Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/EDDBFA96459411F19F892EEFCE1D38B0.roa
File: EDDBFA96459411F19F892EEFCE1D38B0.roa (raw, json)
Hash identifier: 0/Q6y0WUAgVjHPVdTQHvRv9kAx46YtrxUq7pDujtue0=
Subject key identifier: B4:B0:F3:FA:12:98:3C:B8:3E:E0:4C:07:61:8B:FB:0D:9E:53:82:D4
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01C8F5
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/EDDBFA96459411F19F892EEFCE1D38B0.roa
Signing time: Fri 01 May 2026 19:35:38 +0000
ROA not before: Fri 01 May 2026 19:35:33 +0000
ROA not after: Fri 05 Jun 2026 19:35:33 +0000
asID: 214238
IP address blocks: 154.219.23.0/24 maxlen: 24
154.219.25.0/24 maxlen: 24
154.219.30.0/24 maxlen: 24
154.219.31.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 11 May 2026 00:07:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 116981 (0x1c8f5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: May 1 19:35:33 2026 GMT
Not After : Jun 5 19:35:33 2026 GMT
Subject: CN=69f50089-d6d2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:b9:0d:4b:e3:6a:9a:62:56:f1:97:88:f9:66:
ec:e0:ec:cb:30:8d:97:43:b5:64:ac:6c:19:5a:09:
d3:9c:bf:71:59:7c:88:91:57:a1:b2:33:c2:e3:3a:
2e:f0:7d:30:e2:da:8b:81:db:e1:28:e7:da:65:ed:
b2:93:c3:4d:38:49:8d:8f:a4:0a:ab:13:a5:3d:2c:
ab:86:5d:b7:18:39:72:c6:03:d5:64:21:d5:f4:67:
bd:b6:67:dd:e8:e4:b7:f5:7d:61:31:53:c0:d6:b5:
ff:d8:c4:f4:6f:05:3f:3e:2c:53:00:40:37:22:aa:
78:7c:77:eb:9b:ac:a6:44:b4:95:98:22:9c:a6:e1:
e9:de:2c:b8:7d:12:28:f3:fa:54:fa:46:b2:f0:87:
7b:a5:7a:80:b0:e6:61:f3:9c:ec:51:52:75:03:66:
0f:59:9c:5a:6d:79:8b:95:b5:c4:d2:6d:fc:82:ea:
0b:42:30:eb:0d:78:cc:c3:ed:6b:66:4b:8e:79:89:
f9:54:cb:87:58:90:4f:c0:65:69:ce:38:8e:35:0e:
cb:f6:9a:16:7d:58:88:61:24:34:ed:60:1d:7d:96:
77:d1:db:1a:b4:ff:af:2d:b7:8a:66:6b:99:44:08:
6a:0c:62:85:10:a8:ad:e4:56:98:60:79:bb:61:53:
92:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:B0:F3:FA:12:98:3C:B8:3E:E0:4C:07:61:8B:FB:0D:9E:53:82:D4
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/EDDBFA96459411F19F892EEFCE1D38B0.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.219.23.0/24
154.219.25.0/24
154.219.30.0/23
Signature Algorithm: sha256WithRSAEncryption
01:f0:6f:a1:5c:86:c6:d4:28:80:44:5d:92:ac:24:7f:b7:02:
54:0d:fc:e1:7a:c0:27:fc:08:00:cb:b2:ab:f1:04:da:3b:a7:
d5:6e:36:6c:83:a1:06:92:bd:d9:09:0f:36:f4:68:ab:e8:91:
77:80:b2:ff:1b:4b:74:da:ed:84:b3:94:bb:c0:75:40:23:32:
b7:00:fa:e1:a7:e9:d8:5a:46:25:3a:ba:67:ba:e9:d9:ad:03:
f3:23:07:65:6d:73:06:73:db:71:90:d6:6a:6d:95:e8:f3:17:
4a:0e:9d:62:e3:2b:68:f5:24:5c:af:13:47:d7:60:f6:58:30:
09:4f:eb:b7:ab:e4:14:37:37:20:bb:2e:7d:50:46:61:9c:5c:
ae:94:0a:8d:7a:a8:11:cf:07:17:df:23:d2:dc:ae:ca:f4:7c:
43:ea:5c:29:19:22:7c:86:18:ce:23:3c:d4:43:72:2c:ad:47:
64:27:7e:d8:a0:69:8c:ed:a0:51:f5:ca:ff:ab:f9:cf:a7:e2:
f9:89:df:ed:bc:da:5f:fc:57:ca:77:9b:e9:4a:a0:46:c3:d9:
22:c6:a2:23:2d:8a:d8:4f:a0:d5:c7:79:4a:3f:02:57:4b:ee:
2e:d0:a7:3c:39:c2:36:db:d7:77:8c:fd:65:97:cb:34:3d:29:
b5:3e:da:f0
-----BEGIN CERTIFICATE-----
MIIFkDCCBHigAwIBAgIDAcj1MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjYwNTAxMTkzNTMzWhcNMjYwNjA1MTkzNTMzWjAYMRYw
FAYDVQQDEw02OWY1MDA4OS1kNmQyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA4bkNS+NqmmJW8ZeI+Wbs4OzLMI2XQ7VkrGwZWgnTnL9xWXyIkVehsjPC
4zou8H0w4tqLgdvhKOfaZe2yk8NNOEmNj6QKqxOlPSyrhl23GDlyxgPVZCHV9Ge9
tmfd6OS39X1hMVPA1rX/2MT0bwU/PixTAEA3Iqp4fHfrm6ymRLSVmCKcpuHp3iy4
fRIo8/pU+kay8Id7pXqAsOZh85zsUVJ1A2YPWZxabXmLlbXE0m38guoLQjDrDXjM
w+1rZkuOeYn5VMuHWJBPwGVpzjiONQ7L9poWfViIYSQ07WAdfZZ30dsatP+vLbeK
ZmuZRAhqDGKFEKit5FaYYHm7YVOSIwIDAQABo4ICsTCCAq0wHQYDVR0OBBYEFLSw
8/oSmDy4PuBMB2GL+w2eU4LUMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9FRERCRkE5NjQ1OTQxMUYxOUY4OTJFRUZDRTFEMzhCMC5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAmtsXAwQAmtsZAwQBmtse
MA0GCSqGSIb3DQEBCwUAA4IBAQAB8G+hXIbG1CiARF2SrCR/twJUDfzhesAn/AgA
y7Kr8QTaO6fVbjZsg6EGkr3ZCQ829Gir6JF3gLL/G0t02u2Es5S7wHVAIzK3APrh
p+nYWkYlOrpnuunZrQPzIwdlbXMGc9txkNZqbZXo8xdKDp1i4yto9SRcrxNH12D2
WDAJT+u3q+QUNzcguy59UEZhnFyulAqNeqgRzwcX3yPS3K7K9HxD6lwpGSJ8hhjO
IzzUQ3IsrUdkJ37YoGmM7aBR9cr/q/nPp+L5id/tvNpf/FfKd5vpSqBGw9kixqIj
LYrYT6DVx3lKPwJXS+4u0Kc8OcI229d3jP1ll8s0PSm1Ptrw
-----END CERTIFICATE-----
Generated at Sat May 9 10:59:51 2026 by rpki-client