Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D38CBD5A448C11F1A8FE87B0CE1D38B0.roa
File: D38CBD5A448C11F1A8FE87B0CE1D38B0.roa (raw, json)
Hash identifier: BMk4d1YhkjCb4J1h4lb3ypNNzxfkFMtSjKaMT5auUj0=
Subject key identifier: 3D:83:12:88:22:33:99:E5:D9:D3:E3:DB:38:01:EB:37:E1:DD:6A:1D
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01C82B
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D38CBD5A448C11F1A8FE87B0CE1D38B0.roa
Signing time: Thu 30 Apr 2026 12:05:06 +0000
ROA not before: Thu 30 Apr 2026 12:05:01 +0000
ROA not after: Thu 06 May 2027 12:05:01 +0000
asID: 135600
IP address blocks: 154.81.144.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 11 May 2026 00:07:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 116779 (0x1c82b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Apr 30 12:05:01 2026 GMT
Not After : May 6 12:05:01 2027 GMT
Subject: CN=69f34572-6bf2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:56:f5:f9:68:87:19:6c:31:68:84:2c:c8:10:
a1:63:19:61:5e:46:85:fb:6d:a0:ab:24:71:6f:45:
1c:73:1f:03:c4:7d:70:6b:33:07:52:1e:f4:07:4e:
69:ba:b4:19:e4:34:55:2f:d1:da:9a:92:cd:93:33:
3a:b7:9f:6a:26:ff:39:1c:48:f8:a1:b5:f2:69:52:
35:80:a5:a2:49:52:a6:f0:25:be:90:7e:93:e0:8b:
23:d1:05:a1:1a:04:93:0f:22:ad:43:5f:63:39:a1:
40:f4:4d:81:46:35:39:bb:c7:7b:3d:3e:1f:6f:50:
65:5a:c4:2d:3d:19:a2:b4:17:8c:30:e8:22:9f:bf:
db:fb:9a:aa:22:9d:6d:d9:1b:7f:98:37:65:57:47:
28:b8:7c:77:f2:5e:13:e6:59:b7:01:20:ef:94:68:
e1:a6:1f:a5:ad:69:2e:da:89:92:d0:66:38:0e:02:
5f:b5:d2:f2:54:77:2c:fd:d5:9b:a3:e7:25:e7:fe:
9d:d5:f1:3c:a0:15:3d:a5:72:b4:aa:12:50:9f:59:
8d:19:58:87:37:58:6c:7f:34:fb:80:f4:03:92:a2:
df:e8:fc:cf:15:5c:6c:4c:3c:61:12:c5:d6:8b:ad:
e2:02:a3:2c:ca:e0:e6:f2:df:e1:3d:e8:b1:8e:ff:
a1:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:83:12:88:22:33:99:E5:D9:D3:E3:DB:38:01:EB:37:E1:DD:6A:1D
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D38CBD5A448C11F1A8FE87B0CE1D38B0.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.81.144.0/21
Signature Algorithm: sha256WithRSAEncryption
5b:12:39:72:73:d5:9d:3e:23:ed:29:63:be:d0:85:4c:27:ef:
a4:9c:48:e3:4b:4e:1e:32:f5:ae:32:e4:e5:8e:38:24:19:75:
bb:55:e1:15:0e:3a:f6:43:64:00:72:3d:27:d0:96:ad:0a:f9:
88:db:14:ca:27:5b:66:9f:4b:7b:b5:2e:99:a7:14:4d:9d:8e:
77:d6:c0:63:c7:28:98:4e:28:ec:50:36:75:32:d2:b5:73:fc:
5c:af:10:f6:4c:10:39:da:4a:fa:00:77:a8:22:ff:ef:ce:aa:
3c:b6:ab:33:5a:ce:37:a7:7a:06:62:3b:ff:da:6c:02:d7:d1:
40:f4:dd:6a:77:01:c9:c0:3c:7f:dd:49:f0:df:0a:05:dd:2c:
f7:3e:77:13:c8:9e:e3:ed:7b:b8:fe:8e:d6:4f:e7:8b:b1:9e:
55:7f:2e:4a:31:8f:99:d2:4e:de:07:4e:db:ca:89:0e:c9:3a:
f9:a2:e2:99:19:0c:b6:db:0e:7f:df:12:2b:4e:1d:02:60:22:
b0:46:80:01:2b:e7:07:92:5c:fd:ea:68:22:99:f1:92:29:f9:
73:b2:04:47:23:fb:7c:5f:b0:a8:27:62:3f:bd:9e:95:be:18:
3e:39:d7:84:61:77:97:46:ca:12:7d:3c:59:6f:69:f7:e1:07:
6c:0f:e1:2f
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAcgrMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjYwNDMwMTIwNTAxWhcNMjcwNTA2MTIwNTAxWjAYMRYw
FAYDVQQDEw02OWYzNDU3Mi02YmYyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA51b1+WiHGWwxaIQsyBChYxlhXkaF+22gqyRxb0Uccx8DxH1wazMHUh70
B05purQZ5DRVL9HampLNkzM6t59qJv85HEj4obXyaVI1gKWiSVKm8CW+kH6T4Isj
0QWhGgSTDyKtQ19jOaFA9E2BRjU5u8d7PT4fb1BlWsQtPRmitBeMMOgin7/b+5qq
Ip1t2Rt/mDdlV0couHx38l4T5lm3ASDvlGjhph+lrWku2omS0GY4DgJftdLyVHcs
/dWbo+cl5/6d1fE8oBU9pXK0qhJQn1mNGViHN1hsfzT7gPQDkqLf6PzPFVxsTDxh
EsXWi63iAqMsyuDm8t/hPeixjv+hKwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFD2D
EogiM5nl2dPj2zgB6zfh3WodMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9EMzhDQkQ1QTQ0OEMxMUYxQThGRTg3QjBDRTFEMzhCMC5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDmlGQMA0GCSqGSIb3DQEB
CwUAA4IBAQBbEjlyc9WdPiPtKWO+0IVMJ++knEjjS04eMvWuMuTljjgkGXW7VeEV
Djr2Q2QAcj0n0JatCvmI2xTKJ1tmn0t7tS6ZpxRNnY531sBjxyiYTijsUDZ1MtK1
c/xcrxD2TBA52kr6AHeoIv/vzqo8tqszWs43p3oGYjv/2mwC19FA9N1qdwHJwDx/
3Unw3woF3Sz3PncTyJ7j7Xu4/o7WT+eLsZ5Vfy5KMY+Z0k7eB07byokOyTr5ouKZ
GQy22w5/3xIrTh0CYCKwRoABK+cHklz96mgimfGSKflzsgRHI/t8X7CoJ2I/vZ6V
vhg+OdeEYXeXRsoSfTxZb2n34QdsD+Ev
-----END CERTIFICATE-----
Generated at Sat May 9 11:02:30 2026 by rpki-client