Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D4AA15964A7911F1B758BFB0CE1D38B0.roa
File: D4AA15964A7911F1B758BFB0CE1D38B0.roa (raw, json)
Hash identifier: 6xJyNtM7jx8ALIfGq6oniiHB2T0ICB/ZXcyLC0KpoIs=
Subject key identifier: B6:AC:19:08:33:90:BE:71:41:3A:23:7B:09:C8:F9:1E:D2:E0:BE:75
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01CA0E
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D4AA15964A7911F1B758BFB0CE1D38B0.roa
Signing time: Fri 08 May 2026 01:04:15 +0000
ROA not before: Fri 08 May 2026 01:04:10 +0000
ROA not after: Sun 21 Jun 2026 01:04:10 +0000
asID: 2914
IP address blocks: 154.197.12.0/22 maxlen: 24
154.222.74.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 11 May 2026 00:07:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 117262 (0x1ca0e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: May 8 01:04:10 2026 GMT
Not After : Jun 21 01:04:10 2026 GMT
Subject: CN=69fd368f-bfa1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:9e:af:fe:e5:3f:63:f6:30:19:61:33:8d:62:
5c:55:a5:e4:2d:60:15:d0:3c:26:ca:8c:d3:b4:38:
87:34:70:9b:21:b3:8f:88:cf:30:6f:e1:6d:86:45:
b6:96:7e:f6:be:59:79:64:c4:ef:a3:c6:ed:87:d2:
f0:15:27:15:62:55:1d:53:13:06:64:1a:48:d8:b2:
a6:ff:89:ad:ee:28:ed:b9:4b:14:92:54:ea:2e:df:
70:9d:62:75:48:dc:64:f8:63:67:3b:c8:71:26:b8:
bb:de:44:bc:9d:5d:c7:bc:7a:9f:55:5e:c9:c0:09:
c5:02:85:2f:09:25:5a:8e:76:82:4c:9e:0f:cd:ea:
01:6d:7b:dd:e6:91:78:19:52:9f:77:3c:13:a3:5c:
b7:9e:ba:0f:90:7a:69:c0:77:fd:fc:a7:9b:54:98:
23:6d:2e:85:31:55:0d:e9:54:d7:b2:23:37:23:30:
c5:79:be:73:63:20:94:6d:12:71:78:bf:56:48:fc:
ae:44:ab:01:e3:02:31:36:de:92:50:93:c4:9a:b8:
0b:a7:b3:17:15:2d:f4:02:fc:fc:94:c5:7e:48:1c:
96:17:1b:3b:82:e2:98:65:d5:88:94:95:38:0e:5f:
80:17:9e:a9:af:0c:fc:8b:60:3b:1e:aa:8d:23:75:
4f:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:AC:19:08:33:90:BE:71:41:3A:23:7B:09:C8:F9:1E:D2:E0:BE:75
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D4AA15964A7911F1B758BFB0CE1D38B0.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.197.12.0/22
154.222.74.0/23
Signature Algorithm: sha256WithRSAEncryption
74:d7:2e:f3:cd:35:70:89:30:92:eb:6d:bb:37:59:ee:5a:f8:
6e:92:24:a7:03:dd:72:62:e6:9d:db:04:c0:c9:5c:93:97:cc:
32:d7:68:b7:43:8c:cd:40:58:a4:38:c5:9c:57:d3:92:58:ce:
02:c4:36:89:13:11:62:d1:b4:ed:b6:42:8b:65:0d:dd:8a:d2:
e1:d5:92:bf:ac:94:05:8d:19:7c:4a:5c:6a:ff:f5:d4:e8:2b:
8e:09:6b:4b:5f:b3:91:27:ff:42:bb:7f:eb:43:68:ac:76:a9:
68:08:65:ff:f1:2d:81:9d:2a:f5:36:3a:f1:f1:b4:fc:78:97:
ce:cb:d1:9d:99:22:32:57:c8:96:22:f6:39:49:8c:6b:d3:70:
94:e2:bf:13:99:49:89:5b:ac:cb:a6:d1:19:df:58:e5:75:9c:
30:32:c2:46:42:18:63:85:7f:c7:69:08:aa:1c:f7:6e:d4:f2:
f2:60:91:95:5a:2f:4f:5c:0a:b1:e3:40:7c:01:85:42:2d:ba:
6e:29:8f:23:92:ea:2d:06:21:55:82:c4:c1:23:79:b5:1b:89:
ff:b1:2a:37:c4:ab:80:24:06:13:95:bf:7a:4f:c8:14:27:2f:
ec:3c:d2:2e:2c:95:04:9a:05:d4:6c:f8:e7:c1:42:90:d7:2a:
d1:56:eb:2e
-----BEGIN CERTIFICATE-----
MIIFijCCBHKgAwIBAgIDAcoOMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjYwNTA4MDEwNDEwWhcNMjYwNjIxMDEwNDEwWjAYMRYw
FAYDVQQDEw02OWZkMzY4Zi1iZmExMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAv56v/uU/Y/YwGWEzjWJcVaXkLWAV0DwmyozTtDiHNHCbIbOPiM8wb+Ft
hkW2ln72vll5ZMTvo8bth9LwFScVYlUdUxMGZBpI2LKm/4mt7ijtuUsUklTqLt9w
nWJ1SNxk+GNnO8hxJri73kS8nV3HvHqfVV7JwAnFAoUvCSVajnaCTJ4PzeoBbXvd
5pF4GVKfdzwTo1y3nroPkHppwHf9/KebVJgjbS6FMVUN6VTXsiM3IzDFeb5zYyCU
bRJxeL9WSPyuRKsB4wIxNt6SUJPEmrgLp7MXFS30Avz8lMV+SByWFxs7guKYZdWI
lJU4Dl+AF56prwz8i2A7HqqNI3VPSwIDAQABo4ICqzCCAqcwHQYDVR0OBBYEFLas
GQgzkL5xQTojewnI+R7S4L51MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9ENEFBMTU5NjRBNzkxMUYxQjc1OEJGQjBDRTFEMzhCMC5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCmsUMAwQBmt5KMA0GCSqG
SIb3DQEBCwUAA4IBAQB01y7zzTVwiTCS6227N1nuWvhukiSnA91yYuad2wTAyVyT
l8wy12i3Q4zNQFikOMWcV9OSWM4CxDaJExFi0bTttkKLZQ3ditLh1ZK/rJQFjRl8
Slxq//XU6CuOCWtLX7ORJ/9Cu3/rQ2isdqloCGX/8S2BnSr1Njrx8bT8eJfOy9Gd
mSIyV8iWIvY5SYxr03CU4r8TmUmJW6zLptEZ31jldZwwMsJGQhhjhX/HaQiqHPdu
1PLyYJGVWi9PXAqx40B8AYVCLbpuKY8jkuotBiFVgsTBI3m1G4n/sSo3xKuAJAYT
lb96T8gUJy/sPNIuLJUEmgXUbPjnwUKQ1yrRVusu
-----END CERTIFICATE-----
Generated at Sat May 9 11:03:42 2026 by rpki-client