Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/F40FE1D64A8311F1836ED0F1CE1D38B0.roa
File: F40FE1D64A8311F1836ED0F1CE1D38B0.roa (raw, json)
Hash identifier: FLYAWaTIgslq/4wJ6ABP+BntnWxyKILuyIF0qzxcj0o=
Subject key identifier: B5:DA:4A:1C:E3:61:F5:D4:0A:07:68:3E:0A:F8:FC:44:82:03:DD:4F
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01CA2E
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/F40FE1D64A8311F1836ED0F1CE1D38B0.roa
Signing time: Fri 08 May 2026 02:16:42 +0000
ROA not before: Fri 08 May 2026 02:16:38 +0000
ROA not after: Mon 07 May 2029 02:16:38 +0000
asID: 17561
IP address blocks: 154.208.136.0/24 maxlen: 24
154.208.137.0/24 maxlen: 24
154.208.138.0/24 maxlen: 24
154.208.139.0/24 maxlen: 24
154.208.140.0/24 maxlen: 24
154.208.141.0/24 maxlen: 24
154.208.142.0/24 maxlen: 24
154.208.143.0/24 maxlen: 24
154.208.144.0/24 maxlen: 24
154.208.145.0/24 maxlen: 24
154.208.146.0/24 maxlen: 24
154.208.147.0/24 maxlen: 24
154.208.148.0/24 maxlen: 24
154.208.149.0/24 maxlen: 24
154.208.150.0/24 maxlen: 24
154.208.151.0/24 maxlen: 24
154.208.152.0/24 maxlen: 24
154.208.153.0/24 maxlen: 24
154.208.154.0/24 maxlen: 24
154.208.155.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 11 May 2026 00:07:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 117294 (0x1ca2e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: May 8 02:16:38 2026 GMT
Not After : May 7 02:16:38 2029 GMT
Subject: CN=69fd478a-d838
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:89:88:0e:27:dc:53:68:68:b1:0c:42:d0:e3:
71:5e:78:d1:e2:79:38:b2:0f:7b:59:ff:29:bb:a6:
6d:4b:2f:a8:d4:e6:10:f5:b3:41:5a:8f:04:62:8a:
12:18:02:7d:e0:fe:13:9e:81:e1:71:83:9c:a0:25:
d6:35:60:3e:c3:b9:ce:93:34:39:60:35:52:93:cd:
bb:c4:de:3d:f4:88:6d:98:2e:6d:d8:03:df:62:74:
fe:1d:da:69:86:de:8d:34:08:53:ea:f4:b3:6e:69:
6a:0b:23:be:8f:c5:54:d2:5b:b3:45:0f:42:ff:64:
07:72:51:ce:6a:9a:62:89:b9:68:d8:8e:60:fd:71:
6b:b7:29:b1:e1:84:5b:6a:21:7c:f2:18:99:00:ea:
b4:95:9d:7c:82:6b:3e:ad:dd:2f:c9:48:6f:33:a8:
03:d6:32:d7:d3:42:60:67:16:d9:03:6c:77:9b:8e:
80:f9:42:28:ef:bd:d6:ac:5d:d9:e3:a6:c5:42:18:
08:fc:3c:92:5f:39:3d:69:72:15:94:eb:76:dd:30:
07:74:aa:dc:84:b3:bd:e1:07:e0:c1:15:7b:8f:fc:
97:62:f9:ad:87:6b:33:82:26:ec:7e:17:45:4a:a8:
b8:f1:1a:e9:6d:4d:bc:52:13:74:30:1e:1d:58:22:
