Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/5004BE822C0F11F19CE8CAF2DAE4EC9C.roa
File: 5004BE822C0F11F19CE8CAF2DAE4EC9C.roa (raw, json)
Hash identifier: hlBPeWglJ3fVtcEXkYVgi6UR86wWJQ2TiML44Bhm9lY=
Subject key identifier: 58:43:60:D7:A9:22:B4:6A:D4:2A:13:35:41:98:A1:58:00:4F:3C:3E
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01C1B5
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/5004BE822C0F11F19CE8CAF2DAE4EC9C.roa
Signing time: Mon 30 Mar 2026 08:06:11 +0000
ROA not before: Mon 30 Mar 2026 08:06:05 +0000
ROA not after: Thu 22 Oct 2026 08:06:05 +0000
asID: 393437
IP address blocks: 154.91.32.0/22 maxlen: 24
154.91.32.0/24 maxlen: 24
154.91.33.0/24 maxlen: 24
154.91.34.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 19 Apr 2026 00:07:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 115125 (0x1c1b5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Mar 30 08:06:05 2026 GMT
Not After : Oct 22 08:06:05 2026 GMT
Subject: CN=69ca2ef3-e981
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:f5:fc:f1:3a:87:ea:ad:15:1d:df:d9:91:4d:
85:8e:fb:11:7c:d4:c2:fe:ce:9c:5f:4f:91:b5:ea:
b7:93:33:9e:2b:b5:5a:0f:05:4c:bb:ba:08:e2:94:
51:77:54:d4:00:83:65:be:a1:ea:b1:04:46:32:7b:
c8:4f:5b:81:36:85:63:27:98:f9:55:f1:dc:c8:1e:
7b:bd:62:67:18:0c:2a:ae:9a:5c:d7:70:52:01:10:
e6:3f:1b:e6:a2:6d:44:d6:ba:90:7c:9f:d5:17:44:
62:85:39:74:ea:0f:fd:9d:72:ba:61:db:45:c3:ff:
72:9a:8c:77:68:59:46:60:bf:af:9b:39:78:ae:d3:
7f:95:9b:71:a3:45:53:96:20:2e:f5:ab:92:bf:e7:
7c:fe:05:5c:7c:11:6b:3c:43:32:8f:55:3f:3d:23:
cf:29:b5:16:a9:1c:a1:c4:be:1f:05:8e:10:cf:01:
d6:55:35:01:57:ed:cb:ba:a3:07:ff:cf:3a:69:59:
27:8d:34:ec:28:d7:09:fc:fd:c6:5a:97:6c:da:d4:
3d:4d:ea:8c:df:c3:55:89:1d:76:98:89:63:27:b2:
1f:4b:c6:b8:39:b8:ec:0f:da:8c:c2:41:40:ce:50:
d6:cc:58:18:61:0b:68:29:8a:cc:57:22:06:05:c9:
9d:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:43:60:D7:A9:22:B4:6A:D4:2A:13:35:41:98:A1:58:00:4F:3C:3E
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/5004BE822C0F11F19CE8CAF2DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.91.32.0/22
Signature Algorithm: sha256WithRSAEncryption
9c:ce:80:8f:da:92:d2:04:d7:98:89:f2:7d:9e:cf:b7:71:80:
03:b0:cb:a8:69:1e:60:0b:73:e3:f5:6a:23:6b:32:cd:ac:b1:
17:b6:41:bd:ba:f7:6d:34:a8:1d:f7:57:8a:47:15:71:be:b9:
59:27:c3:2c:60:29:62:14:d1:e4:97:b2:fe:cb:39:a0:42:ce:
c5:21:6c:36:ab:bf:de:4c:08:27:43:eb:b7:30:0d:38:2c:71:
1b:fc:02:3e:d2:ba:35:1b:1c:0a:31:5e:f0:e9:92:97:d5:4a:
de:d9:bd:ca:89:ae:2e:19:37:15:36:80:49:37:9a:85:e4:87:
e7:27:f4:62:8f:52:8d:0c:a0:37:a4:4b:17:01:b5:b7:15:7f:
cb:b9:d3:8a:6c:87:c4:1c:d2:64:c0:38:26:e9:f8:1d:28:1d:
45:8c:bc:dd:c2:86:b8:db:92:50:f2:f7:46:42:04:0e:33:69:
76:cb:28:ee:59:96:e9:3b:88:7e:18:a1:a5:34:df:b5:23:19:
ce:4a:e4:d1:1d:74:c4:a2:ab:07:0a:01:94:35:1b:4f:68:bc:
11:00:d6:7d:68:b8:eb:4a:18:ff:5e:e6:c3:d7:8b:b1:4f:54:
77:c6:31:14:ab:b6:ea:03:8d:c3:e0:6c:4f:ed:83:f1:08:c1:
60:52:45:ab
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAcG1MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjYwMzMwMDgwNjA1WhcNMjYxMDIyMDgwNjA1WjAYMRYw
FAYDVQQDEw02OWNhMmVmMy1lOTgxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA4PX88TqH6q0VHd/ZkU2FjvsRfNTC/s6cX0+Rteq3kzOeK7VaDwVMu7oI
4pRRd1TUAINlvqHqsQRGMnvIT1uBNoVjJ5j5VfHcyB57vWJnGAwqrppc13BSARDm
Pxvmom1E1rqQfJ/VF0RihTl06g/9nXK6YdtFw/9ymox3aFlGYL+vmzl4rtN/lZtx
o0VTliAu9auSv+d8/gVcfBFrPEMyj1U/PSPPKbUWqRyhxL4fBY4QzwHWVTUBV+3L
uqMH/886aVknjTTsKNcJ/P3GWpds2tQ9TeqM38NViR12mIljJ7IfS8a4ObjsD9qM
wkFAzlDWzFgYYQtoKYrMVyIGBcmdNQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFFhD
YNepIrRq1CoTNUGYoVgATzw+MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC81MDA0QkU4MjJDMEYxMUYxOUNFOENBRjJEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCmlsgMA0GCSqGSIb3DQEB
CwUAA4IBAQCczoCP2pLSBNeYifJ9ns+3cYADsMuoaR5gC3Pj9WojazLNrLEXtkG9
uvdtNKgd91eKRxVxvrlZJ8MsYCliFNHkl7L+yzmgQs7FIWw2q7/eTAgnQ+u3MA04
LHEb/AI+0ro1GxwKMV7w6ZKX1Ure2b3Kia4uGTcVNoBJN5qF5IfnJ/Rij1KNDKA3
pEsXAbW3FX/LudOKbIfEHNJkwDgm6fgdKB1FjLzdwoa425JQ8vdGQgQOM2l2yyju
WZbpO4h+GKGlNN+1IxnOSuTRHXTEoqsHCgGUNRtPaLwRANZ9aLjrShj/XubD14ux
T1R3xjEUq7bqA43D4GxP7YPxCMFgUkWr
-----END CERTIFICATE-----
Generated at Fri Apr 17 14:53:48 2026 by rpki-client