Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/3F1B6EE8397C11F1A2BEB80ACF1D38B0.roa
File: 3F1B6EE8397C11F1A2BEB80ACF1D38B0.roa (raw, json)
Hash identifier: wK4bCFx8WoDJlkdZvUMHczKwyW30NHphRzB2YVSI2Ec=
Subject key identifier: AE:52:C3:41:B2:2B:CC:0D:DC:1C:FA:95:A4:08:92:DE:8C:FF:F2:50
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01C591
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/3F1B6EE8397C11F1A2BEB80ACF1D38B0.roa
Signing time: Thu 16 Apr 2026 10:08:42 +0000
ROA not before: Thu 16 Apr 2026 10:08:38 +0000
ROA not after: Thu 30 Apr 2026 10:08:38 +0000
asID: 401783
IP address blocks: 154.193.2.0/24 maxlen: 24
154.193.35.0/24 maxlen: 24
154.194.195.0/24 maxlen: 24
154.196.134.0/24 maxlen: 24
154.196.160.0/24 maxlen: 24
154.196.179.0/24 maxlen: 24
154.196.180.0/24 maxlen: 24
154.199.4.0/24 maxlen: 24
154.200.1.0/24 maxlen: 24
154.200.26.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 19 Apr 2026 00:07:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 116113 (0x1c591)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Apr 16 10:08:38 2026 GMT
Not After : Apr 30 10:08:38 2026 GMT
Subject: CN=69e0b52a-e547
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:9a:94:09:cb:5b:84:ee:7c:2c:6d:77:25:d0:
c5:92:79:a5:45:96:1e:07:b6:8e:7e:b1:03:c6:38:
03:49:16:1c:35:ea:c5:c2:30:f0:05:91:37:84:e7:
67:71:f5:fd:0f:7c:30:57:24:95:c1:5e:da:ea:4b:
6f:0d:a3:62:d4:f1:a2:63:5f:fc:32:16:21:15:d4:
bc:f7:0f:16:59:2d:5a:e6:42:26:31:f4:f3:43:23:
a4:c1:b7:90:52:dd:22:11:7a:96:f4:94:e9:92:fb:
bc:27:42:35:4d:94:88:ca:32:ee:c3:e8:f4:e1:b6:
26:cb:b6:3e:89:bf:14:2c:c5:59:ed:ea:73:da:bf:
05:9f:f3:3d:e0:dd:76:4a:ce:42:64:b6:9f:a8:86:
66:13:e9:c3:34:46:90:4b:53:04:ce:96:21:1f:90:
77:9d:18:25:3c:19:98:f6:cd:b7:37:b8:d0:88:93:
29:89:68:2c:fd:4f:cd:f6:c9:28:51:ab:6b:df:54:
c8:aa:3e:45:e6:aa:7b:25:f5:83:6d:8d:53:36:ee:
77:42:27:25:7a:ac:b1:6f:3d:32:ef:8c:07:96:17:
74:45:2f:5a:bf:0d:3d:1f:6c:81:1b:f2:d0:17:12:
1c:8d:e1:dd:e9:a3:2a:16:a3:2d:28:86:16:9d:0b:
eb:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:52:C3:41:B2:2B:CC:0D:DC:1C:FA:95:A4:08:92:DE:8C:FF:F2:50
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/3F1B6EE8397C11F1A2BEB80ACF1D38B0.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.193.2.0/24
154.193.35.0/24
154.194.195.0/24
154.196.134.0/24
