Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/FC511370492411F1ABBF58A7CE1D38B0.roa
File: FC511370492411F1ABBF58A7CE1D38B0.roa (raw, json)
Hash identifier: PIKGpPRWdNxc3fhh5GQQtsKQMZ0N28IjcHwlDwNhSTo=
Subject key identifier: E2:74:FF:AB:CC:31:B2:57:5A:92:9A:B9:DB:5D:32:57:F6:FA:B8:1F
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01C989
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/FC511370492411F1ABBF58A7CE1D38B0.roa
Signing time: Wed 06 May 2026 08:24:23 +0000
ROA not before: Wed 06 May 2026 08:24:18 +0000
ROA not after: Fri 12 Jun 2026 08:24:18 +0000
asID: 20457
IP address blocks: 154.85.24.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 11 May 2026 00:07:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 117129 (0x1c989)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: May 6 08:24:18 2026 GMT
Not After : Jun 12 08:24:18 2026 GMT
Subject: CN=69fafab7-f8c4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:fc:8d:d0:28:a5:c0:4e:73:0e:63:87:0d:8b:
03:61:75:c9:2e:1a:14:35:fe:bc:cf:87:65:02:d1:
b8:32:1c:b3:9b:5b:cd:11:62:5e:85:f3:7c:64:44:
40:8a:5f:f0:61:65:8a:1b:37:7f:5a:ea:74:70:50:
ad:73:0e:ad:0f:c7:3a:80:cb:ed:30:90:1e:41:fc:
9f:96:31:cd:2c:aa:97:68:f9:88:4b:d1:11:e4:f7:
5a:71:45:04:56:e7:29:ee:0b:fc:c3:68:f1:fa:99:
75:a6:0f:09:b4:ba:14:e3:34:35:00:15:dd:c8:67:
c3:87:9a:6b:27:d5:5f:55:b3:d3:47:07:d8:82:79:
a3:fb:3b:1d:ca:74:6b:a4:f0:75:98:48:96:91:49:
73:5a:a8:c8:4d:d4:8f:ac:c8:7d:36:36:ed:53:82:
72:0c:cf:61:7b:2e:0b:d8:96:8d:05:2f:77:0b:9c:
66:2a:64:3a:36:40:96:82:96:ca:26:b3:9d:a9:8e:
a2:fe:3f:65:12:4a:0c:66:e2:c0:86:ef:a3:b5:69:
aa:3c:cc:ce:a1:24:6d:37:5e:ae:6d:5c:29:7b:cc:
8a:7d:6b:1d:80:a5:8c:2b:91:eb:6a:d6:16:f7:69:
be:29:6d:bd:17:98:81:57:a5:c9:a6:68:32:02:c5:
de:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:74:FF:AB:CC:31:B2:57:5A:92:9A:B9:DB:5D:32:57:F6:FA:B8:1F
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/FC511370492411F1ABBF58A7CE1D38B0.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.85.24.0/23
Signature Algorithm: sha256WithRSAEncryption
aa:ac:67:bf:f6:48:fb:34:ef:8b:c4:f1:e8:81:de:35:f2:f0:
54:ee:6d:4b:40:a0:86:57:79:08:69:a6:cb:d8:d3:04:c3:61:
c8:94:53:0b:ea:45:e9:96:ba:11:af:d3:0b:1f:dd:ac:18:9f:
f1:ed:62:41:b7:96:75:de:9a:78:ea:a5:0b:6e:f4:3f:e8:bb:
2e:c6:02:60:7c:1b:55:5e:d4:e6:74:d3:43:52:2f:a2:72:ee:
27:82:b0:33:a4:d7:a1:89:8a:2c:8a:df:f6:c8:1c:01:2a:5c:
1f:47:9e:42:36:a3:a6:af:a1:de:2b:2e:df:a6:35:be:7f:e0:
ac:f1:38:e0:96:36:05:dc:b0:e9:d6:f6:3c:43:2c:77:d2:a2:
de:db:3f:06:5b:2b:06:04:19:3b:e3:03:e7:78:34:b6:6e:56:
fa:7d:f7:81:37:e1:36:49:f7:f9:19:2b:c2:b0:68:b0:5c:8e:
a7:2e:95:64:01:f3:7c:b7:4b:dd:7e:e5:fa:dd:ad:33:4d:fa:
ec:9d:90:bc:97:a9:2a:86:33:e8:91:02:82:14:b5:b8:88:51:
60:b7:7c:cd:42:60:77:fe:0f:9a:8b:41:6d:ee:e8:94:34:e5:
d2:49:88:30:1a:39:00:a6:67:8d:63:b0:9a:d8:5e:97:56:bd:
5d:6e:53:32
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAcmJMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjYwNTA2MDgyNDE4WhcNMjYwNjEyMDgyNDE4WjAYMRYw
FAYDVQQDEw02OWZhZmFiNy1mOGM0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA0fyN0CilwE5zDmOHDYsDYXXJLhoUNf68z4dlAtG4Mhyzm1vNEWJehfN8
ZERAil/wYWWKGzd/Wup0cFCtcw6tD8c6gMvtMJAeQfyfljHNLKqXaPmIS9ER5Pda
cUUEVucp7gv8w2jx+pl1pg8JtLoU4zQ1ABXdyGfDh5prJ9VfVbPTRwfYgnmj+zsd
ynRrpPB1mEiWkUlzWqjITdSPrMh9NjbtU4JyDM9hey4L2JaNBS93C5xmKmQ6NkCW
gpbKJrOdqY6i/j9lEkoMZuLAhu+jtWmqPMzOoSRtN16ubVwpe8yKfWsdgKWMK5Hr
atYW92m+KW29F5iBV6XJpmgyAsXeWQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFOJ0
/6vMMbJXWpKaudtdMlf2+rgfMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9GQzUxMTM3MDQ5MjQxMUYxQUJCRjU4QTdDRTFEMzhCMC5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBmlUYMA0GCSqGSIb3DQEB
CwUAA4IBAQCqrGe/9kj7NO+LxPHogd418vBU7m1LQKCGV3kIaabL2NMEw2HIlFML
6kXplroRr9MLH92sGJ/x7WJBt5Z13pp46qULbvQ/6LsuxgJgfBtVXtTmdNNDUi+i
cu4ngrAzpNehiYosit/2yBwBKlwfR55CNqOmr6HeKy7fpjW+f+Cs8TjgljYF3LDp
1vY8Qyx30qLe2z8GWysGBBk74wPneDS2blb6ffeBN+E2Sff5GSvCsGiwXI6nLpVk
AfN8t0vdfuX63a0zTfrsnZC8l6kqhjPokQKCFLW4iFFgt3zNQmB3/g+ai0Ft7uiU
NOXSSYgwGjkApmeNY7Ca2F6XVr1dblMy
-----END CERTIFICATE-----
Generated at Sat May 9 11:02:04 2026 by rpki-client