Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/388793D83A5611F1A9D28BBECE1D38B0.roa
File: 388793D83A5611F1A9D28BBECE1D38B0.roa (raw, json)
Hash identifier: fYXU8utiMd1FLsmIYQ4wcyCkC/s656NHmUqIlVviWtQ=
Subject key identifier: 3B:CB:EA:73:EB:84:B9:CB:3D:01:25:A7:5F:94:0E:87:D3:14:C7:D6
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01C5C9
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/388793D83A5611F1A9D28BBECE1D38B0.roa
Signing time: Fri 17 Apr 2026 12:09:02 +0000
ROA not before: Fri 17 Apr 2026 12:08:57 +0000
ROA not after: Sun 24 May 2026 12:08:57 +0000
asID: 395886
IP address blocks: 154.89.144.0/20 maxlen: 24
154.89.160.0/19 maxlen: 24
154.89.192.0/20 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 20 Apr 2026 00:08:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 116169 (0x1c5c9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Apr 17 12:08:57 2026 GMT
Not After : May 24 12:08:57 2026 GMT
Subject: CN=69e222de-5c86
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:7d:78:32:a6:c0:d2:d5:4e:f5:4d:2b:8c:1b:
35:f0:04:42:f7:65:a0:30:b3:5d:57:7b:a9:5c:99:
9e:25:b0:08:01:69:28:d5:2d:79:33:68:a8:b3:b1:
5e:bd:b8:8b:a8:14:80:e1:29:09:79:71:df:0e:c8:
1d:c8:be:2c:48:05:75:37:1e:b3:33:36:b2:d6:0b:
9f:2b:17:c7:88:ae:3e:cf:3f:0e:ac:84:6f:15:7f:
35:7e:a4:73:52:8c:83:07:03:89:e3:c0:3b:fd:79:
f1:b2:aa:85:09:a0:90:f6:a4:2a:39:f9:37:5c:82:
ec:5d:40:30:d3:27:32:ee:2f:c9:05:34:4f:98:89:
9e:62:75:fb:b8:06:e3:22:e9:ca:c1:f3:e1:72:af:
8a:7a:b2:72:4b:97:89:b1:4f:36:70:e2:40:dc:8e:
c5:9a:35:0c:ed:a8:ff:2a:0e:a2:c5:b4:41:af:fe:
c9:3a:78:82:7c:4f:7b:f1:4c:67:be:3f:c5:59:02:
ac:21:0f:9a:5a:5c:c6:92:71:83:0a:7d:f7:1e:c3:
39:3b:70:c6:1e:d1:f0:12:e3:1e:38:8c:d2:44:c6:
10:b9:26:b0:16:1e:f7:9a:7c:1f:a7:74:a8:d5:7e:
83:b8:a7:d2:99:5e:90:5f:36:96:c2:77:fb:55:8c:
f4:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:CB:EA:73:EB:84:B9:CB:3D:01:25:A7:5F:94:0E:87:D3:14:C7:D6
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/388793D83A5611F1A9D28BBECE1D38B0.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.89.144.0-154.89.207.255
Signature Algorithm: sha256WithRSAEncryption
9d:a2:a7:86:ed:a7:b2:f7:25:da:02:4e:0a:69:8e:54:db:46:
56:4c:c9:fe:69:ed:69:fa:f7:59:2f:02:f5:80:28:d6:47:a5:
03:71:74:41:10:7c:95:be:aa:59:1e:84:32:7e:f4:6d:d7:ac:
5a:27:ad:8a:b5:4d:95:19:c8:ae:01:22:cb:ce:e0:0e:9d:53:
8a:73:0a:c0:4f:16:0d:76:52:d9:41:6f:bb:66:88:04:fe:b2:
61:70:fc:bf:cc:9a:db:0b:a3:99:6b:b0:93:68:ee:ee:68:54:
4c:fb:8f:7c:d3:5a:02:02:ff:d1:f6:0b:6b:ac:8b:e8:06:cd:
f6:9c:76:5c:80:10:95:ea:ae:6a:60:29:63:8e:5a:f0:4c:c2:
2c:40:09:8b:27:38:7b:8f:7d:43:2d:2f:2c:34:a9:37:12:a3:
54:4a:eb:f5:1f:b0:32:04:06:f5:3e:aa:8e:42:a9:f9:18:fe:
2d:21:31:2a:a9:e9:55:a7:c9:53:1b:9c:66:68:b4:45:96:6d:
32:97:95:eb:fc:26:d2:99:ec:4f:e6:ba:b3:d6:0e:df:cd:b5:
64:b3:f4:cb:88:d2:66:28:af:e0:df:47:26:6c:83:30:71:56:
e6:8e:50:d2:90:16:b5:d1:2c:70:9a:3a:d5:ca:50:29:76:5a:
56:d9:f3:1e
-----BEGIN CERTIFICATE-----
MIIFjDCCBHSgAwIBAgIDAcXJMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjYwNDE3MTIwODU3WhcNMjYwNTI0MTIwODU3WjAYMRYw
FAYDVQQDEw02OWUyMjJkZS01Yzg2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAnH14MqbA0tVO9U0rjBs18ARC92WgMLNdV3upXJmeJbAIAWko1S15M2io
s7FevbiLqBSA4SkJeXHfDsgdyL4sSAV1Nx6zMzay1gufKxfHiK4+zz8OrIRvFX81
fqRzUoyDBwOJ48A7/XnxsqqFCaCQ9qQqOfk3XILsXUAw0ycy7i/JBTRPmImeYnX7
uAbjIunKwfPhcq+KerJyS5eJsU82cOJA3I7FmjUM7aj/Kg6ixbRBr/7JOniCfE97
8Uxnvj/FWQKsIQ+aWlzGknGDCn33HsM5O3DGHtHwEuMeOIzSRMYQuSawFh73mnwf
p3So1X6DuKfSmV6QXzaWwnf7VYz03wIDAQABo4ICrTCCAqkwHQYDVR0OBBYEFDvL
6nPrhLnLPQElp1+UDofTFMfWMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8zODg3OTNEODNBNTYxMUYxQTlEMjhCQkVDRTFEMzhCMC5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBASaWZADBASaWcAwDQYJ
KoZIhvcNAQELBQADggEBAJ2ip4btp7L3JdoCTgppjlTbRlZMyf5p7Wn691kvAvWA
KNZHpQNxdEEQfJW+qlkehDJ+9G3XrFonrYq1TZUZyK4BIsvO4A6dU4pzCsBPFg12
UtlBb7tmiAT+smFw/L/MmtsLo5lrsJNo7u5oVEz7j3zTWgIC/9H2C2usi+gGzfac
dlyAEJXqrmpgKWOOWvBMwixACYsnOHuPfUMtLyw0qTcSo1RK6/UfsDIEBvU+qo5C
qfkY/i0hMSqp6VWnyVMbnGZotEWWbTKXlev8JtKZ7E/murPWDt/NtWSz9MuI0mYo
r+DfRyZsgzBxVuaOUNKQFrXRLHCaOtXKUCl2WlbZ8x4=
-----END CERTIFICATE-----
Generated at Sat Apr 18 10:26:42 2026 by rpki-client