Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/9D983AE82E6C11F19EE768BCDAE4EC9C.roa
File: 9D983AE82E6C11F19EE768BCDAE4EC9C.roa (raw, json)
Hash identifier: sfdsPq17q80GIijz1xVHNSwHfA1rIx9jH2/nFXpxSNM=
Subject key identifier: 8F:E0:F1:91:A0:BB:72:1B:48:B4:99:03:9A:83:B5:88:53:18:30:F4
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01C20B
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/9D983AE82E6C11F19EE768BCDAE4EC9C.roa
Signing time: Thu 02 Apr 2026 08:19:06 +0000
ROA not before: Thu 02 Apr 2026 08:19:02 +0000
ROA not after: Mon 04 May 2026 08:19:02 +0000
asID: 17497
IP address blocks: 154.193.162.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 20 Apr 2026 00:08:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 115211 (0x1c20b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Apr 2 08:19:02 2026 GMT
Not After : May 4 08:19:02 2026 GMT
Subject: CN=69ce267a-f2f3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:c6:e9:8f:2b:8e:6d:86:31:4d:8d:6c:a4:c0:
87:69:68:07:7f:f5:ba:cb:8e:80:1d:c2:a9:24:98:
a4:50:f5:03:e5:ad:2a:b3:fa:30:26:43:b5:66:a2:
95:be:b7:5e:b9:ef:50:89:aa:20:98:42:d7:6d:cf:
fd:e5:27:66:d3:5a:93:8e:66:9d:45:7a:6d:41:0e:
ff:c8:67:ca:50:c3:55:d9:96:0e:e1:69:00:53:5e:
b9:ff:f3:fc:10:2f:85:b8:f9:c1:ff:09:2b:b4:8b:
f0:53:4d:10:67:31:53:05:0f:e0:57:f9:da:f5:f2:
c5:ce:58:30:b2:6c:ea:b5:81:32:e8:f3:c1:0d:b9:
f5:80:36:6d:61:25:8d:12:de:e8:c9:65:52:45:1b:
ff:d3:16:ef:4a:79:e0:a6:22:41:36:8c:75:3b:51:
50:38:5c:5e:1e:42:9a:15:82:ab:65:88:0e:a2:ff:
6d:e5:c8:09:1b:c2:e6:91:d9:49:c2:0e:9b:24:cd:
a9:6d:b1:ed:a8:84:7b:9f:44:25:0d:a7:6b:0e:eb:
cc:0f:18:d5:e3:a5:85:28:da:c8:22:aa:39:bb:e3:
0e:20:be:0f:00:95:3e:7c:38:68:b7:1f:e2:f8:7c:
4a:19:e0:f8:40:d6:38:bf:ff:d6:89:0a:6e:4a:ed:
08:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:E0:F1:91:A0:BB:72:1B:48:B4:99:03:9A:83:B5:88:53:18:30:F4
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/9D983AE82E6C11F19EE768BCDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.193.162.0/24
Signature Algorithm: sha256WithRSAEncryption
c7:87:c6:15:06:f4:0f:a0:89:8e:f3:ac:f9:9d:4d:a4:3a:af:
ee:f5:e2:d6:f1:53:ab:eb:61:1b:40:07:55:ea:6c:8e:f9:02:
f2:03:f3:83:ac:4f:77:c9:06:c3:9b:aa:23:2d:f2:41:1f:f8:
e0:6e:8e:01:44:75:c6:77:87:6c:56:95:46:33:18:53:24:02:
f9:a8:16:73:e5:45:0a:3a:43:09:b1:11:a0:27:7c:16:66:84:
e8:b2:43:56:66:21:3b:84:ab:a8:65:7f:2f:12:e4:05:5a:64:
de:bf:9e:8c:82:a8:0c:42:e3:f1:47:cc:79:e6:d1:8c:ca:21:
1c:dc:e0:72:8e:00:80:be:08:72:34:b3:fe:63:78:d3:15:53:
14:41:36:35:5b:fd:e1:39:ac:0d:c3:dd:fb:9e:cc:61:15:a0:
24:9a:42:68:44:79:b4:94:79:e7:6f:da:e4:9a:91:cb:fb:2e:
93:e0:54:90:62:a7:c3:a3:d8:c4:ce:d5:78:69:96:df:34:ef:
ac:3e:48:ef:c0:fb:9c:93:6f:75:a2:41:d3:e5:89:76:88:f5:
e3:3e:71:a8:5a:29:43:d6:8c:07:c1:b2:da:aa:04:c3:f4:b8:
cf:a6:15:31:4c:a9:26:b9:88:f0:51:05:1e:e7:ac:72:4a:8a:
f6:b7:88:2c
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAcILMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjYwNDAyMDgxOTAyWhcNMjYwNTA0MDgxOTAyWjAYMRYw
FAYDVQQDEw02OWNlMjY3YS1mMmYzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAl8bpjyuObYYxTY1spMCHaWgHf/W6y46AHcKpJJikUPUD5a0qs/owJkO1
ZqKVvrdeue9QiaogmELXbc/95Sdm01qTjmadRXptQQ7/yGfKUMNV2ZYO4WkAU165
//P8EC+FuPnB/wkrtIvwU00QZzFTBQ/gV/na9fLFzlgwsmzqtYEy6PPBDbn1gDZt
YSWNEt7oyWVSRRv/0xbvSnngpiJBNox1O1FQOFxeHkKaFYKrZYgOov9t5cgJG8Lm
kdlJwg6bJM2pbbHtqIR7n0QlDadrDuvMDxjV46WFKNrIIqo5u+MOIL4PAJU+fDho
tx/i+HxKGeD4QNY4v//WiQpuSu0IiwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFI/g
8ZGgu3IbSLSZA5qDtYhTGDD0MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC85RDk4M0FFODJFNkMxMUYxOUVFNzY4QkNEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmsGiMA0GCSqGSIb3DQEB
CwUAA4IBAQDHh8YVBvQPoImO86z5nU2kOq/u9eLW8VOr62EbQAdV6myO+QLyA/OD
rE93yQbDm6ojLfJBH/jgbo4BRHXGd4dsVpVGMxhTJAL5qBZz5UUKOkMJsRGgJ3wW
ZoToskNWZiE7hKuoZX8vEuQFWmTev56MgqgMQuPxR8x55tGMyiEc3OByjgCAvghy
NLP+Y3jTFVMUQTY1W/3hOawNw937nsxhFaAkmkJoRHm0lHnnb9rkmpHL+y6T4FSQ
YqfDo9jEztV4aZbfNO+sPkjvwPuck291okHT5Yl2iPXjPnGoWilD1owHwbLaqgTD
9LjPphUxTKkmuYjwUQUe56xySor2t4gs
-----END CERTIFICATE-----
Generated at Sat Apr 18 10:25:30 2026 by rpki-client