Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/8F7565E02C0E11F19F53D9EEDAE4EC9C.roa
File: 8F7565E02C0E11F19F53D9EEDAE4EC9C.roa (raw, json)
Hash identifier: GHNdmNBfbrrCkoQWvln5y21Bu5hhs/1QjCjSseTY3Lo=
Subject key identifier: 74:A0:90:75:C2:3F:C4:98:61:5E:3E:62:A7:AC:5E:1A:3E:6E:B0:DE
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01C1B3
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/8F7565E02C0E11F19F53D9EEDAE4EC9C.roa
Signing time: Mon 30 Mar 2026 08:00:48 +0000
ROA not before: Mon 30 Mar 2026 08:00:43 +0000
ROA not after: Thu 22 Oct 2026 08:00:43 +0000
asID: 137443
IP address blocks: 154.91.32.0/22 maxlen: 24
154.91.32.0/24 maxlen: 24
154.91.33.0/24 maxlen: 24
154.91.34.0/24 maxlen: 24
154.91.35.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 19 Apr 2026 00:07:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 115123 (0x1c1b3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Mar 30 08:00:43 2026 GMT
Not After : Oct 22 08:00:43 2026 GMT
Subject: CN=69ca2daf-3549
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:be:cd:5a:32:3e:50:94:92:b2:84:61:5b:c9:
71:29:91:74:7b:6d:da:2d:fe:55:8d:9d:59:bf:18:
7a:79:84:44:35:84:05:43:f2:d4:ec:22:41:b3:cf:
7c:cc:74:61:ec:50:88:0f:79:2e:71:41:d4:4a:ed:
33:d6:d9:89:5a:1e:3f:81:b0:f5:10:25:1f:19:51:
83:50:f8:51:42:71:7f:6b:e4:3b:d0:c6:97:3a:27:
73:26:1c:2d:c8:80:45:b8:b5:fb:45:66:fd:46:39:
3c:69:99:03:83:ad:17:9e:71:bd:cd:45:54:5d:99:
0c:fe:71:0c:6b:03:e4:03:9e:90:14:48:4d:92:6e:
fd:b6:ce:4f:27:96:7c:35:4c:a3:c6:c6:08:84:dd:
28:80:6b:46:da:05:c9:0e:2c:86:5d:0b:96:69:5b:
b9:16:0e:ab:44:5e:ea:29:e6:43:4a:a0:0b:40:30:
99:20:b5:31:92:5f:d6:7e:8b:45:f3:22:de:68:04:
50:c1:03:03:42:0f:fb:5f:97:5f:ec:35:58:03:b8:
0b:e5:99:86:a8:83:36:73:2e:20:a9:9e:b1:5a:89:
5d:9b:61:9e:f4:59:4b:dd:75:14:69:ac:d5:75:88:
da:1a:e8:fe:8f:05:12:70:dc:32:bb:e4:b0:e5:2a:
f6:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:A0:90:75:C2:3F:C4:98:61:5E:3E:62:A7:AC:5E:1A:3E:6E:B0:DE
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/8F7565E02C0E11F19F53D9EEDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.91.32.0/22
Signature Algorithm: sha256WithRSAEncryption
1b:81:21:ad:39:22:27:89:81:e5:03:59:32:a4:3b:07:cb:9a:
5c:55:3b:12:8a:c7:bc:6f:ab:2f:b7:7c:8b:fe:0a:61:f6:14:
b9:80:ea:8e:87:a4:0f:38:ef:98:c2:86:43:df:ce:4d:20:a9:
15:b1:f9:02:a2:f9:43:23:6f:55:ac:16:6f:34:8b:d3:7f:86:
29:08:d3:6c:bf:ef:8f:06:77:7b:bb:a6:c4:ed:c6:c4:3a:61:
d2:da:28:c0:0e:73:41:13:c5:14:3e:59:39:8a:8d:53:cf:8a:
a7:e3:0f:e4:f9:5e:b4:c0:7d:f4:6a:00:db:41:fb:e3:93:7d:
7b:cb:4d:35:3c:39:fe:15:e1:a4:6e:1e:ff:19:9f:50:62:66:
d0:47:4a:10:ba:43:c8:f3:79:47:0a:5f:5d:9e:4b:dd:29:9c:
ac:a0:3f:30:1c:ca:3d:92:16:e3:70:17:55:e1:b3:69:6b:bb:
84:30:e0:ce:7b:4e:45:65:58:22:47:e7:08:43:a9:a8:b4:c0:
66:93:58:ae:fa:3b:54:45:eb:49:02:a8:b7:21:5a:cd:9c:fb:
d3:82:ec:6b:61:1f:b9:77:b6:90:69:1f:e5:0d:a2:a9:bb:2e:
7a:1a:57:c2:29:13:77:6d:a9:60:7a:5a:8c:ff:8e:4a:d8:21:
48:d2:cd:46
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAcGzMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjYwMzMwMDgwMDQzWhcNMjYxMDIyMDgwMDQzWjAYMRYw
FAYDVQQDEw02OWNhMmRhZi0zNTQ5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAz77NWjI+UJSSsoRhW8lxKZF0e23aLf5VjZ1Zvxh6eYRENYQFQ/LU7CJB
s898zHRh7FCID3kucUHUSu0z1tmJWh4/gbD1ECUfGVGDUPhRQnF/a+Q70MaXOidz
JhwtyIBFuLX7RWb9Rjk8aZkDg60XnnG9zUVUXZkM/nEMawPkA56QFEhNkm79ts5P
J5Z8NUyjxsYIhN0ogGtG2gXJDiyGXQuWaVu5Fg6rRF7qKeZDSqALQDCZILUxkl/W
fotF8yLeaARQwQMDQg/7X5df7DVYA7gL5ZmGqIM2cy4gqZ6xWoldm2Ge9FlL3XUU
aazVdYjaGuj+jwUScNwyu+Sw5Sr2rwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFHSg
kHXCP8SYYV4+YqesXho+brDeMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC84Rjc1NjVFMDJDMEUxMUYxOUY1M0Q5RUVEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCmlsgMA0GCSqGSIb3DQEB
CwUAA4IBAQAbgSGtOSIniYHlA1kypDsHy5pcVTsSise8b6svt3yL/gph9hS5gOqO
h6QPOO+YwoZD385NIKkVsfkCovlDI29VrBZvNIvTf4YpCNNsv++PBnd7u6bE7cbE
OmHS2ijADnNBE8UUPlk5io1Tz4qn4w/k+V60wH30agDbQfvjk317y001PDn+FeGk
bh7/GZ9QYmbQR0oQukPI83lHCl9dnkvdKZysoD8wHMo9khbjcBdV4bNpa7uEMODO
e05FZVgiR+cIQ6motMBmk1iu+jtURetJAqi3IVrNnPvTguxrYR+5d7aQaR/lDaKp
uy56GlfCKRN3balgelqM/45K2CFI0s1G
-----END CERTIFICATE-----
Generated at Fri Apr 17 14:38:22 2026 by rpki-client