Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/098A01703A5A11F191DB42D3CE1D38B0.roa
File: 098A01703A5A11F191DB42D3CE1D38B0.roa (raw, json)
Hash identifier: SVb4LrfbPe+EvGH89Cxl3w5o3+qcBO77v00iommsZgA=
Subject key identifier: B5:7D:26:E6:8A:32:0F:49:9E:28:A1:78:DE:E1:41:38:77:CE:11:96
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01C5D5
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/098A01703A5A11F191DB42D3CE1D38B0.roa
Signing time: Fri 17 Apr 2026 12:36:21 +0000
ROA not before: Fri 17 Apr 2026 12:36:16 +0000
ROA not after: Sun 24 May 2026 12:36:16 +0000
asID: 9009
IP address blocks: 154.91.157.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 20 Apr 2026 00:08:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 116181 (0x1c5d5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Apr 17 12:36:16 2026 GMT
Not After : May 24 12:36:16 2026 GMT
Subject: CN=69e22945-07de
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:0e:18:2e:d8:c9:63:8a:72:b9:f6:59:32:e5:
ac:f4:ce:1b:4b:0f:95:79:74:53:4f:3d:19:11:4f:
2f:1c:07:19:40:a3:58:3f:86:9d:cb:20:ef:ab:83:
e5:6b:17:8c:c1:ab:88:dc:60:d9:f7:c2:01:ed:05:
e9:f2:61:55:d0:ce:44:2c:e8:d8:93:38:94:b9:45:
ac:54:33:a4:d8:66:3e:36:00:39:1b:80:e3:9d:cf:
a3:ec:fb:1c:d3:93:0d:9a:41:d0:8c:00:92:56:eb:
ec:9a:ce:f0:e8:94:5f:c1:7b:12:87:f9:60:14:d5:
28:11:1e:8e:15:f9:18:94:9b:82:a9:54:69:e8:d6:
41:fe:c0:47:04:8d:71:ad:9c:5d:b7:5b:bf:f4:db:
43:a3:55:b4:5b:24:07:1c:38:4b:ea:e3:52:0d:66:
9e:99:da:ed:6c:7f:39:cf:13:83:e9:25:fe:32:bf:
b6:6e:84:9f:29:24:df:37:12:d4:da:1f:5c:02:d5:
f5:c1:2f:c5:26:4b:66:38:a6:4d:4d:c4:c1:42:47:
ad:c0:59:25:38:f3:60:32:04:91:1e:21:c4:51:08:
6f:51:1e:f2:ac:40:e7:ef:42:af:90:a1:57:c0:e2:
02:23:bc:43:17:ac:c6:e0:72:1d:ec:0f:01:c3:34:
ef:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:7D:26:E6:8A:32:0F:49:9E:28:A1:78:DE:E1:41:38:77:CE:11:96
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/098A01703A5A11F191DB42D3CE1D38B0.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.91.157.0/24
Signature Algorithm: sha256WithRSAEncryption
4a:5a:76:63:04:d7:f1:88:1e:4c:c2:19:2f:7e:2c:a8:ec:66:
cf:82:27:08:27:0d:a6:58:96:c4:87:18:14:76:4a:43:aa:16:
f0:50:69:b6:01:91:e6:01:28:85:b9:57:16:d8:bb:84:15:3b:
cc:b9:9c:4d:ba:17:18:75:69:2b:b4:0d:4d:83:7c:e6:0c:a6:
60:40:c2:00:96:df:8b:d8:97:85:8f:f3:82:c6:67:99:c7:5b:
7c:97:22:c7:72:a2:9e:c2:03:19:a3:87:1d:a2:05:41:e9:8c:
6f:b3:3a:53:ac:8a:04:71:4f:76:de:2c:58:d3:48:c6:f2:d9:
ea:f1:01:4a:3e:2f:c9:d9:ab:70:09:2a:4a:f1:46:ec:62:f1:
ca:a5:74:16:42:27:31:13:dc:c5:d5:72:75:05:1e:90:04:8b:
50:70:42:1c:3c:9b:e0:dc:1b:1e:77:72:76:ca:14:21:87:55:
b3:53:30:f5:3f:95:5a:d9:ad:50:87:7a:b5:9d:41:6c:02:21:
7d:a0:bc:c9:39:d6:3b:31:f9:60:67:ba:14:b4:fc:81:cb:de:
59:c9:f7:49:33:78:3c:25:0e:ea:d7:f9:c9:54:a5:12:38:80:
44:5e:af:6d:51:85:43:d7:e2:e4:db:8d:02:46:ed:6f:75:f9:
4a:43:f3:a6
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAcXVMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjYwNDE3MTIzNjE2WhcNMjYwNTI0MTIzNjE2WjAYMRYw
FAYDVQQDEw02OWUyMjk0NS0wN2RlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAzQ4YLtjJY4pyufZZMuWs9M4bSw+VeXRTTz0ZEU8vHAcZQKNYP4adyyDv
q4PlaxeMwauI3GDZ98IB7QXp8mFV0M5ELOjYkziUuUWsVDOk2GY+NgA5G4Djnc+j
7Psc05MNmkHQjACSVuvsms7w6JRfwXsSh/lgFNUoER6OFfkYlJuCqVRp6NZB/sBH
BI1xrZxdt1u/9NtDo1W0WyQHHDhL6uNSDWaemdrtbH85zxOD6SX+Mr+2boSfKSTf
NxLU2h9cAtX1wS/FJktmOKZNTcTBQketwFklOPNgMgSRHiHEUQhvUR7yrEDn70Kv
kKFXwOICI7xDF6zG4HId7A8BwzTvawIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFLV9
JuaKMg9JniiheN7hQTh3zhGWMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8wOThBMDE3MDNBNUExMUYxOTFEQjQyRDNDRTFEMzhCMC5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmludMA0GCSqGSIb3DQEB
CwUAA4IBAQBKWnZjBNfxiB5Mwhkvfiyo7GbPgicIJw2mWJbEhxgUdkpDqhbwUGm2
AZHmASiFuVcW2LuEFTvMuZxNuhcYdWkrtA1Ng3zmDKZgQMIAlt+L2JeFj/OCxmeZ
x1t8lyLHcqKewgMZo4cdogVB6YxvszpTrIoEcU923ixY00jG8tnq8QFKPi/J2atw
CSpK8UbsYvHKpXQWQicxE9zF1XJ1BR6QBItQcEIcPJvg3Bsed3J2yhQhh1WzUzD1
P5Va2a1Qh3q1nUFsAiF9oLzJOdY7MflgZ7oUtPyBy95ZyfdJM3g8JQ7q1/nJVKUS
OIBEXq9tUYVD1+Lk240CRu1vdflKQ/Om
-----END CERTIFICATE-----
Generated at Sat Apr 18 10:25:21 2026 by rpki-client