Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/1BF2DE4038D411F18955F104CF1D38B0.roa
File: 1BF2DE4038D411F18955F104CF1D38B0.roa (raw, json)
Hash identifier: T+4H2oT9eoNHsJDuDfhts01a0TPor7M6JMd7rUv2i2w=
Subject key identifier: 17:DA:29:B9:3E:E5:72:0D:0C:4D:2B:8B:DA:98:86:D9:97:22:59:39
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01C570
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/1BF2DE4038D411F18955F104CF1D38B0.roa
Signing time: Wed 15 Apr 2026 14:05:08 +0000
ROA not before: Wed 15 Apr 2026 14:05:03 +0000
ROA not after: Tue 20 Apr 2027 14:05:03 +0000
asID: 136513
IP address blocks: 154.197.0.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 19 Apr 2026 15:47:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 116080 (0x1c570)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Apr 15 14:05:03 2026 GMT
Not After : Apr 20 14:05:03 2027 GMT
Subject: CN=69df9b14-e1df
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:bf:39:02:ca:c5:24:d5:76:f2:ee:d0:cc:e1:
22:27:57:d2:98:de:cc:9a:72:83:86:9c:bf:0d:02:
e0:b4:60:84:87:fc:d5:f9:65:95:c0:dc:82:99:bd:
bf:d6:6d:62:e4:da:77:1a:61:50:35:d6:bb:44:20:
88:f8:9c:0d:9a:43:0e:cf:a7:45:ab:53:af:27:c9:
7a:c1:14:bb:bc:18:40:3f:c2:5b:6b:64:d4:bb:81:
3d:54:49:83:0b:43:db:e0:ae:41:b1:0c:d9:bd:10:
44:b1:0d:41:57:ea:f9:ef:9a:47:0e:0a:84:a4:ae:
b2:c8:fe:5d:cd:56:f9:29:a4:94:d9:20:7f:c9:6f:
27:6d:c0:ba:12:49:a2:a7:aa:ce:28:b3:e8:f4:fe:
a5:00:00:32:12:5f:24:0e:ec:e9:db:62:57:ba:37:
90:e7:bf:d8:8b:30:3f:c9:5c:30:9e:f1:df:b4:b4:
21:de:83:62:5e:cf:2e:d4:e0:46:fd:3c:39:5c:98:
2a:20:2b:6c:01:a2:83:d4:32:ed:89:06:13:b0:5d:
7e:e1:01:c0:13:08:7f:f6:42:47:95:b2:b8:ef:85:
e5:d6:2f:27:4b:b5:39:58:45:e4:0e:14:b9:7d:12:
3f:34:9c:19:85:58:fb:f5:5a:3c:1d:95:cc:01:7e:
e3:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:DA:29:B9:3E:E5:72:0D:0C:4D:2B:8B:DA:98:86:D9:97:22:59:39
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/1BF2DE4038D411F18955F104CF1D38B0.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.197.0.0/24
Signature Algorithm: sha256WithRSAEncryption
b7:a4:bb:bb:b7:8b:5b:1a:44:8a:73:a6:e1:fb:1a:9b:55:3d:
ad:7d:18:3c:53:72:92:67:0d:96:7c:c7:24:7a:ae:ad:51:31:
31:43:0f:e6:e0:6a:49:5d:99:4f:9d:45:12:72:1f:59:2f:bd:
4e:de:c7:ed:e4:31:fb:4c:3f:d2:90:8f:21:16:d7:74:e4:bf:
37:31:d6:4d:90:e3:2e:22:22:e8:b3:25:30:f3:c5:cd:9f:8e:
aa:3a:a7:38:9a:e0:d6:12:c1:92:bb:12:aa:07:fc:b8:3d:5e:
f7:af:72:d2:2a:d1:38:f6:11:aa:c4:bc:24:93:83:fe:b1:1a:
ee:58:6d:af:d8:11:b5:53:67:18:c3:53:1a:ee:5f:24:ed:b4:
d7:92:e3:39:93:bb:ac:15:35:b5:63:a8:78:a6:cf:48:5e:99:
2e:5b:ed:ff:39:48:9b:bd:e8:73:45:95:4d:b4:0f:14:49:23:
88:df:ec:95:04:de:e0:c3:55:f7:28:43:1f:b8:a0:0b:84:6a:
36:6d:fd:a1:69:be:2b:65:91:58:84:c7:a4:c4:20:3c:d4:91:
04:5f:cd:13:21:1e:9a:db:3a:f1:75:1f:b4:a9:bd:ce:01:0f:
93:e9:3b:f9:60:bc:b1:01:20:5d:2f:d0:15:c4:a0:ca:66:5a:
d5:e2:62:c1
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAcVwMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjYwNDE1MTQwNTAzWhcNMjcwNDIwMTQwNTAzWjAYMRYw
FAYDVQQDEw02OWRmOWIxNC1lMWRmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAy785AsrFJNV28u7QzOEiJ1fSmN7MmnKDhpy/DQLgtGCEh/zV+WWVwNyC
mb2/1m1i5Np3GmFQNda7RCCI+JwNmkMOz6dFq1OvJ8l6wRS7vBhAP8Jba2TUu4E9
VEmDC0Pb4K5BsQzZvRBEsQ1BV+r575pHDgqEpK6yyP5dzVb5KaSU2SB/yW8nbcC6
Ekmip6rOKLPo9P6lAAAyEl8kDuzp22JXujeQ57/YizA/yVwwnvHftLQh3oNiXs8u
1OBG/Tw5XJgqICtsAaKD1DLtiQYTsF1+4QHAEwh/9kJHlbK474Xl1i8nS7U5WEXk
DhS5fRI/NJwZhVj79Vo8HZXMAX7jEQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFBfa
Kbk+5XINDE0ri9qYhtmXIlk5MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8xQkYyREU0MDM4RDQxMUYxODk1NUYxMDRDRjFEMzhCMC5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmsUAMA0GCSqGSIb3DQEB
CwUAA4IBAQC3pLu7t4tbGkSKc6bh+xqbVT2tfRg8U3KSZw2WfMckeq6tUTExQw/m
4GpJXZlPnUUSch9ZL71O3sft5DH7TD/SkI8hFtd05L83MdZNkOMuIiLosyUw88XN
n46qOqc4muDWEsGSuxKqB/y4PV73r3LSKtE49hGqxLwkk4P+sRruWG2v2BG1U2cY
w1Ma7l8k7bTXkuM5k7usFTW1Y6h4ps9IXpkuW+3/OUibvehzRZVNtA8USSOI3+yV
BN7gw1X3KEMfuKALhGo2bf2hab4rZZFYhMekxCA81JEEX80TIR6a2zrxdR+0qb3O
AQ+T6Tv5YLyxASBdL9AVxKDKZlrV4mLB
-----END CERTIFICATE-----
Generated at Fri Apr 17 18:42:09 2026 by rpki-client