9b:9f:72:bb:88:2a:5b:81:f4:c5:0e:60:bb:da:f6:9e:
16:6b:14:55:8b:c4:fd:d8:13:e3:e6:ed:93:b2:f8:d3:1d:56:
28:3c:02:0a:bc:fa:5b:28:4e:ff:7c:05:84:a9:22:0f:1b:6d:
08:38:99:84:de:51:3b:49:a9:7f:55:20:30:63:57:64:fb:0c:
6c:d6:c9:d5:40:4b:e7:68:0c:05:c8:72:b7:a3:c7:2e:d5:1d:
72:69:4a:ae:3b:c5:4e:90:7c:17:c4:01:61:c4:9d:00:5a:b9:
28:6a:b3:0d:72:1f:66:91:87:6f:d0:74:2d:d5:47:12:df:1a:
9b:bc:4e:32:fd:5a:81:b5:75:66:44:13:06:99:cd:11:63:3c:
40:af:0e:1a:db:05:c5:c3:8f:64:0e:3e:ef:0f:ff:fb:0f:70:
2e:3d:1e:91:06:7e:36:42:1d:48:f9:f9:2a:93:c5:b1:94:4f:
e3:02:f9:9a:9a:32:17:71:d2:22:7a:57:04:5e:4a:43:75:23:
76:55:8b:f2
-----BEGIN CERTIFICATE-----
MIIFmDCCBICgAwIBAgIDAckfMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjYwNTAyMDkyNTAzWhcNMjYwNjA5MDkyNTAzWjAYMRYw
FAYDVQQDEw02OWY1YzJmNC05NDg0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAufuHwH3+Wh0xo6ZkTXpFt2X1Hd+eZwizg7/KkFHNzRvn/UhLEGnmi/kd
mj58y7G/+xG9V3tyI/D9IDb73rwVexu2+fyMIn+3h2Dv50FXhztHAzO0g++nIOfk
z4faHzOwWQkFghX3gnmitWQC3pBRrg9das8Kkjd4XvCifBsygGT1H089/oTDN6tD
MAJ3mru0uVFc5+cffegI725IaqTBhzIuVHNsj3mlkMumwypUOFuen82fOHCRlO3e
FWg7FrnSlTIEh1USjy7GVGhdMf3CGYyLM3UuiR7dpkRe0LHTCUZ1N3XjXBhxW0Q/
feka/w27H9Eja052mUcjSrN+VrDcrwIDAQABo4ICuTCCArUwHQYDVR0OBBYEFH9Q
yiMbjBj9ePv4OXO2ED4zuyMJMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9DRjkwOTlFQzQ2MDgxMUYxQkI4MzBDQkZDRTFEMzhCMC5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQCml9IMAwDBAWaX2ADBAGa
X3gDBACaX3wwDQYJKoZIhvcNAQELBQADggEBAIlmWLbGXyagtHvBni7GhS841wWu
nt0D0UcsVDoaVmPdpdpawVOOfunAoYv18utlEPt91BJXeQCmm59yu4gqW4H0xQ5g
u9r2nhZrFFWLxP3YE+Pm7ZOy+NMdVig8Agq8+lsoTv98BYSpIg8bbQg4mYTeUTtJ
qX9VIDBjV2T7DGzWydVAS+doDAXIcrejxy7VHXJpSq47xU6QfBfEAWHEnQBauShq
sw1yH2aRh2/QdC3VRxLfGpu8TjL9WoG1dWZEEwaZzRFjPECvDhrbBcXDj2QOPu8P
//sPcC49HpEGfjZCHUj5+SqTxbGUT+MC+ZqaMhdx0iJ6VwReSkN1I3ZVi/I=
-----END CERTIFICATE-----
Generated at Sat May 9 11:01:03 2026 by rpki-client