Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/68E00B3E366211F1A7427213CF1D38B0.roa
File: 68E00B3E366211F1A7427213CF1D38B0.roa (raw, json)
Hash identifier: jsXQssyt4nQVV8/+n9sXegQSmZhjmvqYmGM/mN+RAD4=
Subject key identifier: 43:15:14:EF:4C:2A:E9:74:C4:A9:53:89:25:A6:3C:8F:00:7E:15:51
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01C4C4
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/68E00B3E366211F1A7427213CF1D38B0.roa
Signing time: Sun 12 Apr 2026 11:26:12 +0000
ROA not before: Sun 12 Apr 2026 11:26:08 +0000
ROA not after: Thu 12 Apr 2029 11:26:08 +0000
asID: 17561
IP address blocks: 154.95.208.0/24 maxlen: 24
154.95.209.0/24 maxlen: 24
154.95.210.0/24 maxlen: 24
154.95.211.0/24 maxlen: 24
154.95.212.0/24 maxlen: 24
154.95.213.0/24 maxlen: 24
154.95.214.0/24 maxlen: 24
154.95.215.0/24 maxlen: 24
154.95.216.0/24 maxlen: 24
154.95.217.0/24 maxlen: 24
154.95.218.0/24 maxlen: 24
154.95.219.0/24 maxlen: 24
154.95.220.0/24 maxlen: 24
154.95.221.0/24 maxlen: 24
154.95.222.0/24 maxlen: 24
154.95.223.0/24 maxlen: 24
154.95.224.0/24 maxlen: 24
154.95.225.0/24 maxlen: 24
154.95.226.0/24 maxlen: 24
154.95.227.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 19 Apr 2026 16:08:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 115908 (0x1c4c4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Apr 12 11:26:08 2026 GMT
Not After : Apr 12 11:26:08 2029 GMT
Subject: CN=69db8154-bd3b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:78:63:f1:65:43:92:85:52:d8:bc:2a:ed:15:
55:4d:7a:8a:81:90:f3:59:f8:65:d8:bc:4b:7b:76:
02:f3:ab:2d:a7:ff:ab:6d:0c:00:29:d3:7e:63:48:
50:90:c2:68:91:c6:df:4e:f4:7a:02:47:9b:4a:cd:
48:07:14:86:a7:04:bc:7e:45:9f:97:cc:ff:b5:c9:
d1:2a:a8:12:26:80:67:ae:d2:2d:06:59:05:f9:c3:
16:54:09:44:00:86:2a:98:a9:2d:f2:84:e1:6b:4b:
bd:ad:f8:5f:40:b3:3f:fb:69:eb:92:0e:97:26:8f:
2f:07:93:00:74:e8:6a:97:65:b3:b5:f1:08:66:70:
ea:8f:7b:0b:f9:65:00:67:a2:10:51:6f:b5:5b:55:
67:f3:06:bc:6e:57:d1:4d:a3:4a:7b:ce:27:a2:ff:
1e:86:5c:ea:34:51:b9:82:43:dd:5d:df:fc:3d:7a:
d3:17:cf:76:b2:71:f0:bc:50:b5:2c:c8:b5:9f:37:
f6:e2:fa:77:43:dd:1e:de:13:09:a5:87:20:ce:78:
12:a1:14:b7:c1:89:eb:71:a2:44:f6:07:96:cb:ca:
fc:a4:f2:95:36:bc:c3:7a:33:d3:40:0f:72:37:63:
d1:85:86:3b:61:45:78:93:e7:e7:3b:8a:54:62:ba:
11:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:15:14:EF:4C:2A:E9:74:C4:A9:53:89:25:A6:3C:8F:00:7E:15:51
