Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/B7DEA97E2E7A11F18FC81E8DDAE4EC9C.roa
File: B7DEA97E2E7A11F18FC81E8DDAE4EC9C.roa (raw, json)
Hash identifier: nGJkwHNvp0Rg565FpWSlCrROjzCrlVuIt7D3tvaXmHc=
Subject key identifier: FA:61:A9:17:88:33:18:8F:FE:4C:DE:C5:81:75:68:D8:F7:CC:7A:21
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01C227
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/B7DEA97E2E7A11F18FC81E8DDAE4EC9C.roa
Signing time: Thu 02 Apr 2026 10:00:03 +0000
ROA not before: Thu 02 Apr 2026 09:59:59 +0000
ROA not after: Wed 06 May 2026 09:59:59 +0000
asID: 202656
IP address blocks: 154.219.29.0/24 maxlen: 24
154.222.40.0/24 maxlen: 24
154.222.41.0/24 maxlen: 24
154.222.42.0/24 maxlen: 24
154.222.193.0/24 maxlen: 24
154.222.194.0/24 maxlen: 24
154.222.195.0/24 maxlen: 24
154.222.196.0/24 maxlen: 24
154.222.198.0/24 maxlen: 24
154.222.199.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 19 Apr 2026 15:47:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 115239 (0x1c227)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Apr 2 09:59:59 2026 GMT
Not After : May 6 09:59:59 2026 GMT
Subject: CN=69ce3e23-0998
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f3:ca:86:3a:4e:34:11:9d:1f:05:a5:cc:14:a7:
c3:f5:86:f7:4e:59:03:8a:75:7a:f8:69:9e:6f:31:
28:16:73:8e:c5:a3:48:8a:38:a3:19:ea:30:eb:22:
0c:52:77:60:7c:54:cf:5c:2f:32:d3:d9:25:1a:0c:
da:15:6b:70:48:e4:0a:e6:7f:c7:5d:50:ac:fe:c6:
a6:93:f2:96:69:54:d4:1e:21:ec:a9:c6:0c:cd:fa:
3a:8b:7c:91:5d:7a:02:1e:a9:2e:4d:46:14:2c:3c:
21:9f:c7:9a:ed:fb:2f:ce:66:68:49:cf:1a:9e:69:
01:fe:86:04:7b:db:9b:0e:9a:93:b4:3a:49:85:bf:
ca:49:ce:bf:df:a2:9f:3a:34:51:25:52:fd:3b:a7:
89:2e:fe:54:1d:06:48:e9:0d:71:05:1a:37:c1:08:
61:92:5f:2e:c0:28:4d:4b:f1:e1:2d:02:a6:48:a6:
41:58:3f:8d:c3:9a:d1:91:02:13:aa:7c:d5:94:27:
5f:12:56:68:0f:3d:fb:8b:70:28:4c:5c:29:42:19:
cb:47:a0:dc:25:bc:43:0b:2b:94:c5:2f:c2:b8:6c:
58:f6:27:4f:31:d1:6d:61:22:95:d1:b8:89:0e:4f:
b1:ab:97:1e:26:8e:bd:97:21:a7:3a:ab:5f:b9:8e:
30:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:61:A9:17:88:33:18:8F:FE:4C:DE:C5:81:75:68:D8:F7:CC:7A:21
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/B7DEA97E2E7A11F18FC81E8DDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.219.29.0/24
