Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/32D6617A38D111F19C4D2CF3CE1D38B0.roa
File: 32D6617A38D111F19C4D2CF3CE1D38B0.roa (raw, json)
Hash identifier: o4om9xAYfbnrLhqnxcgX93jE8udENfrYIE5aOH9KJak=
Subject key identifier: C5:CD:72:77:FF:3F:81:50:ED:CE:FC:5D:AB:12:50:31:5E:26:DF:2B
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01C56A
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/32D6617A38D111F19C4D2CF3CE1D38B0.roa
Signing time: Wed 15 Apr 2026 13:44:18 +0000
ROA not before: Wed 15 Apr 2026 13:44:13 +0000
ROA not after: Thu 30 Apr 2026 13:44:13 +0000
asID: 32043
IP address blocks: 154.95.6.0/23 maxlen: 24
154.95.8.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 20 Apr 2026 00:08:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 116074 (0x1c56a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Apr 15 13:44:13 2026 GMT
Not After : Apr 30 13:44:13 2026 GMT
Subject: CN=69df9632-c6bc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:9b:d7:ad:54:09:89:b2:ae:d8:91:4b:65:0e:
26:ad:6e:f8:7c:a4:9d:12:83:a8:39:80:a0:d5:ce:
b2:91:64:38:ba:da:1a:df:ce:81:af:c6:2d:a1:0c:
3d:ae:e1:0b:ac:de:4a:c2:e8:c9:67:4f:eb:b4:dc:
48:cd:81:f0:36:4e:c8:46:f7:6e:d7:3d:80:a2:34:
ec:b9:52:aa:a5:56:1c:19:9a:db:a2:a4:4f:1a:38:
c9:40:67:5b:44:c5:88:26:62:07:ba:9a:d0:5d:2b:
04:47:34:6f:16:10:26:16:c1:53:c3:cb:22:84:46:
20:1b:0a:6b:61:89:f4:6f:dd:f3:b1:27:fc:8f:76:
1e:34:91:51:b7:1f:99:ff:9d:fa:d1:47:eb:a3:c6:
ea:a8:18:03:c3:3a:68:c4:1e:d1:51:56:52:39:b6:
93:ec:59:7f:fd:79:8b:40:7b:2f:50:04:b7:da:e4:
5d:22:9e:91:d0:7f:9a:c9:2f:7e:04:e5:27:a2:5c:
9d:d4:3a:07:dd:6d:26:f6:78:b7:9d:76:3d:fc:d9:
7b:63:a6:85:e5:49:4f:28:05:ae:1b:eb:82:40:6b:
a1:9c:39:b6:6b:d2:12:95:c7:53:ff:61:51:bb:05:
49:0f:c0:ab:79:67:6f:ba:1a:10:94:1c:10:cd:fc:
c5:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:CD:72:77:FF:3F:81:50:ED:CE:FC:5D:AB:12:50:31:5E:26:DF:2B
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/32D6617A38D111F19C4D2CF3CE1D38B0.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.95.6.0-154.95.9.255
Signature Algorithm: sha256WithRSAEncryption
41:41:57:32:d5:04:6a:36:a9:ae:6b:02:69:a0:d9:68:ac:43:
d5:f2:18:c7:f7:0c:b7:d0:46:b7:8a:70:4d:b9:0b:68:04:77:
3b:49:5f:f0:bf:99:1d:87:fd:b1:95:2e:a0:b9:93:fc:f1:e1:
58:2f:88:fe:bd:f3:3a:81:90:86:94:fd:db:72:03:62:51:6a:
f6:fa:72:af:b8:48:7d:f2:da:d0:fe:18:ee:c5:f4:82:f3:21:
08:7d:a1:a6:0f:de:40:f6:dc:79:e2:86:c8:68:e6:9d:07:17:
7e:10:8a:c5:e1:a3:3c:46:7b:5a:d4:88:c2:0c:79:de:bc:e9:
66:51:23:96:dd:18:5f:8d:7f:e8:4f:0f:d8:2b:7b:13:13:ed:
ef:97:61:ad:60:59:c6:0b:4b:51:fa:70:84:28:4b:71:d3:36:
da:81:b2:98:f8:a4:3e:25:1d:97:0e:b7:1c:ea:cd:58:ff:9a:
48:90:3b:ae:cd:20:c6:7b:82:b1:79:88:5a:24:16:2e:83:ab:
b7:a2:8c:9d:7e:07:a7:77:a3:e9:0f:94:87:32:58:a9:f2:48:
9b:6d:3d:2e:52:9c:2e:64:58:9a:8e:85:cb:e8:a5:ff:2c:09:
20:3f:ae:bb:be:d0:97:a9:c7:cf:7d:1d:bc:58:64:2a:fc:3c:
2d:93:8e:a9
-----BEGIN CERTIFICATE-----
MIIFjDCCBHSgAwIBAgIDAcVqMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjYwNDE1MTM0NDEzWhcNMjYwNDMwMTM0NDEzWjAYMRYw
FAYDVQQDEw02OWRmOTYzMi1jNmJjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAvJvXrVQJibKu2JFLZQ4mrW74fKSdEoOoOYCg1c6ykWQ4utoa386Br8Yt
oQw9ruELrN5KwujJZ0/rtNxIzYHwNk7IRvdu1z2AojTsuVKqpVYcGZrboqRPGjjJ
QGdbRMWIJmIHuprQXSsERzRvFhAmFsFTw8sihEYgGwprYYn0b93zsSf8j3YeNJFR
tx+Z/5360Ufro8bqqBgDwzpoxB7RUVZSObaT7Fl//XmLQHsvUAS32uRdIp6R0H+a
yS9+BOUnolyd1DoH3W0m9ni3nXY9/Nl7Y6aF5UlPKAWuG+uCQGuhnDm2a9ISlcdT
/2FRuwVJD8CreWdvuhoQlBwQzfzF6wIDAQABo4ICrTCCAqkwHQYDVR0OBBYEFMXN
cnf/P4FQ7c78XasSUDFeJt8rMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8zMkQ2NjE3QTM4RDExMUYxOUM0RDJDRjNDRTFEMzhCMC5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAGaXwYDBAGaXwgwDQYJ
KoZIhvcNAQELBQADggEBAEFBVzLVBGo2qa5rAmmg2WisQ9XyGMf3DLfQRreKcE25
C2gEdztJX/C/mR2H/bGVLqC5k/zx4VgviP698zqBkIaU/dtyA2JRavb6cq+4SH3y
2tD+GO7F9ILzIQh9oaYP3kD23Hnihsho5p0HF34QisXhozxGe1rUiMIMed686WZR
I5bdGF+Nf+hPD9grexMT7e+XYa1gWcYLS1H6cIQoS3HTNtqBspj4pD4lHZcOtxzq
zVj/mkiQO67NIMZ7grF5iFokFi6Dq7eijJ1+B6d3o+kPlIcyWKnySJttPS5SnC5k
WJqOhcvopf8sCSA/rru+0Jepx899HbxYZCr8PC2Tjqk=
-----END CERTIFICATE-----
Generated at Sat Apr 18 10:25:20 2026 by rpki-client