154.196.160.0/24
154.196.179.0-154.196.180.255
154.199.4.0/24
154.200.1.0/24
154.200.26.0/24
Signature Algorithm: sha256WithRSAEncryption
9e:bf:ee:72:a4:bc:d5:da:e8:97:e4:42:12:1e:ae:b5:f1:69:
d7:ac:3d:e6:95:9c:15:9b:0d:6c:0f:90:6b:51:cf:98:31:2c:
c0:77:18:98:2c:dc:af:e6:cf:5e:e2:be:af:0d:d7:8e:ec:db:
75:a0:3c:ea:41:7b:05:c6:2b:6f:d0:32:b8:97:dd:06:4e:fe:
b3:0a:55:54:c0:ba:9e:e0:ef:49:ab:bc:81:06:10:4e:5e:5c:
ea:b7:e9:95:63:a8:23:eb:06:f3:29:7a:7d:8b:47:fd:01:f5:
9e:31:14:0b:87:83:16:6e:a2:70:69:c2:23:b5:54:73:0e:4f:
b0:98:28:d8:74:b5:3e:c8:f8:83:1f:7c:cd:b2:9b:75:0b:b3:
ee:2c:25:3b:b2:92:8b:62:c1:2e:dc:a7:f7:35:84:08:bc:67:
a2:07:7f:27:9a:1d:1d:4c:2f:a1:57:77:ce:52:2e:15:06:51:
b1:76:46:22:05:c5:cb:e9:cf:7c:f4:cd:35:e8:38:67:7b:a5:
8a:90:52:39:d1:ed:75:f5:17:6b:73:50:27:94:3b:71:37:d8:
21:b7:5c:a5:29:a0:54:83:88:b7:d4:f2:9f:c0:46:b2:3d:7f:
7f:53:ed:bd:11:ec:6f:89:89:50:87:73:0c:db:15:69:07:bb:
81:5b:df:d7
-----BEGIN CERTIFICATE-----
MIIFvDCCBKSgAwIBAgIDAcWRMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjYwNDE2MTAwODM4WhcNMjYwNDMwMTAwODM4WjAYMRYw
FAYDVQQDEw02OWUwYjUyYS1lNTQ3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAppqUCctbhO58LG13JdDFknmlRZYeB7aOfrEDxjgDSRYcNerFwjDwBZE3
hOdncfX9D3wwVySVwV7a6ktvDaNi1PGiY1/8MhYhFdS89w8WWS1a5kImMfTzQyOk
wbeQUt0iEXqW9JTpkvu8J0I1TZSIyjLuw+j04bYmy7Y+ib8ULMVZ7epz2r8Fn/M9
4N12Ss5CZLafqIZmE+nDNEaQS1MEzpYhH5B3nRglPBmY9s23N7jQiJMpiWgs/U/N
9skoUatr31TIqj5F5qp7JfWDbY1TNu53Qicleqyxbz0y74wHlhd0RS9avw09H2yB
G/LQFxIcjeHd6aMqFqMtKIYWnQvrPQIDAQABo4IC3TCCAtkwHQYDVR0OBBYEFK5S
w0GyK8wN3Bz6laQIkt6M//JQMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8zRjFCNkVFODM5N0MxMUYxQTJCRUI4MEFDRjFEMzhCMC5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMFcGCCsGAQUFBwEHAQH/BEgwRjBEBAIAATA+AwQAmsECAwQAmsEjAwQAmsLD
AwQAmsSGAwQAmsSgMAwDBACaxLMDBACaxLQDBACaxwQDBACayAEDBACayBowDQYJ
KoZIhvcNAQELBQADggEBAJ6/7nKkvNXa6JfkQhIerrXxadesPeaVnBWbDWwPkGtR
z5gxLMB3GJgs3K/mz17ivq8N147s23WgPOpBewXGK2/QMriX3QZO/rMKVVTAup7g
70mrvIEGEE5eXOq36ZVjqCPrBvMpen2LR/0B9Z4xFAuHgxZuonBpwiO1VHMOT7CY
KNh0tT7I+IMffM2ym3ULs+4sJTuykotiwS7cp/c1hAi8Z6IHfyeaHR1ML6FXd85S
LhUGUbF2RiIFxcvpz3z0zTXoOGd7pYqQUjnR7XX1F2tzUCeUO3E32CG3XKUpoFSD
iLfU8p/ARrI9f39T7b0R7G+JiVCHcwzbFWkHu4Fb39c=
-----END CERTIFICATE-----
Generated at Fri Apr 17 11:59:51 2026 by rpki-client