154.222.40.0-154.222.42.255
154.222.193.0-154.222.196.255
154.222.198.0/23
Signature Algorithm: sha256WithRSAEncryption
71:d4:fa:64:01:6e:15:b6:c9:2f:e2:8b:99:48:ae:7d:a0:7f:
86:f6:8b:f4:17:ac:41:18:38:cf:3c:99:bb:a1:26:22:e6:59:
99:27:5e:16:f3:cd:94:7b:73:f0:1f:9f:a7:5e:72:10:0d:33:
e7:f0:a7:9e:e5:83:61:73:23:cd:74:1b:04:06:0c:6b:21:e7:
76:6a:b2:92:27:a6:97:bc:bd:ef:37:2b:5a:47:49:31:ea:bb:
fd:77:ed:d9:11:d0:4f:f3:d8:1d:86:c0:f9:38:55:85:0c:25:
d2:e8:b2:e2:05:0c:0b:74:27:98:95:d5:17:55:2b:6c:ab:ee:
16:76:5f:70:0f:d9:d3:71:80:7e:de:78:f2:0a:23:05:46:34:
39:50:d3:92:98:1e:79:db:a3:e4:87:68:84:e8:27:91:17:a6:
39:23:3a:4c:a0:c5:ac:49:25:78:f1:b6:52:59:b4:d0:93:c9:
bb:f9:d4:9f:72:04:0e:f1:15:b3:ea:5f:bb:c3:72:8e:91:b9:
cb:b9:d9:14:db:eb:1e:5a:7b:62:55:82:5b:fc:03:ef:0b:0a:
e9:51:12:e9:38:20:41:d0:fb:fd:6f:85:15:b1:cb:96:97:4a:
5e:e1:91:8c:6c:a0:b7:43:97:b1:fa:ec:99:d9:7d:26:71:9c:
fd:c7:33:4c
-----BEGIN CERTIFICATE-----
MIIFpjCCBI6gAwIBAgIDAcInMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjYwNDAyMDk1OTU5WhcNMjYwNTA2MDk1OTU5WjAYMRYw
FAYDVQQDEw02OWNlM2UyMy0wOTk4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA88qGOk40EZ0fBaXMFKfD9Yb3TlkDinV6+GmebzEoFnOOxaNIijijGeow
6yIMUndgfFTPXC8y09klGgzaFWtwSOQK5n/HXVCs/samk/KWaVTUHiHsqcYMzfo6
i3yRXXoCHqkuTUYULDwhn8ea7fsvzmZoSc8anmkB/oYEe9ubDpqTtDpJhb/KSc6/
36KfOjRRJVL9O6eJLv5UHQZI6Q1xBRo3wQhhkl8uwChNS/HhLQKmSKZBWD+Nw5rR
kQITqnzVlCdfElZoDz37i3AoTFwpQhnLR6DcJbxDCyuUxS/CuGxY9idPMdFtYSKV
0biJDk+xq5ceJo69lyGnOqtfuY4w0wIDAQABo4ICxzCCAsMwHQYDVR0OBBYEFPph
qReIMxiP/kzexYF1aNj3zHohMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9CN0RFQTk3RTJFN0ExMUYxOEZDODFFOEREQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMEEGCCsGAQUFBwEHAQH/BDIwMDAuBAIAATAoAwQAmtsdMAwDBAOa3igDBACa
3iowDAMEAJrewQMEAJrexAMEAZrexjANBgkqhkiG9w0BAQsFAAOCAQEAcdT6ZAFu
FbbJL+KLmUiufaB/hvaL9BesQRg4zzyZu6EmIuZZmSdeFvPNlHtz8B+fp15yEA0z
5/CnnuWDYXMjzXQbBAYMayHndmqykieml7y97zcrWkdJMeq7/Xft2RHQT/PYHYbA
+ThVhQwl0uiy4gUMC3QnmJXVF1UrbKvuFnZfcA/Z03GAft548gojBUY0OVDTkpge
eduj5IdohOgnkRemOSM6TKDFrEklePG2Ulm00JPJu/nUn3IEDvEVs+pfu8NyjpG5
y7nZFNvrHlp7YlWCW/wD7wsK6VES6TggQdD7/W+FFbHLlpdKXuGRjGygt0OXsfrs
mdl9JnGc/cczTA==
-----END CERTIFICATE-----
Generated at Fri Apr 17 17:51:31 2026 by rpki-client