Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/8628E35E2ECA11F1BB88E8D1DAE4EC9C.roa
File: 8628E35E2ECA11F1BB88E8D1DAE4EC9C.roa (raw, json)
Hash identifier: zmyKTnN19Zpu8iU4J5okE/wO1FsS4bsbkS9tZjVFOGg=
Subject key identifier: 93:5F:62:E9:0A:F4:8F:55:F4:F3:91:04:2A:F8:E0:A7:6B:9F:22:2A
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01C279
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/8628E35E2ECA11F1BB88E8D1DAE4EC9C.roa
Signing time: Thu 02 Apr 2026 19:31:20 +0000
ROA not before: Thu 02 Apr 2026 19:31:15 +0000
ROA not after: Sat 09 May 2026 19:31:15 +0000
asID: 147176
IP address blocks: 154.197.124.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 19 Apr 2026 16:08:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 115321 (0x1c279)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Apr 2 19:31:15 2026 GMT
Not After : May 9 19:31:15 2026 GMT
Subject: CN=69cec408-d149
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:3b:d3:84:09:ec:9c:04:50:bc:b6:2f:84:49:
01:9d:bb:62:9a:76:fd:a8:e9:90:a1:94:9b:8c:d7:
73:5d:7a:42:19:ea:31:4a:36:3a:71:aa:5f:f6:ca:
1d:75:bd:cb:ae:0b:01:9f:a0:96:03:c3:95:ac:00:
23:5d:f6:e2:5a:c1:b6:bc:64:93:95:2e:4b:9b:88:
97:d0:2e:ac:94:06:db:4c:c6:c9:e6:73:d1:d4:64:
28:a2:9b:ba:e7:6a:03:68:f3:7f:aa:2b:0a:80:b8:
c6:06:7b:32:03:f9:d0:40:01:a6:40:1d:49:fd:25:
dd:0c:a2:eb:4f:89:72:de:5d:66:ac:15:dd:16:b0:
5f:13:00:a3:26:40:b9:97:db:c5:44:c2:74:70:1b:
f8:7b:c3:42:fc:8d:d8:d6:b1:b2:7d:26:08:91:05:
78:6e:92:13:6f:4a:e7:6d:9f:f0:64:65:17:d3:93:
90:10:86:cb:15:95:90:45:5e:90:92:97:63:c5:08:
f0:93:74:96:e6:23:8a:46:66:36:0f:cd:dd:0c:1c:
c8:71:94:cb:10:77:ce:7d:ed:a6:03:38:06:9e:83:
87:77:fa:9c:d1:39:1a:32:65:83:d1:b6:46:a4:8b:
e6:a1:e7:2c:ef:d4:72:f8:db:72:9f:41:7f:f9:74:
2e:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:5F:62:E9:0A:F4:8F:55:F4:F3:91:04:2A:F8:E0:A7:6B:9F:22:2A
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/8628E35E2ECA11F1BB88E8D1DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.197.124.0/24
Signature Algorithm: sha256WithRSAEncryption
8d:f7:95:50:bf:d0:75:5d:3d:11:6c:20:dc:47:b5:9f:bf:69:
79:30:54:06:28:91:02:4b:3e:f3:99:06:f1:8c:3a:95:60:92:
62:f2:9a:7f:db:12:1f:5b:fe:6b:45:89:9f:71:df:36:dc:7a:
9b:5a:95:e7:5b:3b:d2:8b:2c:fb:55:94:0b:3e:2d:ac:74:9f:
70:64:ea:79:fd:a6:93:25:a5:eb:b9:1c:d4:92:6b:e0:4e:6c:
36:77:53:02:12:7e:95:ad:8e:eb:40:73:a9:ae:81:30:dc:c5:
ac:6f:97:34:6e:bb:6a:83:27:ca:f3:ac:8f:12:51:fc:78:e0:
97:0e:fd:3a:4c:f1:08:24:ef:47:a8:6c:f5:25:2c:6c:9d:75:
d5:38:7b:7d:cd:b4:42:73:31:e1:8d:9c:87:4c:1f:ba:cf:4f:
43:25:78:e1:47:44:e1:5f:a7:af:22:1e:dd:00:b7:9c:3c:4b:
2e:c6:4e:7d:ab:73:7f:c1:c4:a9:5f:43:4c:28:7e:56:f3:bd:
df:df:ce:db:08:a2:0e:44:49:62:47:ad:8e:59:7d:92:f3:c9:
d5:57:69:bd:cb:eb:db:de:8a:a1:87:2c:63:c8:64:7a:f5:27:
4a:b7:ec:16:3d:cc:7a:91:bb:9a:07:6f:45:12:96:4a:17:81:
97:10:e7:23
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAcJ5MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjYwNDAyMTkzMTE1WhcNMjYwNTA5MTkzMTE1WjAYMRYw
FAYDVQQDEw02OWNlYzQwOC1kMTQ5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAuTvThAnsnARQvLYvhEkBnbtimnb9qOmQoZSbjNdzXXpCGeoxSjY6capf
9soddb3LrgsBn6CWA8OVrAAjXfbiWsG2vGSTlS5Lm4iX0C6slAbbTMbJ5nPR1GQo
opu652oDaPN/qisKgLjGBnsyA/nQQAGmQB1J/SXdDKLrT4ly3l1mrBXdFrBfEwCj
JkC5l9vFRMJ0cBv4e8NC/I3Y1rGyfSYIkQV4bpITb0rnbZ/wZGUX05OQEIbLFZWQ
RV6QkpdjxQjwk3SW5iOKRmY2D83dDBzIcZTLEHfOfe2mAzgGnoOHd/qc0TkaMmWD
0bZGpIvmoecs79Ry+Ntyn0F/+XQukQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFJNf
YukK9I9V9PORBCr44KdrnyIqMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC84NjI4RTM1RTJFQ0ExMUYxQkI4OEU4RDFEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmsV8MA0GCSqGSIb3DQEB
CwUAA4IBAQCN95VQv9B1XT0RbCDcR7Wfv2l5MFQGKJECSz7zmQbxjDqVYJJi8pp/
2xIfW/5rRYmfcd823HqbWpXnWzvSiyz7VZQLPi2sdJ9wZOp5/aaTJaXruRzUkmvg
Tmw2d1MCEn6VrY7rQHOproEw3MWsb5c0brtqgyfK86yPElH8eOCXDv06TPEIJO9H
qGz1JSxsnXXVOHt9zbRCczHhjZyHTB+6z09DJXjhR0ThX6evIh7dALecPEsuxk59
q3N/wcSpX0NMKH5W873f387bCKIOREliR62OWX2S88nVV2m9y+vb3oqhhyxjyGR6
9SdKt+wWPcx6kbuaB29FEpZKF4GXEOcj
-----END CERTIFICATE-----
Generated at Fri Apr 17 23:29:18 2026 by rpki-client