Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/4108372C33F011F1894901C4CE1D38B0.roa
File: 4108372C33F011F1894901C4CE1D38B0.roa (raw, json)
Hash identifier: LHyR1hqIhdqjS3tQ1ZolM696mUnQtSmKKg9/qVQCPFA=
Subject key identifier: 2A:FE:D7:C4:4B:BF:C6:7F:6A:D2:CA:A4:1F:31:53:55:CD:6C:17:E7
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01C3A3
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/4108372C33F011F1894901C4CE1D38B0.roa
Signing time: Thu 09 Apr 2026 08:44:00 +0000
ROA not before: Thu 09 Apr 2026 08:43:56 +0000
ROA not after: Sat 16 May 2026 08:43:56 +0000
asID: 151419
IP address blocks: 154.88.66.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 19 Apr 2026 00:07:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 115619 (0x1c3a3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Apr 9 08:43:56 2026 GMT
Not After : May 16 08:43:56 2026 GMT
Subject: CN=69d766d0-9caf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:f8:cd:e6:81:2e:5e:ab:be:db:c5:48:c6:91:
fc:6d:bd:f8:c2:b2:e9:be:16:38:e2:ef:93:a9:8c:
11:54:a4:53:74:7d:96:0d:33:b2:6e:1e:a1:5d:a5:
af:c2:11:b6:ba:9a:6c:51:d0:c1:4c:4c:16:eb:1a:
40:f3:44:7b:16:46:54:9b:a4:e4:50:49:de:1d:b4:
55:65:6f:20:be:95:4c:34:45:14:53:c2:f5:82:2c:
e9:a2:50:0a:f7:a0:2c:57:95:b5:cd:7a:ff:1c:18:
92:ee:d7:0c:3f:1e:d5:1f:fe:9f:68:fa:93:43:9a:
02:0e:e7:b7:a9:3d:88:5b:54:78:e4:bb:0b:66:e7:
ec:d7:47:36:a5:fa:86:2d:23:a8:ae:5e:2f:72:1f:
d7:79:f4:62:72:34:07:a1:a2:3f:21:a6:4b:58:84:
80:8b:b1:f6:51:8b:4f:33:29:fa:cc:14:80:9e:bc:
7a:23:26:02:ef:27:5c:77:64:2c:65:e1:38:57:55:
f9:77:e9:e3:5f:56:bd:60:f8:f5:72:5a:0d:2f:3f:
04:1e:a7:56:fa:7e:99:fd:4c:51:be:ab:60:f6:21:
dc:d4:60:c0:7f:8e:d3:a5:20:bc:5b:a1:b9:d5:04:
4c:a7:23:40:da:1d:4b:c1:b8:5f:c6:98:7b:2d:f2:
83:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:FE:D7:C4:4B:BF:C6:7F:6A:D2:CA:A4:1F:31:53:55:CD:6C:17:E7
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/4108372C33F011F1894901C4CE1D38B0.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.88.66.0/23
Signature Algorithm: sha256WithRSAEncryption
51:fa:2c:58:54:39:e3:8d:db:43:18:8f:fe:88:a9:39:4c:2c:
08:67:28:cd:e7:0d:1a:da:50:1f:47:a5:c0:58:53:f9:5a:fe:
64:77:2f:a8:76:e3:cf:8a:b2:7a:d0:a9:56:6c:68:4f:9d:7f:
6b:b8:0d:79:83:14:84:05:0a:e8:42:47:db:15:4a:b0:5e:59:
1d:ab:b3:48:f6:2f:84:da:a9:f7:76:59:ac:43:d7:1d:85:f6:
5e:53:30:45:59:3a:79:8a:07:ad:d7:9c:5a:45:db:04:f5:a6:
11:c9:0b:2f:69:49:a9:8a:f9:2e:56:ce:52:48:1e:98:40:25:
59:00:92:ec:80:3e:f7:e6:74:61:cc:f2:7c:71:c6:2b:88:be:
15:ae:08:17:c4:28:b6:b3:09:97:ab:fa:49:3e:76:63:c4:2a:
0f:d4:3e:14:af:8d:6f:ff:8f:b3:b6:df:8f:27:d5:3a:0b:0f:
a7:df:cd:74:08:14:2c:e1:dc:06:2c:b0:eb:fb:97:2a:7d:0d:
fb:e3:60:72:ab:9e:5e:37:d2:ef:c7:ab:21:9d:41:e4:a9:da:
9d:9f:e9:e7:ea:ae:8a:66:b5:dc:2b:57:44:7e:26:87:10:c1:
61:62:47:df:52:af:44:ac:6c:08:c7:89:c9:17:26:ae:78:69:
1c:11:d5:6a
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAcOjMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjYwNDA5MDg0MzU2WhcNMjYwNTE2MDg0MzU2WjAYMRYw
FAYDVQQDEw02OWQ3NjZkMC05Y2FmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAqPjN5oEuXqu+28VIxpH8bb34wrLpvhY44u+TqYwRVKRTdH2WDTOybh6h
XaWvwhG2uppsUdDBTEwW6xpA80R7FkZUm6TkUEneHbRVZW8gvpVMNEUUU8L1gizp
olAK96AsV5W1zXr/HBiS7tcMPx7VH/6faPqTQ5oCDue3qT2IW1R45LsLZufs10c2
pfqGLSOorl4vch/XefRicjQHoaI/IaZLWISAi7H2UYtPMyn6zBSAnrx6IyYC7ydc
d2QsZeE4V1X5d+njX1a9YPj1cloNLz8EHqdW+n6Z/UxRvqtg9iHc1GDAf47TpSC8
W6G51QRMpyNA2h1Lwbhfxph7LfKDxQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFCr+
18RLv8Z/atLKpB8xU1XNbBfnMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC80MTA4MzcyQzMzRjAxMUYxODk0OTAxQzRDRTFEMzhCMC5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBmlhCMA0GCSqGSIb3DQEB
CwUAA4IBAQBR+ixYVDnjjdtDGI/+iKk5TCwIZyjN5w0a2lAfR6XAWFP5Wv5kdy+o
duPPirJ60KlWbGhPnX9ruA15gxSEBQroQkfbFUqwXlkdq7NI9i+E2qn3dlmsQ9cd
hfZeUzBFWTp5iget15xaRdsE9aYRyQsvaUmpivkuVs5SSB6YQCVZAJLsgD735nRh
zPJ8ccYriL4VrggXxCi2swmXq/pJPnZjxCoP1D4Ur41v/4+ztt+PJ9U6Cw+n3810
CBQs4dwGLLDr+5cqfQ3742Byq55eN9Lvx6shnUHkqdqdn+nn6q6KZrXcK1dEfiaH
EMFhYkffUq9ErGwIx4nJFyaueGkcEdVq
-----END CERTIFICATE-----
Generated at Fri Apr 17 15:34:13 2026 by rpki-client