Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/AE6AAFD2397E11F1AF3F5C17CF1D38B0.roa
File: AE6AAFD2397E11F1AF3F5C17CF1D38B0.roa (raw, json)
Hash identifier: gJVND5jvoe3/wph4NvKFZz02zobsRtcgRVZeLpP2wCk=
Subject key identifier: FE:E7:29:BD:8B:CA:4F:59:F8:F1:0F:C0:87:15:B9:AB:A2:50:9D:A3
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01C597
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/AE6AAFD2397E11F1AF3F5C17CF1D38B0.roa
Signing time: Thu 16 Apr 2026 10:26:08 +0000
ROA not before: Thu 16 Apr 2026 10:26:03 +0000
ROA not after: Thu 30 Apr 2026 10:26:03 +0000
asID: 401783
IP address blocks: 154.200.161.0/24 maxlen: 24
154.200.162.0/24 maxlen: 24
154.200.191.0/24 maxlen: 24
154.211.211.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 19 Apr 2026 00:07:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 116119 (0x1c597)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Apr 16 10:26:03 2026 GMT
Not After : Apr 30 10:26:03 2026 GMT
Subject: CN=69e0b940-2208
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:66:80:7a:1d:50:f2:3b:96:2d:e9:c4:63:bd:
11:44:91:84:4e:77:39:e1:c6:18:d9:cd:6a:d9:91:
c9:df:9d:dc:5f:bd:9e:27:be:bb:dc:5b:9e:eb:62:
42:a4:de:32:60:1b:49:f4:50:39:55:8a:c8:61:52:
ad:94:ff:67:76:a5:75:2d:2b:de:52:52:3b:d1:bc:
cd:45:49:19:11:7f:b9:65:6d:0a:80:37:15:ae:ab:
0d:da:6b:a6:09:9e:72:c4:33:87:e1:d4:71:e4:f6:
ec:10:fb:f3:54:d7:f7:e2:04:92:12:b9:91:87:c6:
91:8d:c8:49:1d:99:18:ae:3a:33:1e:1c:51:f9:d3:
d5:6a:38:75:90:d2:b2:ac:9b:a7:7b:17:76:67:ce:
09:df:4c:8f:bf:5f:3d:73:73:92:b5:f7:f4:63:07:
bd:a1:5f:29:7c:72:e9:35:0e:11:2f:b7:96:49:fe:
32:f6:7a:85:21:c8:26:91:7b:78:62:9e:a4:9f:d4:
af:45:91:d2:07:89:41:ae:59:ac:ce:5c:e6:0f:63:
a4:a0:13:9c:a6:bb:0e:02:9e:a1:0e:57:68:b3:5e:
c3:00:bb:90:5d:2b:c9:64:16:e5:60:67:96:8f:bf:
93:30:84:a1:fe:54:16:b4:21:fe:c4:cb:b9:3f:5f:
91:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:E7:29:BD:8B:CA:4F:59:F8:F1:0F:C0:87:15:B9:AB:A2:50:9D:A3
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/AE6AAFD2397E11F1AF3F5C17CF1D38B0.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.200.161.0-154.200.162.255
154.200.191.0/24
154.211.211.0/24
Signature Algorithm: sha256WithRSAEncryption
5c:3e:ff:39:af:c3:21:31:71:57:3a:ca:ac:90:73:00:c2:c1:
74:5b:ae:94:ad:8f:ca:60:70:76:bd:57:6e:9f:21:c6:f5:61:
57:8e:7d:df:bc:79:ed:09:63:0c:1c:90:9d:a5:ea:d6:63:a2:
cd:02:f1:82:33:83:12:67:d4:0c:2b:b4:42:2d:62:c5:95:05:
64:28:81:22:5a:4a:15:5e:db:e3:7b:af:ba:74:92:0c:18:26:
76:21:0c:80:ba:52:de:fd:6f:61:6f:ba:5b:56:8b:34:59:66:
3a:c1:da:d7:5a:2d:54:76:a6:a6:36:24:84:e1:f3:7f:1e:6f:
68:45:44:5e:1f:bf:e5:1a:c7:b6:e7:3d:b9:70:d8:81:44:7e:
ad:51:03:1e:fa:68:f0:ea:29:c7:ab:49:81:67:e3:d2:ba:9d:
0a:11:e1:3e:a3:53:6d:51:9e:c9:f2:62:6c:9f:f0:81:1a:48:
5d:af:9d:1d:b5:3d:52:2b:2a:85:16:06:f1:74:16:9c:f9:bd:
6c:f3:f7:b6:41:7b:a6:2f:cf:92:1f:3e:1e:52:7a:3a:11:96:
34:3d:34:a4:08:4e:40:c4:0e:9d:eb:75:a8:14:90:69:22:8e:
ab:dc:86:47:3b:45:e1:75:6c:4f:c6:94:05:4b:87:af:2c:63:
63:0a:a8:c8
-----BEGIN CERTIFICATE-----
MIIFmDCCBICgAwIBAgIDAcWXMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjYwNDE2MTAyNjAzWhcNMjYwNDMwMTAyNjAzWjAYMRYw
FAYDVQQDEw02OWUwYjk0MC0yMjA4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAymaAeh1Q8juWLenEY70RRJGETnc54cYY2c1q2ZHJ353cX72eJ7673Fue
62JCpN4yYBtJ9FA5VYrIYVKtlP9ndqV1LSveUlI70bzNRUkZEX+5ZW0KgDcVrqsN
2mumCZ5yxDOH4dRx5PbsEPvzVNf34gSSErmRh8aRjchJHZkYrjozHhxR+dPVajh1
kNKyrJunexd2Z84J30yPv189c3OStff0Ywe9oV8pfHLpNQ4RL7eWSf4y9nqFIcgm
kXt4Yp6kn9SvRZHSB4lBrlmszlzmD2OkoBOcprsOAp6hDldos17DALuQXSvJZBbl
YGeWj7+TMISh/lQWtCH+xMu5P1+RSQIDAQABo4ICuTCCArUwHQYDVR0OBBYEFP7n
Kb2Lyk9Z+PEPwIcVuauiUJ2jMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9BRTZBQUZEMjM5N0UxMUYxQUYzRjVDMTdDRjFEMzhCMC5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBACayKEDBACayKIDBACa
yL8DBACa09MwDQYJKoZIhvcNAQELBQADggEBAFw+/zmvwyExcVc6yqyQcwDCwXRb
rpStj8pgcHa9V26fIcb1YVeOfd+8ee0JYwwckJ2l6tZjos0C8YIzgxJn1AwrtEIt
YsWVBWQogSJaShVe2+N7r7p0kgwYJnYhDIC6Ut79b2FvultWizRZZjrB2tdaLVR2
pqY2JITh838eb2hFRF4fv+Uax7bnPblw2IFEfq1RAx76aPDqKcerSYFn49K6nQoR
4T6jU21RnsnyYmyf8IEaSF2vnR21PVIrKoUWBvF0Fpz5vWzz97ZBe6Yvz5IfPh5S
ejoRljQ9NKQITkDEDp3rdagUkGkijqvchkc7ReF1bE/GlAVLh68sY2MKqMg=
-----END CERTIFICATE-----
Generated at Fri Apr 17 10:35:28 2026 by rpki-client