Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/DD488D84358B11F1855577F6CE1D38B0.roa
File: DD488D84358B11F1855577F6CE1D38B0.roa (raw, json)
Hash identifier: yVJxNWkkE2sAfShvViKyPf3jxs1mzzdnwH8Wo5eiajQ=
Subject key identifier: FF:6D:98:26:36:A8:53:25:09:69:40:F6:10:FA:CB:51:D2:6A:29:AF
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01C497
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/DD488D84358B11F1855577F6CE1D38B0.roa
Signing time: Sat 11 Apr 2026 09:50:26 +0000
ROA not before: Sat 11 Apr 2026 09:50:21 +0000
ROA not after: Sun 17 May 2026 09:50:21 +0000
asID: 214120
IP address blocks: 154.199.1.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 13 Apr 2026 00:07:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 115863 (0x1c497)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Apr 11 09:50:21 2026 GMT
Not After : May 17 09:50:21 2026 GMT
Subject: CN=69da1962-b6bf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:63:06:8c:ac:e9:32:00:74:81:5d:06:e1:3b:
04:4d:86:2f:cb:62:b1:66:e5:33:35:8b:6b:c7:0d:
d8:38:9c:ee:79:62:2f:e6:4f:33:c3:f6:3b:48:8e:
7a:19:74:31:41:80:62:31:ff:24:14:2a:4b:d3:ca:
da:65:f5:95:72:17:23:68:90:28:85:13:4d:ca:10:
10:e9:57:c0:55:94:9a:2e:7c:35:cb:2c:a1:42:07:
00:98:43:ca:cd:9b:68:03:6a:b3:ea:86:f3:a0:b9:
4b:90:ab:70:bd:31:86:28:98:86:7c:51:c5:37:8d:
65:e1:91:4e:36:1a:17:bc:b8:b8:4d:3a:85:b1:be:
c9:ff:31:51:35:30:34:8c:55:8e:86:99:5d:9c:45:
50:a8:cb:14:e9:be:6f:12:ee:86:85:88:fb:f8:2c:
4a:00:49:68:b5:66:dd:90:a8:d4:7d:67:8e:6c:66:
40:ff:3a:a7:81:de:e4:97:e2:0f:ea:4b:fd:95:ef:
81:a4:ce:56:7a:de:d8:55:07:26:94:de:83:4a:42:
a5:16:ae:02:b3:34:53:7d:95:87:5c:1d:06:94:ec:
f9:1e:84:32:74:2e:0d:e9:1c:b0:58:4c:c0:7f:56:
66:97:40:4d:65:1d:2e:83:7f:15:9a:cb:33:d4:4f:
46:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:6D:98:26:36:A8:53:25:09:69:40:F6:10:FA:CB:51:D2:6A:29:AF
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/DD488D84358B11F1855577F6CE1D38B0.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.199.1.0/24
Signature Algorithm: sha256WithRSAEncryption
74:c0:d7:97:17:f2:98:dc:fc:6b:b6:f8:19:64:78:65:3e:f8:
38:1a:ed:24:d9:c3:6b:1a:ea:c8:be:1f:da:16:07:48:4d:7c:
29:7e:06:e5:f4:13:f4:db:c4:80:1f:57:13:81:5f:a7:d8:5e:
db:37:4d:9e:db:dc:de:ac:b4:5b:65:2f:0e:31:77:08:fd:83:
ef:07:ff:dc:5c:d1:b3:57:07:3d:99:6c:86:70:40:65:55:45:
61:d6:39:b3:33:b6:85:ec:06:21:63:f2:e8:f2:d5:04:c6:3b:
89:a2:2f:c2:c8:ad:4d:d8:a0:88:af:12:2d:7c:87:b8:2a:b7:
fd:02:23:6c:f0:d5:74:b2:01:a1:91:db:46:2f:a1:da:2d:7a:
6c:56:10:74:f7:38:58:e0:7d:2f:f2:a0:5e:87:d4:4e:fa:b1:
1d:c3:66:4a:3c:a9:6e:04:e9:60:a4:28:db:a0:4f:a3:36:d4:
16:64:d2:02:79:29:02:e4:0b:bc:6b:e2:46:12:93:a8:55:d1:
0b:f0:2d:d3:f3:61:83:4a:d7:a5:5a:5a:8c:23:d6:fc:32:03:
ca:c3:26:2c:c3:a4:91:8a:e1:2d:5b:d0:6c:4f:d2:a6:82:9c:
ec:e6:a0:a0:3e:76:4a:22:6e:dd:90:e9:d9:c2:50:a2:99:36:
a3:eb:61:01
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAcSXMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjYwNDExMDk1MDIxWhcNMjYwNTE3MDk1MDIxWjAYMRYw
FAYDVQQDEw02OWRhMTk2Mi1iNmJmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAp2MGjKzpMgB0gV0G4TsETYYvy2KxZuUzNYtrxw3YOJzueWIv5k8zw/Y7
SI56GXQxQYBiMf8kFCpL08raZfWVchcjaJAohRNNyhAQ6VfAVZSaLnw1yyyhQgcA
mEPKzZtoA2qz6obzoLlLkKtwvTGGKJiGfFHFN41l4ZFONhoXvLi4TTqFsb7J/zFR
NTA0jFWOhpldnEVQqMsU6b5vEu6GhYj7+CxKAElotWbdkKjUfWeObGZA/zqngd7k
l+IP6kv9le+BpM5Wet7YVQcmlN6DSkKlFq4CszRTfZWHXB0GlOz5HoQydC4N6Ryw
WEzAf1Zml0BNZR0ug38Vmssz1E9GGQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFP9t
mCY2qFMlCWlA9hD6y1HSaimvMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9ERDQ4OEQ4NDM1OEIxMUYxODU1NTc3RjZDRTFEMzhCMC5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmscBMA0GCSqGSIb3DQEB
CwUAA4IBAQB0wNeXF/KY3PxrtvgZZHhlPvg4Gu0k2cNrGurIvh/aFgdITXwpfgbl
9BP028SAH1cTgV+n2F7bN02e29zerLRbZS8OMXcI/YPvB//cXNGzVwc9mWyGcEBl
VUVh1jmzM7aF7AYhY/Lo8tUExjuJoi/CyK1N2KCIrxItfIe4Krf9AiNs8NV0sgGh
kdtGL6HaLXpsVhB09zhY4H0v8qBeh9RO+rEdw2ZKPKluBOlgpCjboE+jNtQWZNIC
eSkC5Au8a+JGEpOoVdEL8C3T82GDStelWlqMI9b8MgPKwyYsw6SRiuEtW9BsT9Km
gpzs5qCgPnZKIm7dkOnZwlCimTaj62EB
-----END CERTIFICATE-----
Generated at Sat Apr 11 19:09:37 2026 by rpki-client