Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/2AAAD8A238CA11F19CD45ACACE1D38B0.roa
File: 2AAAD8A238CA11F19CD45ACACE1D38B0.roa (raw, json)
Hash identifier: Gp+CzF1B76VDHPZLZeStotcOMrgXcHe9qSU+FJ673hk=
Subject key identifier: D0:FC:A4:97:99:D9:5D:8E:4A:DE:D6:26:29:1E:80:70:2F:4D:09:4A
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01C566
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/2AAAD8A238CA11F19CD45ACACE1D38B0.roa
Signing time: Wed 15 Apr 2026 12:53:58 +0000
ROA not before: Wed 15 Apr 2026 12:53:53 +0000
ROA not after: Mon 11 May 2026 12:53:53 +0000
asID: 137899
IP address blocks: 154.94.224.0/20 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 20 Apr 2026 00:08:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 116070 (0x1c566)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Apr 15 12:53:53 2026 GMT
Not After : May 11 12:53:53 2026 GMT
Subject: CN=69df8a66-e826
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:7c:5c:64:ab:99:51:e2:06:d9:5b:9f:9b:bf:
ff:52:4e:15:53:f6:94:77:71:9a:12:cf:c9:a9:54:
e8:bd:ec:a7:02:84:7d:53:3e:3d:2c:fb:1c:03:ba:
eb:ac:00:f5:2a:f9:93:60:da:21:1a:58:de:7e:02:
fd:1d:05:e9:b9:4f:1a:31:4e:98:d9:f5:e0:49:94:
10:a4:02:f5:f1:e0:c1:8d:81:fc:58:bf:61:5d:59:
67:0f:99:55:37:77:2b:25:97:f3:1a:7d:da:54:ae:
0d:ea:1a:10:2d:05:fa:cb:8a:a5:6d:91:59:c5:06:
b7:d2:b1:39:85:3d:5c:59:33:88:56:36:b6:2b:69:
5d:0b:b4:45:fe:44:80:d5:98:56:97:c6:8c:3d:13:
34:04:16:7e:ff:68:56:ae:38:ce:5a:32:ae:04:94:
4c:1d:63:96:b7:e2:3c:45:25:d9:6e:56:f6:34:8d:
23:97:a7:53:05:92:58:a1:28:52:60:97:12:95:07:
00:8c:b9:dc:49:fa:e0:5b:56:7f:fc:1a:18:85:39:
e2:02:c0:b5:f5:bf:b1:78:b9:f4:d2:a5:7b:ae:92:
8c:4f:58:32:b3:a3:39:f1:9f:c2:15:16:04:15:24:
0c:83:54:f0:0b:c9:aa:67:5e:0f:78:04:44:55:92:
c0:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:FC:A4:97:99:D9:5D:8E:4A:DE:D6:26:29:1E:80:70:2F:4D:09:4A
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/2AAAD8A238CA11F19CD45ACACE1D38B0.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.94.224.0/20
Signature Algorithm: sha256WithRSAEncryption
54:99:1a:b8:5f:84:10:29:f7:dd:64:0e:0b:46:7d:1c:86:48:
13:e0:f5:60:02:cd:72:21:8e:64:10:34:6a:af:2a:f8:f0:8a:
83:14:56:d9:f2:98:09:74:44:00:88:68:fc:b2:e5:1d:28:e1:
f6:3f:9d:c2:8a:da:6a:90:e6:8a:e8:3d:d7:69:f1:ae:05:8f:
2e:b3:86:07:c1:b1:54:af:fd:1b:f4:53:1e:0d:e8:17:dd:a8:
a1:cd:08:e1:e0:8a:99:0e:c6:72:03:5e:1d:4e:ec:46:48:77:
4c:07:27:55:35:f4:38:7f:5f:aa:c7:2a:86:5c:72:c5:b6:a8:
c8:ed:5c:d6:fd:2d:d0:3a:dc:e8:f6:3d:56:52:0d:8c:01:01:
04:60:50:bb:c0:e7:49:4f:58:eb:50:11:69:6a:8b:98:58:56:
e3:0b:21:50:0d:56:fc:d8:da:d3:64:1a:1c:60:e3:e1:a1:4e:
f4:de:df:9e:be:99:d5:5a:5d:6e:a8:dc:38:ca:a1:f6:44:7c:
48:39:f8:40:fc:1e:ad:7a:94:3a:23:70:74:5b:a8:72:6b:e4:
e6:1f:b3:00:4b:39:f4:3f:43:2d:bf:56:9d:27:5d:3f:29:05:
72:56:26:2c:e0:dc:60:97:27:17:08:09:44:b2:28:b3:37:46:
54:c7:5e:6d
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAcVmMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjYwNDE1MTI1MzUzWhcNMjYwNTExMTI1MzUzWjAYMRYw
FAYDVQQDEw02OWRmOGE2Ni1lODI2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAmnxcZKuZUeIG2Vufm7//Uk4VU/aUd3GaEs/JqVToveynAoR9Uz49LPsc
A7rrrAD1KvmTYNohGljefgL9HQXpuU8aMU6Y2fXgSZQQpAL18eDBjYH8WL9hXVln
D5lVN3crJZfzGn3aVK4N6hoQLQX6y4qlbZFZxQa30rE5hT1cWTOIVja2K2ldC7RF
/kSA1ZhWl8aMPRM0BBZ+/2hWrjjOWjKuBJRMHWOWt+I8RSXZblb2NI0jl6dTBZJY
oShSYJcSlQcAjLncSfrgW1Z//BoYhTniAsC19b+xeLn00qV7rpKMT1gys6M58Z/C
FRYEFSQMg1TwC8mqZ14PeAREVZLAAQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFND8
pJeZ2V2OSt7WJikegHAvTQlKMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8yQUFBRDhBMjM4Q0ExMUYxOUNENDVBQ0FDRTFEMzhCMC5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEml7gMA0GCSqGSIb3DQEB
CwUAA4IBAQBUmRq4X4QQKffdZA4LRn0chkgT4PVgAs1yIY5kEDRqryr48IqDFFbZ
8pgJdEQAiGj8suUdKOH2P53CitpqkOaK6D3XafGuBY8us4YHwbFUr/0b9FMeDegX
3aihzQjh4IqZDsZyA14dTuxGSHdMBydVNfQ4f1+qxyqGXHLFtqjI7VzW/S3QOtzo
9j1WUg2MAQEEYFC7wOdJT1jrUBFpaouYWFbjCyFQDVb82NrTZBocYOPhoU703t+e
vpnVWl1uqNw4yqH2RHxIOfhA/B6tepQ6I3B0W6hya+TmH7MASzn0P0Mtv1adJ10/
KQVyViYs4NxglycXCAlEsiizN0ZUx15t
-----END CERTIFICATE-----
Generated at Sat Apr 18 10:25:29 2026 by rpki-client