Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/1CE1006C3A5911F1B0CCDCCECE1D38B0.roa
File: 1CE1006C3A5911F1B0CCDCCECE1D38B0.roa (raw, json)
Hash identifier: jG/mmq3rtGqT2v913IUKcOUiF3jsvvkz2sjITj08Ywk=
Subject key identifier: 10:30:D5:15:41:E2:BD:BB:A1:C3:F2:AF:B6:6C:D3:E0:17:9C:4B:EA
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01C5D1
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/1CE1006C3A5911F1B0CCDCCECE1D38B0.roa
Signing time: Fri 17 Apr 2026 12:29:44 +0000
ROA not before: Fri 17 Apr 2026 12:29:39 +0000
ROA not after: Sun 24 May 2026 12:29:39 +0000
asID: 18013
IP address blocks: 154.89.144.0/20 maxlen: 24
154.89.160.0/19 maxlen: 24
154.95.24.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 20 Apr 2026 00:08:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 116177 (0x1c5d1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Apr 17 12:29:39 2026 GMT
Not After : May 24 12:29:39 2026 GMT
Subject: CN=69e227b8-686d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:20:12:fe:0a:e1:1c:d0:4f:fe:11:70:23:75:
e3:1e:a5:fd:6f:66:3c:96:e8:b2:f2:5b:22:6d:3d:
0b:54:15:4b:4c:08:5e:4d:a3:fc:dd:72:96:23:59:
08:04:4c:33:07:0a:a7:84:be:10:97:d6:86:0e:1f:
d1:40:d0:70:59:d5:31:fc:4c:86:72:0b:cd:26:4a:
19:bf:87:20:5f:c6:5b:e5:5c:89:a8:68:87:64:77:
76:70:6a:04:8f:f8:86:d8:88:cb:cb:87:07:6c:55:
a7:ac:68:3e:7a:11:87:1c:8b:eb:e2:c3:48:7e:9c:
e7:8f:5e:88:52:ba:ba:3f:9f:c3:e7:0f:e0:31:34:
8c:e1:02:d9:8f:7a:29:52:64:19:f9:c4:92:4e:e4:
9d:f1:7d:c9:09:c0:19:b6:d1:1c:c0:48:3d:bd:be:
3d:06:ac:a6:d3:0d:31:3b:9c:af:55:ac:3e:03:d7:
bb:59:8b:a5:2c:7b:c1:32:6b:6f:56:13:cc:34:84:
82:c6:04:0f:39:d4:4c:9d:59:d2:df:15:cd:64:51:
23:e7:af:35:aa:21:a2:0a:af:2d:1d:b1:c4:d8:ba:
5f:a4:85:0c:83:e9:9d:c4:4c:4d:73:2d:20:e8:cb:
40:77:3a:9d:30:3d:6e:95:48:0d:dd:15:ed:28:e7:
85:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:30:D5:15:41:E2:BD:BB:A1:C3:F2:AF:B6:6C:D3:E0:17:9C:4B:EA
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/1CE1006C3A5911F1B0CCDCCECE1D38B0.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.89.144.0-154.89.191.255
154.95.24.0/24
Signature Algorithm: sha256WithRSAEncryption
c1:7f:33:04:11:c8:af:77:30:fb:52:23:3b:7b:a5:18:80:b3:
d1:d8:d8:b3:83:a2:1f:4a:64:6f:d1:e5:d1:90:20:c9:f3:fb:
59:ca:af:db:3a:c5:a6:90:36:42:fa:b8:b8:9c:86:c7:0a:56:
54:33:db:38:b3:aa:c7:c1:71:c4:8c:25:4a:e8:c8:91:9d:bd:
82:22:79:43:b5:83:1d:2b:7c:1a:57:9f:8d:2e:12:41:4b:cb:
b2:ff:85:ee:d1:99:70:44:69:dc:53:18:fa:92:a4:83:0d:55:
8a:80:a0:bf:df:30:c5:eb:a2:c4:e3:aa:3b:76:6f:9c:5e:d9:
19:bb:54:8d:54:0b:a7:20:97:f2:06:3b:75:40:4e:8e:2c:f2:
64:42:6b:3b:b0:78:62:0f:c4:4c:2a:98:63:27:5e:1f:f6:0c:
ca:9d:d1:f4:1f:55:9d:44:7d:89:a9:95:7e:9c:51:99:72:47:
30:79:b6:45:14:f7:ee:9b:cf:68:a1:ad:ec:ef:fc:a7:2a:21:
cd:ad:5b:d4:9d:6c:37:cd:87:bd:af:1d:2a:da:64:b4:00:36:
6f:a3:ee:3d:f2:fd:9d:4d:cd:2a:5c:4c:7f:3a:53:d5:21:d7:
05:03:e3:5c:10:d6:b1:d3:b9:51:f8:bd:ac:17:73:6d:e1:7f:
35:da:bc:5f
-----BEGIN CERTIFICATE-----
MIIFkjCCBHqgAwIBAgIDAcXRMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjYwNDE3MTIyOTM5WhcNMjYwNTI0MTIyOTM5WjAYMRYw
FAYDVQQDEw02OWUyMjdiOC02ODZkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA4CAS/grhHNBP/hFwI3XjHqX9b2Y8luiy8lsibT0LVBVLTAheTaP83XKW
I1kIBEwzBwqnhL4Ql9aGDh/RQNBwWdUx/EyGcgvNJkoZv4cgX8Zb5VyJqGiHZHd2
cGoEj/iG2IjLy4cHbFWnrGg+ehGHHIvr4sNIfpznj16IUrq6P5/D5w/gMTSM4QLZ
j3opUmQZ+cSSTuSd8X3JCcAZttEcwEg9vb49Bqym0w0xO5yvVaw+A9e7WYulLHvB
MmtvVhPMNISCxgQPOdRMnVnS3xXNZFEj5681qiGiCq8tHbHE2LpfpIUMg+mdxExN
cy0g6MtAdzqdMD1ulUgN3RXtKOeFZQIDAQABo4ICszCCAq8wHQYDVR0OBBYEFBAw
1RVB4r27ocPyr7Zs0+AXnEvqMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8xQ0UxMDA2QzNBNTkxMUYxQjBDQ0RDQ0VDRTFEMzhCMC5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBASaWZADBAaaWYADBACa
XxgwDQYJKoZIhvcNAQELBQADggEBAMF/MwQRyK93MPtSIzt7pRiAs9HY2LODoh9K
ZG/R5dGQIMnz+1nKr9s6xaaQNkL6uLichscKVlQz2zizqsfBccSMJUroyJGdvYIi
eUO1gx0rfBpXn40uEkFLy7L/he7RmXBEadxTGPqSpIMNVYqAoL/fMMXrosTjqjt2
b5xe2Rm7VI1UC6cgl/IGO3VATo4s8mRCazuweGIPxEwqmGMnXh/2DMqd0fQfVZ1E
fYmplX6cUZlyRzB5tkUU9+6bz2ihrezv/KcqIc2tW9SdbDfNh72vHSraZLQANm+j
7j3y/Z1NzSpcTH86U9Uh1wUD41wQ1rHTuVH4vawXc23hfzXavF8=
-----END CERTIFICATE-----
Generated at Sat Apr 18 10:24:36 2026 by rpki-client