6e:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:DA:4A:1C:E3:61:F5:D4:0A:07:68:3E:0A:F8:FC:44:82:03:DD:4F
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/F40FE1D64A8311F1836ED0F1CE1D38B0.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.208.136.0-154.208.155.255
Signature Algorithm: sha256WithRSAEncryption
b2:85:aa:4b:28:79:ba:6e:08:f8:8e:06:62:c0:e6:61:16:83:
3f:09:dd:b6:a7:7a:69:b3:c5:1d:d2:77:26:bd:88:2d:5d:ef:
09:5b:51:53:fb:b3:31:a4:2c:38:9a:21:2d:8c:ab:6c:e0:fd:
4c:cf:73:33:4e:ab:ea:36:5b:89:43:86:b8:d2:5b:08:9e:5b:
eb:0c:8c:c1:88:03:00:77:8c:81:4b:7f:ca:f7:bf:90:d6:a1:
3a:7b:d1:fc:6d:c6:5b:f7:c6:4e:2c:65:48:14:ce:d0:ae:a5:
18:1b:11:fe:2a:57:5c:bd:f2:66:bd:26:f0:77:15:bd:2a:c1:
ac:6d:01:2c:08:2e:33:d0:b5:2d:ae:fe:bc:c8:a3:ed:49:44:
8e:0a:13:79:ce:30:d5:e8:e2:56:f5:60:b9:25:a9:69:3e:aa:
dd:0d:86:8a:cf:f9:4b:e7:55:cf:21:db:03:f0:6f:73:0d:35:
2c:36:b7:df:8c:fb:18:7d:ac:76:30:0f:ed:c4:ec:4c:01:e4:
07:b2:d9:12:dd:5e:0d:03:37:d2:ff:66:9b:34:91:0e:c6:a0:
83:d3:3d:01:dd:04:18:c1:2f:56:60:57:13:8d:1a:f0:60:42:
9a:5f:c6:d5:29:26:d9:55:7f:49:cb:df:16:1b:6c:26:04:6a:
d4:31:6e:53
-----BEGIN CERTIFICATE-----
MIIFjDCCBHSgAwIBAgIDAcouMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjYwNTA4MDIxNjM4WhcNMjkwNTA3MDIxNjM4WjAYMRYw
FAYDVQQDEw02OWZkNDc4YS1kODM4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA1ImIDifcU2hosQxC0ONxXnjR4nk4sg97Wf8pu6ZtSy+o1OYQ9bNBWo8E
YooSGAJ94P4TnoHhcYOcoCXWNWA+w7nOkzQ5YDVSk827xN499IhtmC5t2APfYnT+
Hdppht6NNAhT6vSzbmlqCyO+j8VU0luzRQ9C/2QHclHOappiiblo2I5g/XFrtymx
4YRbaiF88hiZAOq0lZ18gms+rd0vyUhvM6gD1jLX00JgZxbZA2x3m46A+UIo773W
rF3Z46bFQhgI/DySXzk9aXIVlOt23TAHdKrchLO94QfgwRV7j/yXYvmth2szgibs
fhdFSqi48RrpbU28UhN0MB4dWCJuZwIDAQABo4ICrTCCAqkwHQYDVR0OBBYEFLXa
ShzjYfXUCgdoPgr4/ESCA91PMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9GNDBGRTFENjRBODMxMUYxODM2RUQwRjFDRTFEMzhCMC5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAOa0IgDBAKa0JgwDQYJ
KoZIhvcNAQELBQADggEBALKFqksoebpuCPiOBmLA5mEWgz8J3banemmzxR3Sdya9
iC1d7wlbUVP7szGkLDiaIS2Mq2zg/UzPczNOq+o2W4lDhrjSWwieW+sMjMGIAwB3
jIFLf8r3v5DWoTp70fxtxlv3xk4sZUgUztCupRgbEf4qV1y98ma9JvB3Fb0qwaxt
ASwILjPQtS2u/rzIo+1JRI4KE3nOMNXo4lb1YLklqWk+qt0NhorP+UvnVc8h2wPw
b3MNNSw2t9+M+xh9rHYwD+3E7EwB5Aey2RLdXg0DN9L/Zps0kQ7GoIPTPQHdBBjB
L1ZgVxONGvBgQppfxtUpJtlVf0nL3xYbbCYEatQxblM=
-----END CERTIFICATE-----
Generated at Sat May 9 11:00:43 2026 by rpki-client