Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/8BE0495837CC11F18B40BCC2CE1D38B0.roa
File: 8BE0495837CC11F18B40BCC2CE1D38B0.roa (raw, json)
Hash identifier: w/M4G/ASAhlbLg/pV3OvgugUJVKCrtFr/uA/Igc6iRw=
Subject key identifier: A0:94:59:0A:CA:F3:56:30:79:CA:23:8E:80:B8:E9:63:92:B5:84:EF
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01C533
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/8BE0495837CC11F18B40BCC2CE1D38B0.roa
Signing time: Tue 14 Apr 2026 06:38:29 +0000
ROA not before: Tue 14 Apr 2026 06:38:23 +0000
ROA not after: Wed 20 May 2026 06:38:23 +0000
asID: 273155
IP address blocks: 154.200.236.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 20 Apr 2026 00:08:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 116019 (0x1c533)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Apr 14 06:38:23 2026 GMT
Not After : May 20 06:38:23 2026 GMT
Subject: CN=69dde0e5-8c42
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:1f:23:3d:bf:b3:d8:20:07:40:b8:2c:f7:ec:
02:3c:93:21:8d:b8:10:07:28:50:17:e7:2a:e6:1f:
82:3b:a1:29:d9:82:a5:1d:c9:32:1b:cd:7a:d6:74:
cb:61:96:2a:79:b1:5f:84:ec:32:dc:26:19:f8:c2:
49:64:b0:eb:d8:2f:ab:83:cb:b2:03:f0:f9:08:98:
86:8b:6c:6c:1a:9e:4c:58:a6:63:5c:25:ec:87:2a:
5b:30:19:ae:c0:2a:c0:ee:f1:23:df:62:9e:95:cc:
2d:1c:0e:83:d3:05:2a:f6:39:36:6b:18:5f:48:ef:
ce:0c:cc:d7:88:a9:6c:d2:07:e1:5d:e2:2c:83:47:
2f:ce:b2:08:e4:5a:05:c8:6d:a3:b3:37:cb:40:01:
78:dc:dd:c9:41:c8:7a:a6:61:b2:1f:56:1b:14:f8:
3d:24:8f:24:e1:d1:e6:51:3d:e6:c9:c4:de:ed:ae:
5d:59:8d:61:2f:bd:0a:2e:40:e2:ee:ff:a9:33:b8:
a1:4d:94:16:93:d7:c2:cb:e6:35:aa:ef:11:87:72:
ba:39:0f:45:7a:03:d3:e9:62:85:90:27:7f:9f:0e:
57:ed:94:2c:56:1d:5c:aa:02:2a:ed:42:8d:f5:c7:
72:be:50:a7:00:92:eb:e5:e6:04:86:22:39:88:c4:
7a:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:94:59:0A:CA:F3:56:30:79:CA:23:8E:80:B8:E9:63:92:B5:84:EF
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/8BE0495837CC11F18B40BCC2CE1D38B0.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.200.236.0/22
Signature Algorithm: sha256WithRSAEncryption
37:00:1d:0a:53:3b:85:82:26:64:61:7c:4a:23:68:bd:6b:61:
39:fb:72:ab:d6:65:1f:10:fc:00:34:6d:3c:c1:30:b9:a8:da:
4e:49:fe:11:a2:e7:c0:21:ed:67:ce:cf:52:51:81:1e:8a:1e:
7c:21:b8:a1:31:63:ba:56:4c:b4:86:b4:37:67:48:a7:4b:a6:
9f:43:10:6e:05:60:db:db:fd:f4:aa:dc:85:78:37:3e:0c:a9:
f8:bd:f6:1c:77:01:7b:ee:7b:75:fe:f3:c6:fd:50:ed:91:01:
89:01:3f:bd:a9:00:0d:52:35:c4:4f:b3:aa:15:41:bb:94:f8:
6a:e8:4a:43:b8:7d:13:7b:84:90:60:9c:74:e4:a7:46:39:82:
b2:c4:68:18:ef:94:d3:ea:b1:07:4a:9e:04:fd:01:f0:f3:27:
03:09:77:84:fe:ab:20:b8:f5:be:bd:b5:ba:02:0f:11:2a:6e:
37:a8:e4:88:d5:5c:61:0e:6a:d7:36:13:4e:ad:e3:41:bf:48:
b9:f2:db:95:37:94:93:bf:e5:a7:ae:78:20:17:58:8e:19:a4:
26:64:69:4c:e4:68:8b:3f:d0:4a:85:d4:c5:9f:1d:2d:08:e8:
2d:53:49:4e:68:bc:f9:72:ed:65:ab:70:7f:9e:4d:97:d4:44:
af:41:10:24
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAcUzMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjYwNDE0MDYzODIzWhcNMjYwNTIwMDYzODIzWjAYMRYw
FAYDVQQDEw02OWRkZTBlNS04YzQyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA3x8jPb+z2CAHQLgs9+wCPJMhjbgQByhQF+cq5h+CO6Ep2YKlHckyG816
1nTLYZYqebFfhOwy3CYZ+MJJZLDr2C+rg8uyA/D5CJiGi2xsGp5MWKZjXCXshypb
MBmuwCrA7vEj32KelcwtHA6D0wUq9jk2axhfSO/ODMzXiKls0gfhXeIsg0cvzrII
5FoFyG2jszfLQAF43N3JQch6pmGyH1YbFPg9JI8k4dHmUT3mycTe7a5dWY1hL70K
LkDi7v+pM7ihTZQWk9fCy+Y1qu8Rh3K6OQ9FegPT6WKFkCd/nw5X7ZQsVh1cqgIq
7UKN9cdyvlCnAJLr5eYEhiI5iMR68wIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFKCU
WQrK81YwecojjoC46WOStYTvMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC84QkUwNDk1ODM3Q0MxMUYxOEI0MEJDQzJDRTFEMzhCMC5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCmsjsMA0GCSqGSIb3DQEB
CwUAA4IBAQA3AB0KUzuFgiZkYXxKI2i9a2E5+3Kr1mUfEPwANG08wTC5qNpOSf4R
oufAIe1nzs9SUYEeih58IbihMWO6Vky0hrQ3Z0inS6afQxBuBWDb2/30qtyFeDc+
DKn4vfYcdwF77nt1/vPG/VDtkQGJAT+9qQANUjXET7OqFUG7lPhq6EpDuH0Te4SQ
YJx05KdGOYKyxGgY75TT6rEHSp4E/QHw8ycDCXeE/qsguPW+vbW6Ag8RKm43qOSI
1VxhDmrXNhNOreNBv0i58tuVN5STv+WnrnggF1iOGaQmZGlM5GiLP9BKhdTFnx0t
COgtU0lOaLz5cu1lq3B/nk2X1ESvQRAk
-----END CERTIFICATE-----
Generated at Sat Apr 18 04:13:25 2026 by rpki-client