Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/B3EA15FE377811F1B80437B1CE1D38B0.roa
File: B3EA15FE377811F1B80437B1CE1D38B0.roa (raw, json)
Hash identifier: 5Co+iMJXNktfRnDcN2xIA0bXvg46Ac4nEEzRYyPPMj8=
Subject key identifier: 98:F3:88:5C:DF:A0:90:61:9B:F6:39:59:55:2B:70:91:F7:7E:70:EC
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01C530
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/B3EA15FE377811F1B80437B1CE1D38B0.roa
Signing time: Mon 13 Apr 2026 20:38:18 +0000
ROA not before: Mon 13 Apr 2026 20:38:14 +0000
ROA not after: Thu 04 Jun 2026 20:38:14 +0000
asID: 20326
IP address blocks: 154.193.163.0/24 maxlen: 24
154.193.164.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 19 Apr 2026 16:08:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 116016 (0x1c530)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Apr 13 20:38:14 2026 GMT
Not After : Jun 4 20:38:14 2026 GMT
Subject: CN=69dd543a-7ac5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:73:3d:bb:f9:ad:4f:6f:93:7a:40:e8:e0:95:
e3:56:e9:c2:d7:e4:3b:4f:5c:16:45:aa:56:d4:2c:
96:f8:f1:d5:73:cc:56:cf:0a:1a:57:d8:2f:58:be:
30:72:31:67:31:c3:14:b0:21:94:7b:cb:ca:dc:75:
86:3e:06:27:88:45:6c:33:46:10:78:ba:dc:de:d5:
b7:70:28:64:11:ea:36:3a:08:69:f9:55:c4:e8:56:
e9:89:e1:16:56:b9:2b:8e:23:bc:30:fe:37:6d:cc:
d5:21:00:02:0a:d2:05:3b:61:fc:ea:5a:2e:d0:8c:
38:de:3c:8d:32:42:4e:f5:d6:c9:92:f8:ff:9e:32:
cf:a6:9a:a2:fb:9c:48:a1:e4:63:8e:84:b6:95:a0:
eb:8e:69:35:26:85:79:76:4b:59:18:97:c5:64:c8:
64:36:ce:ee:e9:6a:38:be:44:55:35:07:ef:d5:36:
53:a0:21:b4:6f:31:cf:c0:9f:23:fb:76:32:a5:b0:
d5:37:4e:01:56:55:e2:df:67:99:57:ee:a6:aa:64:
b5:05:9a:14:93:c1:59:b8:1d:60:d6:f0:f5:b4:88:
d2:12:a0:ec:4f:a4:2e:49:ae:f4:ac:03:fc:80:00:
7e:27:33:e8:b7:c2:c2:e9:7d:65:ac:43:06:ff:ab:
67:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:F3:88:5C:DF:A0:90:61:9B:F6:39:59:55:2B:70:91:F7:7E:70:EC
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/B3EA15FE377811F1B80437B1CE1D38B0.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.193.163.0-154.193.167.255
Signature Algorithm: sha256WithRSAEncryption
64:10:78:1b:f5:2c:bf:a2:c5:88:29:e0:2c:84:ee:4d:93:ca:
22:00:cc:ed:c7:fd:4c:1e:84:64:01:a7:cd:19:f0:f4:35:69:
9f:4f:18:5a:c8:e6:b7:4a:73:5f:dc:a6:55:ab:b8:c7:fd:8c:
a7:b3:30:72:8d:3e:14:28:40:78:1c:cd:81:99:df:de:d4:84:
33:58:96:9b:af:53:15:eb:a9:8f:97:71:e0:ba:59:0e:34:c3:
d8:f3:d9:7f:59:07:9e:9c:1e:57:17:2b:ee:21:c3:5c:c0:77:
03:15:27:4e:39:02:a4:90:8f:fc:62:a1:7a:45:cd:04:6a:ee:
c9:a7:27:a8:76:61:db:c0:e5:87:79:b2:68:e7:0f:4b:b5:27:
d9:cd:03:68:7b:fd:07:0f:2a:46:6f:0b:a0:91:d2:b4:6b:d7:
34:c6:33:41:4b:70:ab:82:d1:39:e4:f1:01:e8:57:b0:23:d1:
c6:32:a4:a5:88:a0:b6:04:b9:f9:80:66:d6:e3:d9:2a:ab:74:
20:b0:ac:4a:0a:1b:88:5c:15:49:bf:d9:81:a4:ea:c5:77:a7:
d5:62:c0:43:4c:fb:63:5b:cf:64:e7:3d:7a:aa:1c:ad:dc:95:
c3:dc:ce:49:ca:8a:5c:bc:17:2d:21:80:33:84:03:35:c4:a9:
01:8d:9c:25
-----BEGIN CERTIFICATE-----
MIIFjDCCBHSgAwIBAgIDAcUwMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjYwNDEzMjAzODE0WhcNMjYwNjA0MjAzODE0WjAYMRYw
FAYDVQQDEw02OWRkNTQzYS03YWM1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAz3M9u/mtT2+TekDo4JXjVunC1+Q7T1wWRapW1CyW+PHVc8xWzwoaV9gv
WL4wcjFnMcMUsCGUe8vK3HWGPgYniEVsM0YQeLrc3tW3cChkEeo2Oghp+VXE6Fbp
ieEWVrkrjiO8MP43bczVIQACCtIFO2H86lou0Iw43jyNMkJO9dbJkvj/njLPppqi
+5xIoeRjjoS2laDrjmk1JoV5dktZGJfFZMhkNs7u6Wo4vkRVNQfv1TZToCG0bzHP
wJ8j+3YypbDVN04BVlXi32eZV+6mqmS1BZoUk8FZuB1g1vD1tIjSEqDsT6QuSa70
rAP8gAB+JzPot8LC6X1lrEMG/6tnQQIDAQABo4ICrTCCAqkwHQYDVR0OBBYEFJjz
iFzfoJBhm/Y5WVUrcJH3fnDsMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9CM0VBMTVGRTM3NzgxMUYxQjgwNDM3QjFDRTFEMzhCMC5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBACawaMDBAOawaAwDQYJ
KoZIhvcNAQELBQADggEBAGQQeBv1LL+ixYgp4CyE7k2TyiIAzO3H/UwehGQBp80Z
8PQ1aZ9PGFrI5rdKc1/cplWruMf9jKezMHKNPhQoQHgczYGZ397UhDNYlpuvUxXr
qY+XceC6WQ40w9jz2X9ZB56cHlcXK+4hw1zAdwMVJ045AqSQj/xioXpFzQRq7smn
J6h2YdvA5Yd5smjnD0u1J9nNA2h7/QcPKkZvC6CR0rRr1zTGM0FLcKuC0Tnk8QHo
V7Aj0cYypKWIoLYEufmAZtbj2SqrdCCwrEoKG4hcFUm/2YGk6sV3p9ViwENM+2Nb
z2TnPXqqHK3clcPczknKily8Fy0hgDOEAzXEqQGNnCU=
-----END CERTIFICATE-----
Generated at Fri Apr 17 22:12:19 2026 by rpki-client