Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/218EB04C2F3111F19804CAB8DAE4EC9C.roa
File: 218EB04C2F3111F19804CAB8DAE4EC9C.roa (raw, json)
Hash identifier: xB9F58mb9whiE7JkaF6RUJJIiQQ7D2rEXMtFGXTToDw=
Subject key identifier: 47:C8:12:C4:54:BD:E7:A7:69:93:09:45:F9:25:2B:3A:EA:F2:1E:17
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01C29E
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/218EB04C2F3111F19804CAB8DAE4EC9C.roa
Signing time: Fri 03 Apr 2026 07:45:49 +0000
ROA not before: Fri 03 Apr 2026 07:45:44 +0000
ROA not after: Tue 12 May 2026 07:45:44 +0000
asID: 212042
IP address blocks: 154.83.136.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 19 Apr 2026 00:07:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 115358 (0x1c29e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Apr 3 07:45:44 2026 GMT
Not After : May 12 07:45:44 2026 GMT
Subject: CN=69cf702d-5d17
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:00:1d:06:2c:3a:22:22:50:a5:f9:04:0a:f9:
af:54:94:1a:bc:1f:61:da:35:f7:38:ac:72:9c:d9:
74:33:af:33:52:48:e9:c1:95:58:51:be:9d:0d:d1:
e3:43:be:1e:e7:50:ec:57:02:39:93:d2:d9:51:69:
b5:7f:e8:cb:1a:51:13:94:da:70:81:ae:33:67:95:
59:19:ba:cc:bf:1e:b2:1a:36:d8:8d:df:5b:4e:5b:
8f:e4:ae:63:01:2f:8c:8d:a4:51:09:34:45:90:cd:
11:79:26:f1:1c:e0:ea:bd:07:24:96:66:7d:1d:37:
9e:a9:c4:3d:18:96:c0:3f:32:4d:a3:b3:9c:d0:7d:
45:dc:2a:86:2b:98:76:83:f1:35:2e:88:39:63:8f:
e4:db:cc:ec:df:bf:0c:ec:9d:de:07:e5:2c:f4:30:
0b:c1:77:9f:83:5e:dd:36:c7:1f:7d:89:f6:9f:3b:
5f:81:fd:7a:1a:d0:cd:45:1c:61:bd:87:d6:df:04:
74:b2:ea:9e:39:85:1e:04:d5:f0:e5:6f:aa:53:24:
f3:6c:cd:d9:d5:c5:6c:ca:0e:c3:db:6b:6f:f0:1a:
ef:1b:75:19:88:13:3d:bd:57:0b:9f:ce:1a:83:18:
10:69:1d:28:f7:f7:47:b8:d2:2a:11:66:1f:32:49:
1c:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:C8:12:C4:54:BD:E7:A7:69:93:09:45:F9:25:2B:3A:EA:F2:1E:17
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/218EB04C2F3111F19804CAB8DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.83.136.0/24
Signature Algorithm: sha256WithRSAEncryption
39:19:4f:06:f9:ef:18:eb:de:9c:37:ab:1d:c1:dc:2a:8a:ea:
30:f5:ab:a8:1a:dc:92:aa:87:7a:89:8b:ed:ab:eb:c4:a5:c6:
74:e1:e8:65:21:83:6a:13:bf:2e:88:6b:c2:e4:d0:4a:f6:7c:
23:7d:40:d0:75:f2:16:e8:84:2f:4b:50:1b:23:02:46:2f:85:
b9:7a:be:47:fb:c8:11:c8:ac:69:31:2e:f9:88:5c:72:25:51:
1f:f8:2a:fa:65:90:1b:41:20:21:ff:eb:8d:1b:65:74:71:19:
fa:82:6a:91:ee:b5:03:be:ae:e2:ca:db:32:00:1f:62:23:7f:
98:a1:48:1c:11:ad:5a:c4:50:77:e6:64:52:2a:28:9e:13:be:
46:d2:f1:af:39:03:b3:10:10:80:f0:8c:e1:61:e9:10:96:49:
58:0b:2a:82:b7:5d:bd:96:40:8f:09:dc:47:76:d3:5d:34:49:
11:49:d9:95:39:77:8e:d4:9d:7f:2e:6e:4a:e0:a1:e3:b2:5a:
6d:d5:bd:32:80:44:26:00:6c:1c:aa:ae:c5:a3:15:4c:b5:ae:
95:89:07:5c:1f:e5:7a:b7:7e:cf:26:65:b7:b9:9e:da:ef:99:
ee:e6:09:0a:1c:86:1a:17:4b:fb:3a:df:05:e6:2a:fe:6d:c3:
e5:41:db:68
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAcKeMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjYwNDAzMDc0NTQ0WhcNMjYwNTEyMDc0NTQ0WjAYMRYw
FAYDVQQDEw02OWNmNzAyZC01ZDE3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAvwAdBiw6IiJQpfkECvmvVJQavB9h2jX3OKxynNl0M68zUkjpwZVYUb6d
DdHjQ74e51DsVwI5k9LZUWm1f+jLGlETlNpwga4zZ5VZGbrMvx6yGjbYjd9bTluP
5K5jAS+MjaRRCTRFkM0ReSbxHODqvQcklmZ9HTeeqcQ9GJbAPzJNo7Oc0H1F3CqG
K5h2g/E1Log5Y4/k28zs378M7J3eB+Us9DALwXefg17dNscffYn2nztfgf16GtDN
RRxhvYfW3wR0suqeOYUeBNXw5W+qUyTzbM3Z1cVsyg7D22tv8BrvG3UZiBM9vVcL
n84agxgQaR0o9/dHuNIqEWYfMkkcfwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFEfI
EsRUveenaZMJRfklKzrq8h4XMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8yMThFQjA0QzJGMzExMUYxOTgwNENBQjhEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmlOIMA0GCSqGSIb3DQEB
CwUAA4IBAQA5GU8G+e8Y696cN6sdwdwqiuow9auoGtySqod6iYvtq+vEpcZ04ehl
IYNqE78uiGvC5NBK9nwjfUDQdfIW6IQvS1AbIwJGL4W5er5H+8gRyKxpMS75iFxy
JVEf+Cr6ZZAbQSAh/+uNG2V0cRn6gmqR7rUDvq7iytsyAB9iI3+YoUgcEa1axFB3
5mRSKiieE75G0vGvOQOzEBCA8IzhYekQlklYCyqCt129lkCPCdxHdtNdNEkRSdmV
OXeO1J1/Lm5K4KHjslpt1b0ygEQmAGwcqq7FoxVMta6ViQdcH+V6t37PJmW3uZ7a
75nu5gkKHIYaF0v7Ot8F5ir+bcPlQdto
-----END CERTIFICATE-----
Generated at Fri Apr 17 14:52:00 2026 by rpki-client