Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D0002520447111F19597210FCF1D38B0.roa
File: D0002520447111F19597210FCF1D38B0.roa (raw, json)
Hash identifier: 6A7Up8zc4UM2qFDtKdcmxYI1HS9ri4gGhEUSFPPT/xI=
Subject key identifier: 7F:F3:F2:E8:8A:D6:8A:91:7B:52:01:2E:68:4F:3D:8D:A4:C5:37:6D
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01C80B
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D0002520447111F19597210FCF1D38B0.roa
Signing time: Thu 30 Apr 2026 08:51:44 +0000
ROA not before: Thu 30 Apr 2026 08:51:39 +0000
ROA not after: Fri 27 Apr 2029 08:51:39 +0000
asID: 17561
IP address blocks: 154.90.28.0/24 maxlen: 24
154.90.29.0/24 maxlen: 24
154.90.30.0/24 maxlen: 24
154.90.31.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 11 May 2026 00:07:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 116747 (0x1c80b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Apr 30 08:51:39 2026 GMT
Not After : Apr 27 08:51:39 2029 GMT
Subject: CN=69f31820-d487
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f0:09:3c:94:89:3d:eb:69:3f:be:6b:9c:5e:c8:
9d:89:9a:44:84:19:56:0a:4c:53:b3:88:60:c1:91:
d1:70:96:2c:01:56:f3:4c:ba:71:f6:0a:60:86:d6:
90:13:a1:75:a7:6c:06:46:58:3e:ac:c4:ef:f6:86:
33:22:e4:0e:b4:cc:45:5f:21:5a:c0:e9:3c:91:ce:
8c:1f:b8:45:55:49:2c:74:f6:94:84:4e:84:d7:ea:
d1:cb:7b:a8:5a:a4:da:67:69:c5:8f:d4:90:78:27:
23:76:a7:5e:31:8b:ec:8e:28:1f:10:a4:04:14:19:
9e:86:db:93:31:1f:42:fa:a4:04:56:e8:1b:33:cf:
c0:67:cd:c7:ab:74:98:94:18:56:dd:1b:7a:7c:3b:
75:87:eb:2c:9a:45:f5:0f:2a:77:8c:cf:78:e1:83:
8d:11:cf:5d:00:f7:21:34:20:f6:01:1a:70:99:8e:
01:f5:c4:5f:4b:32:dd:18:f6:af:98:93:ae:c7:f5:
31:06:a2:3f:68:85:c0:a4:55:d9:85:79:21:2f:49:
8a:c3:2f:10:9d:19:ab:68:d8:d9:b7:ab:c5:8e:81:
e7:f5:0a:03:97:df:96:de:7b:78:2c:d8:c7:74:8c:
b8:2e:20:5e:ff:01:b0:97:4f:53:6e:51:49:d1:bb:
98:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:F3:F2:E8:8A:D6:8A:91:7B:52:01:2E:68:4F:3D:8D:A4:C5:37:6D
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D0002520447111F19597210FCF1D38B0.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.90.28.0/22
Signature Algorithm: sha256WithRSAEncryption
02:89:e8:56:f9:ec:4c:11:53:8f:ba:cc:ad:98:fa:36:0e:88:
fd:ec:4b:6b:e1:7c:15:79:3c:87:30:4a:56:54:ae:d8:32:cf:
17:64:e3:37:cb:78:91:12:ae:d8:cb:dd:2b:de:d2:a6:44:50:
54:ec:4f:98:7f:1c:82:6f:4b:4d:c5:64:97:ca:36:06:a3:ef:
d7:87:14:ea:12:fd:46:a7:b5:09:c7:00:11:d9:91:3b:ef:4e:
cc:52:d0:3a:31:24:a7:34:81:07:ea:ff:a0:3d:c7:ad:fa:68:
2b:5a:83:c4:ce:f7:09:a3:3f:49:bf:4a:91:3e:28:42:16:c5:
33:dc:29:f5:11:95:b3:a7:85:cb:4f:4d:69:af:b9:89:8b:92:
f1:77:59:e9:1e:1d:94:9a:da:39:46:ea:6c:50:7a:83:d6:23:
fb:2c:cb:dd:43:8a:69:38:17:57:b3:e0:b6:a0:e2:75:e2:7d:
40:a5:96:fa:4c:06:c2:f5:8d:8a:61:59:90:b8:2d:59:76:91:
b1:7b:9b:75:52:ac:db:c6:bf:75:f7:3b:da:72:1e:78:a9:d7:
91:32:d1:ed:56:43:e0:fe:df:54:a3:0c:17:c7:9c:00:d1:93:
b3:51:e7:2d:16:d4:28:f1:c3:7f:fd:e9:09:44:89:44:24:b5:
ec:59:13:49
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAcgLMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjYwNDMwMDg1MTM5WhcNMjkwNDI3MDg1MTM5WjAYMRYw
FAYDVQQDEw02OWYzMTgyMC1kNDg3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA8Ak8lIk962k/vmucXsidiZpEhBlWCkxTs4hgwZHRcJYsAVbzTLpx9gpg
htaQE6F1p2wGRlg+rMTv9oYzIuQOtMxFXyFawOk8kc6MH7hFVUksdPaUhE6E1+rR
y3uoWqTaZ2nFj9SQeCcjdqdeMYvsjigfEKQEFBmehtuTMR9C+qQEVugbM8/AZ83H
q3SYlBhW3Rt6fDt1h+ssmkX1Dyp3jM944YONEc9dAPchNCD2ARpwmY4B9cRfSzLd
GPavmJOux/UxBqI/aIXApFXZhXkhL0mKwy8QnRmraNjZt6vFjoHn9QoDl9+W3nt4
LNjHdIy4LiBe/wGwl09TblFJ0buYawIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFH/z
8uiK1oqRe1IBLmhPPY2kxTdtMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9EMDAwMjUyMDQ0NzExMUYxOTU5NzIxMEZDRjFEMzhCMC5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCmlocMA0GCSqGSIb3DQEB
CwUAA4IBAQACiehW+exMEVOPusytmPo2Doj97Etr4XwVeTyHMEpWVK7YMs8XZOM3
y3iREq7Yy90r3tKmRFBU7E+YfxyCb0tNxWSXyjYGo+/XhxTqEv1Gp7UJxwAR2ZE7
707MUtA6MSSnNIEH6v+gPcet+mgrWoPEzvcJoz9Jv0qRPihCFsUz3Cn1EZWzp4XL
T01pr7mJi5Lxd1npHh2Umto5RupsUHqD1iP7LMvdQ4ppOBdXs+C2oOJ14n1ApZb6
TAbC9Y2KYVmQuC1ZdpGxe5t1Uqzbxr919zvach54qdeRMtHtVkPg/t9UowwXx5wA
0ZOzUectFtQo8cN//ekJRIlEJLXsWRNJ
-----END CERTIFICATE-----
Generated at Sat May 9 11:02:44 2026 by rpki-client