Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/1D291D6238C811F19D8513BECE1D38B0.roa
File: 1D291D6238C811F19D8513BECE1D38B0.roa (raw, json)
Hash identifier: QU3nGZt3jTS+K0gFHN+wyj3nlBrc2ZUf0CGf2oMbJHs=
Subject key identifier: A8:95:1B:1D:FD:57:7E:78:72:12:BD:84:EC:15:9F:87:E5:2F:8B:F1
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01C562
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/1D291D6238C811F19D8513BECE1D38B0.roa
Signing time: Wed 15 Apr 2026 12:39:16 +0000
ROA not before: Wed 15 Apr 2026 12:39:10 +0000
ROA not after: Mon 11 May 2026 12:39:10 +0000
asID: 40779
IP address blocks: 154.94.224.0/20 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 20 Apr 2026 00:08:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 116066 (0x1c562)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Apr 15 12:39:10 2026 GMT
Not After : May 11 12:39:10 2026 GMT
Subject: CN=69df86f4-83fb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:7c:4c:9f:91:a9:7b:ac:c7:38:c7:8b:c0:d9:
dd:e9:8e:46:06:18:1a:97:c8:16:c6:28:97:b6:67:
43:5d:65:17:8d:9e:38:cb:71:03:ed:76:ba:7c:0a:
49:57:c4:4c:7d:c5:92:e8:ac:e6:9a:6f:a0:52:a2:
e8:84:04:c7:8b:ca:bd:ac:49:b0:8d:44:b5:b5:c7:
39:9a:63:e6:76:fb:16:89:16:3d:66:ac:2b:84:87:
54:9c:4a:96:f9:a3:97:4f:82:66:59:3f:ff:d3:bf:
ad:d5:0e:bd:fa:89:ca:59:d7:cf:e1:35:69:fb:c3:
4d:27:0f:e3:ec:de:01:f9:14:ab:5b:9a:df:b7:05:
76:44:e4:98:5d:25:2e:84:ae:af:bb:6c:cc:a0:40:
6b:89:4a:26:12:3b:0c:db:fc:05:e2:64:33:37:9b:
c1:2f:7a:9d:ad:df:8e:d6:4c:c6:4f:99:59:55:46:
9b:23:97:72:8f:08:ff:5c:34:fb:b6:4c:04:e4:58:
a7:e7:c0:3d:d1:e2:2c:55:ed:35:21:9b:57:f7:58:
b3:b6:d7:21:83:8f:9d:91:af:a5:af:1b:2c:ca:5d:
fe:9c:96:54:76:4b:79:e3:af:66:70:d4:9c:43:fb:
74:da:22:3a:33:09:9d:b4:a2:9b:91:cd:ca:0c:f8:
62:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:95:1B:1D:FD:57:7E:78:72:12:BD:84:EC:15:9F:87:E5:2F:8B:F1
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/1D291D6238C811F19D8513BECE1D38B0.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.94.224.0/20
Signature Algorithm: sha256WithRSAEncryption
7c:87:78:dd:c0:0e:1a:98:7b:66:ac:35:02:73:40:2f:95:a6:
84:eb:40:83:86:a7:29:32:fe:09:ae:ca:ac:e8:0b:d4:4b:3a:
15:3f:ed:39:d0:d4:90:ce:56:67:88:60:44:68:23:67:55:9f:
3f:08:c7:9c:4a:b6:2d:48:c8:31:5b:11:89:47:a6:0a:12:05:
e9:4a:05:7e:c5:5f:ed:d3:5b:47:9f:88:38:41:55:6e:a4:d0:
ab:af:a8:54:b5:bc:64:b5:7c:a4:34:75:ca:7d:09:ca:c0:ac:
b0:86:cb:61:04:c3:e0:f2:f7:3b:84:15:e1:14:87:2d:0c:75:
1c:5e:94:4a:86:64:99:35:49:ab:2a:b2:bc:45:bd:77:48:78:
e2:c3:82:7d:aa:fe:69:84:92:b9:bc:d9:ea:87:ae:d2:6a:68:
f0:57:94:06:2f:b6:39:2a:52:c9:31:c5:cd:bc:7e:9e:62:8a:
5a:d1:0e:62:50:d5:e3:36:6f:05:8b:79:c7:fc:6c:f7:fb:b8:
39:3d:18:e4:bc:aa:f4:e0:2e:7f:f1:95:20:78:23:15:06:26:
ee:39:72:94:9a:f3:24:ff:7d:5b:6b:ba:65:d3:46:7d:20:db:
8b:fd:65:22:17:c8:73:2c:a1:ed:b5:f5:f7:fe:3d:de:21:e3:
cb:a5:63:e7
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAcViMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjYwNDE1MTIzOTEwWhcNMjYwNTExMTIzOTEwWjAYMRYw
FAYDVQQDEw02OWRmODZmNC04M2ZiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAoHxMn5Gpe6zHOMeLwNnd6Y5GBhgal8gWxiiXtmdDXWUXjZ44y3ED7Xa6
fApJV8RMfcWS6Kzmmm+gUqLohATHi8q9rEmwjUS1tcc5mmPmdvsWiRY9ZqwrhIdU
nEqW+aOXT4JmWT//07+t1Q69+onKWdfP4TVp+8NNJw/j7N4B+RSrW5rftwV2ROSY
XSUuhK6vu2zMoEBriUomEjsM2/wF4mQzN5vBL3qdrd+O1kzGT5lZVUabI5dyjwj/
XDT7tkwE5Fin58A90eIsVe01IZtX91izttchg4+dka+lrxssyl3+nJZUdkt5469m
cNScQ/t02iI6MwmdtKKbkc3KDPhi9QIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFKiV
Gx39V354chK9hOwVn4flL4vxMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8xRDI5MUQ2MjM4QzgxMUYxOUQ4NTEzQkVDRTFEMzhCMC5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEml7gMA0GCSqGSIb3DQEB
CwUAA4IBAQB8h3jdwA4amHtmrDUCc0AvlaaE60CDhqcpMv4Jrsqs6AvUSzoVP+05
0NSQzlZniGBEaCNnVZ8/CMecSrYtSMgxWxGJR6YKEgXpSgV+xV/t01tHn4g4QVVu
pNCrr6hUtbxktXykNHXKfQnKwKywhsthBMPg8vc7hBXhFIctDHUcXpRKhmSZNUmr
KrK8Rb13SHjiw4J9qv5phJK5vNnqh67SamjwV5QGL7Y5KlLJMcXNvH6eYopa0Q5i
UNXjNm8Fi3nH/Gz3+7g5PRjkvKr04C5/8ZUgeCMVBibuOXKUmvMk/31ba7pl00Z9
INuL/WUiF8hzLKHttfX3/j3eIePLpWPn
-----END CERTIFICATE-----
Generated at Sat Apr 18 10:25:38 2026 by rpki-client