Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/4CDEE41C4E4C11F19DA07BEECE1D38B0.roa
File: 4CDEE41C4E4C11F19DA07BEECE1D38B0.roa (raw, json)
Hash identifier: /vPpDmVYt3eRoMYgQc26xg68wFCMUMPXKeD98YNkkck=
Subject key identifier: 9A:8E:07:87:AE:52:7E:40:B3:3E:C8:0B:B3:08:A6:AA:A0:DD:82:84
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01CB50
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/4CDEE41C4E4C11F19DA07BEECE1D38B0.roa
Signing time: Tue 12 May 2026 21:48:24 +0000
ROA not before: Tue 12 May 2026 21:48:18 +0000
ROA not after: Wed 17 Jun 2026 21:48:18 +0000
asID: 139613
IP address blocks: 154.81.136.0/24 maxlen: 24
154.81.166.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 15 Jun 2026 00:07:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 117584 (0x1cb50)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: May 12 21:48:18 2026 GMT
Not After : Jun 17 21:48:18 2026 GMT
Subject: CN=6a03a028-171a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:fa:9a:75:9a:53:e4:1c:6d:3d:e9:11:09:b1:
84:0f:15:03:65:f0:f2:d5:52:0b:9c:26:bf:b2:e9:
40:f5:11:cb:0c:48:33:a2:82:36:25:a7:fe:79:6f:
23:fd:16:cc:87:24:ab:0a:91:c8:db:08:ff:93:15:
e6:cb:98:72:6b:fe:8f:0d:12:a2:c2:69:34:54:2d:
97:46:dc:49:a6:b7:15:8f:86:72:1b:14:d7:e9:fd:
b2:19:9e:00:ff:dd:a2:40:2c:1e:d9:3e:2a:c5:82:
2c:da:c0:63:ff:36:83:0f:d2:4a:56:2a:67:45:0c:
24:4d:81:0e:bb:0b:fa:ee:d3:73:ee:a2:7a:58:b2:
da:7c:ae:f9:03:c9:b1:32:00:37:3b:4d:dc:5c:c1:
58:a3:1f:06:a1:f5:ff:19:11:8e:12:b3:04:93:60:
ee:15:65:cd:df:95:3f:fa:27:c4:05:da:0b:f9:f1:
ee:9d:93:fb:bc:b5:93:6c:6b:f1:9b:b8:3f:a5:77:
ab:1e:0c:48:fc:e5:c9:21:2e:fa:e4:e2:e1:00:75:
e0:f0:12:08:a1:c5:e9:cf:0d:6c:49:4c:94:64:da:
ac:7d:b4:fb:e0:fd:d4:8f:cf:c5:d1:7a:30:c6:83:
d3:c7:e1:6c:91:dc:be:c5:88:39:11:0f:ee:f8:7e:
bd:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:8E:07:87:AE:52:7E:40:B3:3E:C8:0B:B3:08:A6:AA:A0:DD:82:84
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/4CDEE41C4E4C11F19DA07BEECE1D38B0.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.81.136.0/24
154.81.166.0/24
Signature Algorithm: sha256WithRSAEncryption
21:06:5c:7d:cd:6d:c5:90:dc:3d:4f:8a:e7:c2:eb:47:86:9b:
08:7e:83:f3:16:ed:66:cc:9f:b8:ab:16:30:a3:9b:d8:56:a1:
93:0d:aa:c8:55:ea:91:37:1f:8f:fc:27:52:c9:a4:02:52:df:
32:fd:d5:2a:20:b7:e2:02:95:8d:5f:cb:a9:42:64:d1:ff:b3:
5f:b1:a4:f5:ff:ed:f5:d3:dc:85:0e:d6:01:f5:f6:69:b6:a3:
24:76:1f:95:27:27:30:d6:5d:c9:5e:80:d2:ca:90:8e:54:a1:
7e:f4:d9:5c:cc:62:59:f7:a3:22:85:13:d3:1f:c7:e2:e4:61:
f4:84:70:5a:68:aa:f7:2c:eb:e3:fc:99:1b:05:eb:df:7d:17:
2d:92:43:f1:89:6b:be:63:4b:3b:3a:01:c5:2c:2a:11:d7:0f:
90:4b:38:cf:8b:f4:36:b6:c3:3f:08:2d:bb:37:f9:cf:81:a0:
da:f2:0a:45:b3:a3:17:dc:3a:25:e7:99:41:0c:10:4a:e5:9a:
75:de:73:be:55:e8:82:1f:03:ae:83:34:e3:41:87:1d:06:81:
4a:8d:37:6f:e5:dc:16:9b:52:1e:15:26:13:2d:9b:19:e7:e0:
a5:a8:1f:be:e8:db:a3:52:3f:59:ab:e3:88:ef:eb:4f:a0:35:
7e:11:6a:90
-----BEGIN CERTIFICATE-----
MIIFijCCBHKgAwIBAgIDActQMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjYwNTEyMjE0ODE4WhcNMjYwNjE3MjE0ODE4WjAYMRYw
FAYDVQQDEw02YTAzYTAyOC0xNzFhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAzfqadZpT5BxtPekRCbGEDxUDZfDy1VILnCa/sulA9RHLDEgzooI2Jaf+
eW8j/RbMhySrCpHI2wj/kxXmy5hya/6PDRKiwmk0VC2XRtxJprcVj4ZyGxTX6f2y
GZ4A/92iQCwe2T4qxYIs2sBj/zaDD9JKVipnRQwkTYEOuwv67tNz7qJ6WLLafK75
A8mxMgA3O03cXMFYox8GofX/GRGOErMEk2DuFWXN35U/+ifEBdoL+fHunZP7vLWT
bGvxm7g/pXerHgxI/OXJIS765OLhAHXg8BIIocXpzw1sSUyUZNqsfbT74P3Uj8/F
0XowxoPTx+Fskdy+xYg5EQ/u+H69zwIDAQABo4ICqzCCAqcwHQYDVR0OBBYEFJqO
B4euUn5Asz7IC7MIpqqg3YKEMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC80Q0RFRTQxQzRFNEMxMUYxOURBMDdCRUVDRTFEMzhCMC5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAmlGIAwQAmlGmMA0GCSqG
SIb3DQEBCwUAA4IBAQAhBlx9zW3FkNw9T4rnwutHhpsIfoPzFu1mzJ+4qxYwo5vY
VqGTDarIVeqRNx+P/CdSyaQCUt8y/dUqILfiApWNX8upQmTR/7NfsaT1/+3109yF
DtYB9fZptqMkdh+VJycw1l3JXoDSypCOVKF+9NlczGJZ96MihRPTH8fi5GH0hHBa
aKr3LOvj/JkbBevffRctkkPxiWu+Y0s7OgHFLCoR1w+QSzjPi/Q2tsM/CC27N/nP
gaDa8gpFs6MX3Dol55lBDBBK5Zp13nO+VeiCHwOugzTjQYcdBoFKjTdv5dwWm1Ie
FSYTLZsZ5+ClqB++6NujUj9Zq+OI7+tPoDV+EWqQ
-----END CERTIFICATE-----
Generated at Sat Jun 13 13:41:02 2026 by rpki-client