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/68E00B3E366211F1A7427213CF1D38B0.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.95.208.0-154.95.227.255
Signature Algorithm: sha256WithRSAEncryption
58:b0:ff:03:36:ac:3d:d7:dd:d0:ef:91:16:e2:7e:1c:f0:62:
78:93:5b:c7:9b:6a:c3:19:00:cb:39:95:2e:e5:f4:51:17:53:
ad:ad:e9:a2:db:5b:2d:2f:26:d7:5c:e3:6e:6c:72:a2:4c:74:
d0:24:40:a6:79:80:60:b7:ce:da:d1:67:83:16:5e:80:af:6f:
c5:30:b5:db:58:de:2f:32:40:99:55:df:d3:78:37:11:a9:30:
dc:98:48:ca:21:71:ff:bc:0c:d3:03:ee:9c:38:a4:76:6d:69:
9a:aa:b9:5b:cf:d8:cd:c2:f0:e6:0b:c7:62:cf:0f:bc:41:c1:
4a:4d:45:f5:ba:68:f3:e7:44:f4:a9:7f:fe:63:c4:4c:1e:04:
4f:7c:6a:e4:ea:de:17:12:8e:67:f6:6d:ad:5f:ed:db:58:d4:
21:4b:3c:16:63:f6:ff:b5:31:c3:c4:f9:e2:55:69:7e:b6:2e:
2a:d6:e0:d8:26:9c:5d:f4:f4:08:4f:2b:53:4b:ea:81:1e:c9:
d3:e8:6a:53:6e:57:24:fd:f7:54:56:11:29:f2:cf:f9:4f:fb:
09:dd:1c:2e:8e:68:74:f0:20:34:4c:35:85:93:48:36:a4:79:
92:f8:a1:fa:f8:9a:00:ad:e2:5b:8f:0b:c4:fc:40:56:23:09:
c4:a6:6a:d0
-----BEGIN CERTIFICATE-----
MIIFjDCCBHSgAwIBAgIDAcTEMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjYwNDEyMTEyNjA4WhcNMjkwNDEyMTEyNjA4WjAYMRYw
FAYDVQQDEw02OWRiODE1NC1iZDNiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA2Hhj8WVDkoVS2Lwq7RVVTXqKgZDzWfhl2LxLe3YC86stp/+rbQwAKdN+
Y0hQkMJokcbfTvR6AkebSs1IBxSGpwS8fkWfl8z/tcnRKqgSJoBnrtItBlkF+cMW
VAlEAIYqmKkt8oTha0u9rfhfQLM/+2nrkg6XJo8vB5MAdOhql2WztfEIZnDqj3sL
+WUAZ6IQUW+1W1Vn8wa8blfRTaNKe84nov8ehlzqNFG5gkPdXd/8PXrTF892snHw
vFC1LMi1nzf24vp3Q90e3hMJpYcgzngSoRS3wYnrcaJE9geWy8r8pPKVNrzDejPT
QA9yN2PRhYY7YUV4k+fnO4pUYroR8wIDAQABo4ICrTCCAqkwHQYDVR0OBBYEFEMV
FO9MKul0xKlTiSWmPI8AfhVRMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC82OEUwMEIzRTM2NjIxMUYxQTc0MjcyMTNDRjFEMzhCMC5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBASaX9ADBAKaX+AwDQYJ
KoZIhvcNAQELBQADggEBAFiw/wM2rD3X3dDvkRbifhzwYniTW8ebasMZAMs5lS7l
9FEXU62t6aLbWy0vJtdc425scqJMdNAkQKZ5gGC3ztrRZ4MWXoCvb8UwtdtY3i8y
QJlV39N4NxGpMNyYSMohcf+8DNMD7pw4pHZtaZqquVvP2M3C8OYLx2LPD7xBwUpN
RfW6aPPnRPSpf/5jxEweBE98auTq3hcSjmf2ba1f7dtY1CFLPBZj9v+1McPE+eJV
aX62LirW4NgmnF309AhPK1NL6oEeydPoalNuVyT991RWESnyz/lP+wndHC6OaHTw
IDRMNYWTSDakeZL4ofr4mgCt4luPC8T8QFYjCcSmatA=
-----END CERTIFICATE-----
Generated at Fri Apr 17 20:25:39 2026 by rpki-client