Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/20C996942EC911F1B84B1CCADAE4EC9C.roa
File: 20C996942EC911F1B84B1CCADAE4EC9C.roa (raw, json)
Hash identifier: tgk3AWxj/MtDHw5gb9DDNQszmaVxPuUY+XSe+suU8ss=
Subject key identifier: B1:30:B4:2B:88:99:4F:A0:7C:80:41:DB:05:05:ED:BE:9E:88:ED:AB
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01C277
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/20C996942EC911F1B84B1CCADAE4EC9C.roa
Signing time: Thu 02 Apr 2026 19:21:20 +0000
ROA not before: Thu 02 Apr 2026 19:21:16 +0000
ROA not after: Wed 06 May 2026 19:21:16 +0000
asID: 49505
IP address blocks: 154.211.17.0/24 maxlen: 24
154.211.18.0/24 maxlen: 24
154.211.19.0/24 maxlen: 24
154.212.28.0/24 maxlen: 24
154.212.29.0/24 maxlen: 24
154.212.30.0/24 maxlen: 24
154.212.31.0/24 maxlen: 24
154.213.0.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 20 Apr 2026 00:08:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 115319 (0x1c277)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Apr 2 19:21:16 2026 GMT
Not After : May 6 19:21:16 2026 GMT
Subject: CN=69cec1b0-db41
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:73:11:c9:0e:a9:46:ec:65:9a:a9:3b:7f:0c:
4e:6c:61:be:34:7b:ed:16:89:07:fb:c2:90:f6:99:
47:78:7a:34:b6:cd:f0:a6:40:dc:e4:fd:1d:db:3e:
02:b5:0d:16:95:0e:e8:b5:c5:b8:eb:95:c0:dd:fb:
d2:ba:5f:a8:58:23:a6:bf:6e:e5:96:51:54:34:51:
17:1b:e7:3b:03:39:ec:2e:8f:0a:57:e0:87:9c:37:
3b:b4:15:53:9a:6d:d1:68:b3:85:ce:d2:a4:f4:42:
68:88:c6:6b:90:41:e8:3a:6a:da:e8:4f:7a:a3:26:
e7:79:1b:6c:40:e5:47:21:8b:75:41:1c:5a:50:2f:
08:04:46:de:44:66:12:25:66:ce:46:4b:10:ac:6f:
26:67:e2:f6:b2:f6:62:e4:de:33:79:f2:c0:e1:f9:
ac:32:bd:b2:dd:14:d3:e2:7f:38:f4:46:3f:fe:7b:
4d:ca:68:9e:6b:3d:5b:d9:8f:8d:3c:a3:bf:b7:8b:
95:8c:de:5b:c4:10:6f:65:48:7c:8a:b0:99:fa:18:
5a:43:41:b3:e2:f0:91:64:9a:17:49:a7:76:f0:e1:
7d:6d:51:5a:28:0a:10:bb:c2:29:14:30:4a:1a:4d:
9d:5d:66:88:ec:9e:9d:2d:91:62:c4:3e:64:ab:1b:
ea:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:30:B4:2B:88:99:4F:A0:7C:80:41:DB:05:05:ED:BE:9E:88:ED:AB
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/20C996942EC911F1B84B1CCADAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.211.17.0-154.211.19.255
154.212.28.0/22
154.213.0.0/24
Signature Algorithm: sha256WithRSAEncryption
01:be:82:b6:54:f5:61:8a:c7:10:38:c2:72:9a:d9:92:77:7c:
c3:5e:57:55:db:64:4a:87:16:71:f0:83:ee:14:d0:7e:4a:f2:
65:29:b9:cd:db:10:02:3c:ec:30:ec:06:ff:69:10:6e:7f:83:
ac:2f:01:ed:f8:7a:de:73:77:10:21:3f:ff:71:c4:dd:54:16:
79:79:7b:86:60:b0:59:25:11:6c:89:1c:ba:9f:6f:9c:84:7c:
00:49:f3:b6:b4:ea:27:bb:4f:09:74:46:ad:e5:df:b4:1a:d5:
0f:8d:c9:3c:33:a6:a8:54:b4:21:0d:46:a2:bf:1e:ea:b7:be:
82:93:ed:8b:5d:05:2b:c1:3c:af:2c:1b:bf:ed:24:79:6e:02:
58:0b:29:f0:6e:e3:63:8d:f9:9a:ca:84:f9:75:cd:48:48:74:
a6:d8:90:1d:86:58:3c:8a:c1:27:83:49:37:91:a9:0c:1e:e6:
6f:e1:a1:ad:99:28:ad:77:43:ae:4e:5f:cf:7f:0c:57:3e:63:
a7:98:b6:41:7f:75:93:4e:42:a6:f7:7a:d2:c1:89:d3:02:16:
55:d0:db:50:3a:0a:ee:87:57:52:df:a5:f3:a9:54:88:b4:1a:
3a:5a:49:a8:44:82:96:18:87:d2:41:fb:cf:76:9f:b5:41:92:
eb:8b:6b:39
-----BEGIN CERTIFICATE-----
MIIFmDCCBICgAwIBAgIDAcJ3MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjYwNDAyMTkyMTE2WhcNMjYwNTA2MTkyMTE2WjAYMRYw
FAYDVQQDEw02OWNlYzFiMC1kYjQxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAx3MRyQ6pRuxlmqk7fwxObGG+NHvtFokH+8KQ9plHeHo0ts3wpkDc5P0d
2z4CtQ0WlQ7otcW465XA3fvSul+oWCOmv27lllFUNFEXG+c7AznsLo8KV+CHnDc7
tBVTmm3RaLOFztKk9EJoiMZrkEHoOmra6E96oybneRtsQOVHIYt1QRxaUC8IBEbe
RGYSJWbORksQrG8mZ+L2svZi5N4zefLA4fmsMr2y3RTT4n849EY//ntNymieaz1b
2Y+NPKO/t4uVjN5bxBBvZUh8irCZ+hhaQ0Gz4vCRZJoXSad28OF9bVFaKAoQu8Ip
FDBKGk2dXWaI7J6dLZFixD5kqxvq2QIDAQABo4ICuTCCArUwHQYDVR0OBBYEFLEw
tCuImU+gfIBB2wUF7b6eiO2rMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8yMEM5OTY5NDJFQzkxMUYxQjg0QjFDQ0FEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBACa0xEDBAKa0xADBAKa
1BwDBACa1QAwDQYJKoZIhvcNAQELBQADggEBAAG+grZU9WGKxxA4wnKa2ZJ3fMNe
V1XbZEqHFnHwg+4U0H5K8mUpuc3bEAI87DDsBv9pEG5/g6wvAe34et5zdxAhP/9x
xN1UFnl5e4ZgsFklEWyJHLqfb5yEfABJ87a06ie7Twl0Rq3l37Qa1Q+NyTwzpqhU
tCENRqK/Huq3voKT7YtdBSvBPK8sG7/tJHluAlgLKfBu42ON+ZrKhPl1zUhIdKbY
kB2GWDyKwSeDSTeRqQwe5m/hoa2ZKK13Q65OX89/DFc+Y6eYtkF/dZNOQqb3etLB
idMCFlXQ21A6Cu6HV1LfpfOpVIi0GjpaSahEgpYYh9JB+892n7VBkuuLazk=
-----END CERTIFICATE-----
Generated at Sat Apr 18 10:25:19 2026 by rpki-client