Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/220817742E8811F1AB8F4AD7DAE4EC9C.roa
File: 220817742E8811F1AB8F4AD7DAE4EC9C.roa (raw, json)
Hash identifier: 8aWWu5DVVmp+ay7uPx4HXD+zeTLT9L5aQTVSjCWYXN4=
Subject key identifier: 71:02:7C:C2:15:D6:F6:7B:F2:42:59:75:C5:57:6E:92:C2:A1:7B:ED
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01C247
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/220817742E8811F1AB8F4AD7DAE4EC9C.roa
Signing time: Thu 02 Apr 2026 11:36:05 +0000
ROA not before: Thu 02 Apr 2026 11:36:00 +0000
ROA not after: Wed 06 May 2026 11:36:00 +0000
asID: 214238
IP address blocks: 154.219.23.0/24 maxlen: 24
154.219.25.0/24 maxlen: 24
154.219.30.0/24 maxlen: 24
154.219.31.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 19 Apr 2026 00:07:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 115271 (0x1c247)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Apr 2 11:36:00 2026 GMT
Not After : May 6 11:36:00 2026 GMT
Subject: CN=69ce54a5-32b3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:dc:d4:d3:ce:cf:f4:c8:06:ec:57:03:94:84:
d4:c5:0b:ce:db:ad:36:fe:0c:f9:c8:a8:f7:b3:9c:
49:93:be:69:25:00:12:97:7e:7e:48:b9:01:85:fd:
20:5d:96:c4:df:b6:fe:02:fe:39:47:d9:84:fd:92:
aa:15:0e:70:12:71:81:a9:ce:fa:f7:7f:29:65:93:
0d:3b:48:78:f3:bc:8e:07:a7:9a:98:3f:74:04:07:
ed:3c:03:81:02:fb:3d:ea:be:a0:f4:e6:dc:f6:7b:
dc:92:1e:3e:b6:10:46:c4:c0:d7:59:38:0f:e3:c4:
fb:e8:d5:2b:3f:c7:36:3c:2a:5c:0b:1f:6f:32:70:
91:60:7a:ea:f3:a2:95:99:9a:4a:70:bf:c0:2b:40:
ea:fa:c1:e3:7e:a2:76:62:e4:1b:3c:4f:75:e9:6b:
c3:ed:e3:24:82:7d:6a:1c:9d:4d:26:35:c1:58:85:
ed:33:9f:cc:84:32:5b:ef:bf:ec:4b:d2:3b:59:92:
5d:f6:81:40:84:9c:74:1b:7f:0c:cd:db:30:81:03:
c6:46:86:ca:6f:18:42:b2:f1:f3:91:6d:8e:c0:8b:
65:11:c0:b7:21:44:b5:d3:d0:35:f0:95:fa:0c:a2:
d0:65:56:3b:1e:2f:5a:49:d3:3c:da:8d:36:15:38:
10:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:02:7C:C2:15:D6:F6:7B:F2:42:59:75:C5:57:6E:92:C2:A1:7B:ED
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/220817742E8811F1AB8F4AD7DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.219.23.0/24
154.219.25.0/24
154.219.30.0/23
Signature Algorithm: sha256WithRSAEncryption
ba:a2:eb:2c:2c:5c:d2:ae:04:06:ff:10:f8:85:f0:ea:87:4e:
a1:d1:58:16:df:2c:9d:09:38:ae:7b:5a:e6:ea:a9:14:f3:29:
6f:12:6b:56:27:26:7d:48:1e:c7:ec:90:65:c1:00:64:02:0e:
ab:30:53:da:a9:72:09:c9:12:83:e0:eb:d6:a2:2a:78:39:14:
f0:89:5d:c4:b5:22:e2:d3:f6:c6:29:f6:6e:34:d9:f5:88:f5:
ee:40:dc:df:7b:1b:82:3b:8e:ca:92:4b:ab:80:14:48:fc:49:
f3:2e:ae:6a:3e:8f:f6:f9:bf:fc:f4:fd:91:93:56:35:5f:2c:
8a:63:fb:be:6a:bc:26:ba:4f:93:ed:84:6d:88:05:80:43:6f:
53:7e:2c:52:09:88:0e:9b:c0:e6:59:3f:ea:10:ca:e3:9b:aa:
b1:a5:82:f6:b3:dd:dd:f3:36:5c:c0:77:88:5e:cc:c6:dd:e6:
b8:e6:df:55:04:cc:c0:a4:83:69:73:e3:2b:d3:f0:b1:6c:e0:
43:a0:4b:47:82:3c:a9:31:45:bf:e7:4c:d0:d8:2c:38:d0:1b:
f3:ed:f8:48:89:b3:54:13:1f:1a:94:c3:b5:fc:0a:9b:cb:81:
c6:da:56:d5:e6:9c:72:f5:2b:36:2e:55:cf:f0:61:c9:e6:c6:
e2:72:6f:c4
-----BEGIN CERTIFICATE-----
MIIFkDCCBHigAwIBAgIDAcJHMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjYwNDAyMTEzNjAwWhcNMjYwNTA2MTEzNjAwWjAYMRYw
FAYDVQQDEw02OWNlNTRhNS0zMmIzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA5NzU087P9MgG7FcDlITUxQvO2602/gz5yKj3s5xJk75pJQASl35+SLkB
hf0gXZbE37b+Av45R9mE/ZKqFQ5wEnGBqc76938pZZMNO0h487yOB6eamD90BAft
PAOBAvs96r6g9Obc9nvckh4+thBGxMDXWTgP48T76NUrP8c2PCpcCx9vMnCRYHrq
86KVmZpKcL/AK0Dq+sHjfqJ2YuQbPE916WvD7eMkgn1qHJ1NJjXBWIXtM5/MhDJb
77/sS9I7WZJd9oFAhJx0G38MzdswgQPGRobKbxhCsvHzkW2OwItlEcC3IUS109A1
8JX6DKLQZVY7Hi9aSdM82o02FTgQowIDAQABo4ICsTCCAq0wHQYDVR0OBBYEFHEC
fMIV1vZ78kJZdcVXbpLCoXvtMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8yMjA4MTc3NDJFODgxMUYxQUI4RjRBRDdEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAmtsXAwQAmtsZAwQBmtse
MA0GCSqGSIb3DQEBCwUAA4IBAQC6oussLFzSrgQG/xD4hfDqh06h0VgW3yydCTiu
e1rm6qkU8ylvEmtWJyZ9SB7H7JBlwQBkAg6rMFPaqXIJyRKD4OvWoip4ORTwiV3E
tSLi0/bGKfZuNNn1iPXuQNzfexuCO47KkkurgBRI/EnzLq5qPo/2+b/89P2Rk1Y1
XyyKY/u+arwmuk+T7YRtiAWAQ29TfixSCYgOm8DmWT/qEMrjm6qxpYL2s93d8zZc
wHeIXszG3ea45t9VBMzApINpc+Mr0/CxbOBDoEtHgjypMUW/50zQ2Cw40Bvz7fhI
ibNUEx8alMO1/Aqby4HG2lbV5pxy9Ss2LlXP8GHJ5sbicm/E
-----END CERTIFICATE-----
Generated at Fri Apr 17 04:00:14 2026 by rpki-client