Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/E9134C30456211F1A6B152C5CE1D38B0.roa
File: E9134C30456211F1A6B152C5CE1D38B0.roa (raw, json)
Hash identifier: UZgtBQ1J2T/k1DgUcI7cwu/e+pNKpa9nMfrfjFlXVHs=
Subject key identifier: 63:BB:76:8E:30:D7:A0:12:24:77:76:EC:F0:B3:36:16:B8:09:98:F7
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01C8A1
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/E9134C30456211F1A6B152C5CE1D38B0.roa
Signing time: Fri 01 May 2026 13:37:35 +0000
ROA not before: Fri 01 May 2026 13:37:13 +0000
ROA not after: Mon 08 Jun 2026 13:37:13 +0000
asID: 138995
IP address blocks: 154.218.2.0/24 maxlen: 24
154.218.3.0/24 maxlen: 24
154.218.4.0/24 maxlen: 24
154.218.5.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 11 May 2026 00:07:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 116897 (0x1c8a1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: May 1 13:37:13 2026 GMT
Not After : Jun 8 13:37:13 2026 GMT
Subject: CN=69f4ac9f-12d6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:c1:06:a2:b9:bc:c4:5e:77:b5:35:e8:a2:5f:
45:6f:64:f6:b1:93:7e:99:2a:f2:02:2c:f5:d0:40:
53:fa:8d:cd:7c:64:ec:28:f7:3a:78:fc:1d:71:a8:
fe:5b:64:43:10:b1:2e:7a:ac:92:8c:29:3c:a3:1e:
83:7b:93:74:e6:21:a3:24:f4:db:49:7f:fb:c0:9f:
d3:69:81:d7:d9:dc:91:a9:80:57:f5:ec:82:bb:bb:
71:16:f2:0c:a5:5c:fa:f2:94:18:d9:d4:5c:3c:aa:
4c:25:e4:f7:8c:31:f1:4c:9b:d5:35:17:dd:95:b2:
c0:59:fd:7b:7c:0d:5c:0c:d0:d0:1f:8d:2d:ae:7f:
b5:28:e5:c6:eb:c0:58:61:3a:04:17:00:b1:e3:59:
03:b1:f5:d0:4c:04:2f:cd:d7:58:a2:fe:e4:e4:09:
b7:31:e9:29:9f:00:14:12:0a:9e:c0:72:04:e3:63:
2d:8f:75:4a:9d:d6:3b:b3:b7:5a:55:e4:ab:56:6e:
0d:ba:65:a8:33:1d:5e:63:94:cf:70:41:5f:2e:41:
b6:2b:f8:00:cc:52:c2:30:1d:77:77:ef:bf:4d:b9:
fc:eb:36:4d:c5:0a:5b:25:9e:f1:7a:24:7a:e3:94:
2b:7b:7f:7f:c6:40:77:7c:ca:20:21:b3:12:7d:14:
ce:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:BB:76:8E:30:D7:A0:12:24:77:76:EC:F0:B3:36:16:B8:09:98:F7
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/E9134C30456211F1A6B152C5CE1D38B0.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.218.2.0-154.218.5.255
Signature Algorithm: sha256WithRSAEncryption
4d:81:04:ae:da:7d:57:75:bb:5f:d6:c9:03:84:49:89:df:a0:
a2:85:cf:71:46:2a:ca:ee:e1:34:7c:a0:d9:05:ee:69:68:a7:
fc:d3:1a:e5:1f:a6:3c:f3:d5:b1:0c:6d:73:fe:0a:39:14:87:
67:6e:20:ca:b0:d7:ce:50:5f:db:f8:3b:82:fa:d7:f1:ce:09:
24:f3:66:ab:60:67:50:24:ee:6b:75:3a:75:45:d9:7d:a4:7d:
c8:df:ec:ad:94:a1:15:a1:9c:89:e8:3d:7f:ed:73:1b:22:e5:
85:ca:f6:b4:38:e3:26:28:73:e0:57:a4:9d:11:91:8e:ca:f5:
25:09:db:6b:6a:44:f2:a4:37:85:b0:16:9a:2c:43:28:d3:24:
73:1e:af:4d:e6:d0:6d:09:f3:a6:e1:0b:3c:03:04:13:1a:12:
5a:47:35:ad:56:3e:b4:c2:f1:6d:1e:4f:0a:27:22:54:43:47:
16:3a:9a:14:40:d8:53:5b:32:59:15:4a:6c:9d:d9:11:f6:96:
00:04:46:dc:4d:a9:b0:65:11:af:65:02:fd:4b:b6:53:b0:6f:
8b:1a:78:54:cb:ac:44:17:75:2d:c0:9a:20:87:0f:aa:13:9f:
8c:8f:32:09:c6:24:64:c9:b5:72:b6:f2:fd:d1:0a:00:86:b6:
10:c7:12:55
-----BEGIN CERTIFICATE-----
MIIFjDCCBHSgAwIBAgIDAcihMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjYwNTAxMTMzNzEzWhcNMjYwNjA4MTMzNzEzWjAYMRYw
FAYDVQQDEw02OWY0YWM5Zi0xMmQ2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA5cEGorm8xF53tTXool9Fb2T2sZN+mSryAiz10EBT+o3NfGTsKPc6ePwd
caj+W2RDELEueqySjCk8ox6De5N05iGjJPTbSX/7wJ/TaYHX2dyRqYBX9eyCu7tx
FvIMpVz68pQY2dRcPKpMJeT3jDHxTJvVNRfdlbLAWf17fA1cDNDQH40trn+1KOXG
68BYYToEFwCx41kDsfXQTAQvzddYov7k5Am3MekpnwAUEgqewHIE42Mtj3VKndY7
s7daVeSrVm4NumWoMx1eY5TPcEFfLkG2K/gAzFLCMB13d++/Tbn86zZNxQpbJZ7x
eiR645Qre39/xkB3fMogIbMSfRTOOwIDAQABo4ICrTCCAqkwHQYDVR0OBBYEFGO7
do4w16ASJHd27PCzNha4CZj3MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9FOTEzNEMzMDQ1NjIxMUYxQTZCMTUyQzVDRTFEMzhCMC5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAGa2gIDBAGa2gQwDQYJ
KoZIhvcNAQELBQADggEBAE2BBK7afVd1u1/WyQOESYnfoKKFz3FGKsru4TR8oNkF
7mlop/zTGuUfpjzz1bEMbXP+CjkUh2duIMqw185QX9v4O4L61/HOCSTzZqtgZ1Ak
7mt1OnVF2X2kfcjf7K2UoRWhnInoPX/tcxsi5YXK9rQ44yYoc+BXpJ0RkY7K9SUJ
22tqRPKkN4WwFposQyjTJHMer03m0G0J86bhCzwDBBMaElpHNa1WPrTC8W0eTwon
IlRDRxY6mhRA2FNbMlkVSmyd2RH2lgAERtxNqbBlEa9lAv1LtlOwb4saeFTLrEQX
dS3AmiCHD6oTn4yPMgnGJGTJtXK28v3RCgCGthDHElU=
-----END CERTIFICATE-----
Generated at Sat May 9 11:02:32 2026 by rpki-client