Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/8A9791B62EA111F19D0B98EADAE4EC9C.roa
File: 8A9791B62EA111F19D0B98EADAE4EC9C.roa (raw, json)
Hash identifier: fVHAPZ7sNhBz8jeeEUijvN0rFWDxcz6tz0MKmkuewN4=
Subject key identifier: 36:A3:8C:EB:77:7D:7A:CB:A1:95:D1:EF:CD:15:22:0E:9C:E5:42:E1
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01C25F
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/8A9791B62EA111F19D0B98EADAE4EC9C.roa
Signing time: Thu 02 Apr 2026 14:37:58 +0000
ROA not before: Thu 02 Apr 2026 14:37:53 +0000
ROA not after: Sun 10 May 2026 14:37:53 +0000
asID: 138915
IP address blocks: 154.95.83.0/24 maxlen: 24
154.95.84.0/24 maxlen: 24
154.95.85.0/24 maxlen: 24
154.95.86.0/23 maxlen: 24
154.95.88.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 19 Apr 2026 15:47:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 115295 (0x1c25f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Apr 2 14:37:53 2026 GMT
Not After : May 10 14:37:53 2026 GMT
Subject: CN=69ce7f46-236c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:c9:b1:cd:aa:12:c1:1c:7d:4b:ac:8b:9e:5a:
77:52:ae:87:a5:bc:e5:5f:4c:38:4e:cd:69:3c:6a:
ff:7d:b3:39:9f:1a:db:0a:59:a6:8b:ba:a8:e9:52:
69:da:d2:b0:c6:ff:99:22:61:0c:7e:c3:94:5f:eb:
22:dd:ea:55:84:79:a8:dc:9d:6e:eb:99:81:19:73:
63:6b:f4:77:78:1b:c9:ce:b8:fa:d5:70:d8:87:4f:
e7:30:1c:02:a7:fe:92:54:48:fe:af:81:0c:97:ef:
45:a5:58:14:40:29:b3:3d:85:54:49:32:76:1c:3b:
d7:46:76:71:2b:3d:49:3e:62:c8:27:eb:48:cd:24:
72:28:82:d8:5a:fb:5d:9e:e8:4f:5f:52:01:0d:bf:
2c:5f:2a:9f:0d:ab:cf:c6:67:92:d0:67:6d:32:02:
45:0d:65:76:9f:27:02:08:4b:bb:57:aa:08:bf:56:
ae:10:0f:d2:91:2d:78:ac:0b:54:56:0d:c5:11:d0:
7e:bb:bd:42:67:93:38:79:74:7f:6c:1d:8d:e7:95:
62:5d:52:8c:c7:bb:d9:72:0d:5a:13:ef:e3:60:f0:
39:d3:ec:62:da:3b:9c:27:5a:a4:7e:76:68:a9:60:
7e:3d:1e:2b:9b:71:91:ec:f3:eb:92:41:9f:14:26:
cb:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:A3:8C:EB:77:7D:7A:CB:A1:95:D1:EF:CD:15:22:0E:9C:E5:42:E1
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/8A9791B62EA111F19D0B98EADAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.95.83.0-154.95.88.255
Signature Algorithm: sha256WithRSAEncryption
74:4f:5d:aa:93:69:b2:cc:9f:7d:49:c5:2c:69:b4:87:e6:b8:
15:65:b2:55:8c:d2:7a:a6:79:d1:10:5a:26:0b:34:1f:33:10:
8f:8a:0d:70:87:2d:bc:80:ed:ea:75:6c:16:03:08:8c:51:3c:
56:df:c6:64:ab:93:20:fc:e6:e8:e2:3f:34:61:bd:92:b7:6e:
10:18:1a:c2:9a:2b:e4:92:e2:77:88:d4:b6:8e:1a:52:e0:21:
49:53:49:e2:b3:25:e1:2e:9f:ae:aa:db:bb:f8:90:6f:fa:1d:
79:19:b3:15:87:e3:58:e4:cd:de:74:99:f3:73:29:b2:52:57:
eb:37:c1:ad:6d:8a:2c:f1:aa:cb:68:68:a1:1c:02:a6:fa:ac:
3c:4b:70:2d:bc:01:9a:12:18:5f:f4:12:c4:06:be:f3:30:9c:
71:3d:b4:83:fc:37:6d:c7:8d:0d:14:11:9a:7d:f3:3a:f5:6c:
12:ca:be:19:f2:29:49:69:94:9d:59:91:d2:39:b3:c6:f1:7e:
20:ee:04:2d:d8:90:e5:58:12:bd:03:b7:1c:47:43:dd:7c:8f:
99:7a:c7:3c:ad:3c:89:11:f1:a5:ba:e3:91:7b:a3:c8:bc:49:
8d:15:f2:c7:de:5c:ee:a9:be:b4:31:72:bd:a8:6e:39:28:5c:
7b:13:58:a2
-----BEGIN CERTIFICATE-----
MIIFjDCCBHSgAwIBAgIDAcJfMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjYwNDAyMTQzNzUzWhcNMjYwNTEwMTQzNzUzWjAYMRYw
FAYDVQQDEw02OWNlN2Y0Ni0yMzZjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAx8mxzaoSwRx9S6yLnlp3Uq6HpbzlX0w4Ts1pPGr/fbM5nxrbClmmi7qo
6VJp2tKwxv+ZImEMfsOUX+si3epVhHmo3J1u65mBGXNja/R3eBvJzrj61XDYh0/n
MBwCp/6SVEj+r4EMl+9FpVgUQCmzPYVUSTJ2HDvXRnZxKz1JPmLIJ+tIzSRyKILY
WvtdnuhPX1IBDb8sXyqfDavPxmeS0GdtMgJFDWV2nycCCEu7V6oIv1auEA/SkS14
rAtUVg3FEdB+u71CZ5M4eXR/bB2N55ViXVKMx7vZcg1aE+/jYPA50+xi2jucJ1qk
fnZoqWB+PR4rm3GR7PPrkkGfFCbLZQIDAQABo4ICrTCCAqkwHQYDVR0OBBYEFDaj
jOt3fXrLoZXR780VIg6c5ULhMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC84QTk3OTFCNjJFQTExMUYxOUQwQjk4RUFEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBACaX1MDBACaX1gwDQYJ
KoZIhvcNAQELBQADggEBAHRPXaqTabLMn31JxSxptIfmuBVlslWM0nqmedEQWiYL
NB8zEI+KDXCHLbyA7ep1bBYDCIxRPFbfxmSrkyD85ujiPzRhvZK3bhAYGsKaK+SS
4neI1LaOGlLgIUlTSeKzJeEun66q27v4kG/6HXkZsxWH41jkzd50mfNzKbJSV+s3
wa1tiizxqstoaKEcAqb6rDxLcC28AZoSGF/0EsQGvvMwnHE9tIP8N23HjQ0UEZp9
8zr1bBLKvhnyKUlplJ1ZkdI5s8bxfiDuBC3YkOVYEr0DtxxHQ918j5l6xzytPIkR
8aW645F7o8i8SY0V8sfeXO6pvrQxcr2objkoXHsTWKI=
-----END CERTIFICATE-----
Generated at Fri Apr 17 18:24:51 2026 by rpki-client