Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/8E59B7B038D411F1B7E1BA08CF1D38B0.roa
File: 8E59B7B038D411F1B7E1BA08CF1D38B0.roa (raw, json)
Hash identifier: tLACGbmyWRXCQWf4AjFlGpYlx7So4iXsL3G+eaREYn4=
Subject key identifier: D1:47:5F:3F:B8:84:13:CE:AF:32:25:5C:5D:13:1C:32:60:7C:59:F2
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01C572
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/8E59B7B038D411F1B7E1BA08CF1D38B0.roa
Signing time: Wed 15 Apr 2026 14:08:20 +0000
ROA not before: Wed 15 Apr 2026 14:08:15 +0000
ROA not after: Mon 11 May 2026 14:08:15 +0000
asID: 8796
IP address blocks: 154.94.224.0/20 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 20 Apr 2026 00:08:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 116082 (0x1c572)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Apr 15 14:08:15 2026 GMT
Not After : May 11 14:08:15 2026 GMT
Subject: CN=69df9bd4-dda6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:17:64:1a:20:15:5b:2b:68:d2:05:9e:76:a0:
4c:d7:2b:0c:08:41:7c:49:44:5f:f4:77:de:51:66:
20:e7:c0:12:fd:f9:92:51:97:b2:b6:95:8f:72:81:
60:f5:5c:90:8c:90:49:97:d0:11:58:74:5a:29:d3:
0b:1d:42:b7:d1:a8:10:e4:46:b4:08:06:e3:24:34:
b1:a9:8a:bb:4c:e5:d7:f5:9d:aa:4e:59:0c:ad:af:
7e:63:bb:e6:64:e7:53:93:04:7c:8b:0a:b2:7e:7a:
09:62:2a:08:f9:f9:e7:72:b9:74:fb:1b:5f:c9:c3:
5d:04:fa:ab:8c:29:bb:27:b7:dd:91:19:0b:27:4d:
5d:04:69:6d:98:2e:32:24:54:b0:e9:7d:42:6c:50:
b7:49:9f:ad:b2:97:81:91:89:b4:db:01:1a:8a:4f:
03:b8:3d:0f:9b:8c:f0:2a:05:f6:0c:8f:39:6e:9f:
fd:54:2f:57:bf:4b:d6:f1:46:43:9e:bb:ad:40:65:
23:d7:5d:a3:af:1a:53:cb:a0:0a:c8:c2:6f:af:fb:
08:e1:a4:d3:cf:8b:db:eb:34:74:ec:97:49:02:b8:
8a:f7:9f:d5:f5:f7:f8:ac:9e:25:5a:d1:db:6f:40:
f5:44:ad:6e:b4:2c:46:91:1b:67:48:99:d3:34:ff:
1c:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:47:5F:3F:B8:84:13:CE:AF:32:25:5C:5D:13:1C:32:60:7C:59:F2
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/8E59B7B038D411F1B7E1BA08CF1D38B0.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.94.224.0/20
Signature Algorithm: sha256WithRSAEncryption
b5:3a:87:54:8d:bf:ba:ea:c2:21:6a:d9:58:53:e5:11:a7:fb:
81:d8:13:35:9e:46:aa:0a:95:4a:f6:51:ae:59:6c:d0:a9:16:
d4:db:7a:2d:a3:40:b0:7d:ff:46:55:96:7d:36:15:cc:9c:33:
58:82:75:b6:b8:0f:cb:a7:24:4f:68:4f:82:b6:3b:f9:74:97:
3d:00:9e:f3:d7:2a:55:07:34:9c:c4:7f:18:a9:4b:99:c9:d3:
8b:e4:56:99:f2:8c:ce:23:db:b2:eb:02:c6:8e:af:ca:58:0b:
77:b7:fb:2c:6e:4b:4f:39:e2:11:81:c9:40:19:3f:09:eb:25:
b6:25:e7:49:9e:2c:22:49:61:90:a5:7d:5b:0f:36:dd:73:b1:
36:79:07:b9:cb:f8:f3:32:5b:02:72:63:ba:46:c6:d1:e1:e5:
ed:9f:22:d7:e4:b1:0a:76:4b:f5:f2:bc:fc:43:88:58:de:3c:
19:aa:49:8d:74:5a:01:5f:9c:61:10:a2:3c:fe:d2:c8:cc:d8:
a6:39:de:49:17:40:33:2d:17:b2:8e:04:42:93:9b:c3:30:89:
7b:ad:9d:92:34:1e:57:b4:b6:1f:f8:ff:43:cf:ee:c2:7b:5d:
ee:5f:77:9e:1f:26:3c:3d:9b:e1:19:71:23:e3:8f:40:1c:c9:
ba:85:b0:23
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAcVyMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjYwNDE1MTQwODE1WhcNMjYwNTExMTQwODE1WjAYMRYw
FAYDVQQDEw02OWRmOWJkNC1kZGE2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAsBdkGiAVWyto0gWedqBM1ysMCEF8SURf9HfeUWYg58AS/fmSUZeytpWP
coFg9VyQjJBJl9ARWHRaKdMLHUK30agQ5Ea0CAbjJDSxqYq7TOXX9Z2qTlkMra9+
Y7vmZOdTkwR8iwqyfnoJYioI+fnncrl0+xtfycNdBPqrjCm7J7fdkRkLJ01dBGlt
mC4yJFSw6X1CbFC3SZ+tspeBkYm02wEaik8DuD0Pm4zwKgX2DI85bp/9VC9Xv0vW
8UZDnrutQGUj112jrxpTy6AKyMJvr/sI4aTTz4vb6zR07JdJAriK95/V9ff4rJ4l
WtHbb0D1RK1utCxGkRtnSJnTNP8ciwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFNFH
Xz+4hBPOrzIlXF0THDJgfFnyMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC84RTU5QjdCMDM4RDQxMUYxQjdFMUJBMDhDRjFEMzhCMC5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEml7gMA0GCSqGSIb3DQEB
CwUAA4IBAQC1OodUjb+66sIhatlYU+URp/uB2BM1nkaqCpVK9lGuWWzQqRbU23ot
o0Cwff9GVZZ9NhXMnDNYgnW2uA/LpyRPaE+Ctjv5dJc9AJ7z1ypVBzScxH8YqUuZ
ydOL5FaZ8ozOI9uy6wLGjq/KWAt3t/ssbktPOeIRgclAGT8J6yW2JedJniwiSWGQ
pX1bDzbdc7E2eQe5y/jzMlsCcmO6RsbR4eXtnyLX5LEKdkv18rz8Q4hY3jwZqkmN
dFoBX5xhEKI8/tLIzNimOd5JF0AzLReyjgRCk5vDMIl7rZ2SNB5XtLYf+P9Dz+7C
e13uX3eeHyY8PZvhGXEj449AHMm6hbAj
-----END CERTIFICATE-----
Generated at Sat Apr 18 10:25:29 2026 by rpki-client