Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/BF2D0B16348911F1A0320AC1CE1D38B0.roa
File: BF2D0B16348911F1A0320AC1CE1D38B0.roa (raw, json)
Hash identifier: 6KLYqgyhR1mFaURT2ueT1dB0lsh7ojFZHQozcluQl1I=
Subject key identifier: 4F:33:D2:17:D1:01:7D:BC:D7:2C:5B:8F:02:14:E8:A2:5C:16:10:2B
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01C43F
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/BF2D0B16348911F1A0320AC1CE1D38B0.roa
Signing time: Fri 10 Apr 2026 03:02:45 +0000
ROA not before: Fri 10 Apr 2026 03:02:40 +0000
ROA not after: Sun 19 Apr 2026 03:02:40 +0000
asID: 395793
IP address blocks: 154.200.2.0/23 maxlen: 24
154.200.4.0/23 maxlen: 24
154.200.6.0/23 maxlen: 24
154.200.104.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 19 Apr 2026 03:02:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 115775 (0x1c43f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Apr 10 03:02:40 2026 GMT
Not After : Apr 19 03:02:40 2026 GMT
Subject: CN=69d86855-3db1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:1e:58:c1:5e:fb:be:be:c6:42:72:3c:e3:5d:
2d:26:ba:f1:15:94:02:72:58:a8:83:55:6e:ae:43:
bd:17:d7:1a:d6:e4:da:09:31:72:9d:12:b8:9c:5b:
a9:a3:e7:25:96:28:c5:41:66:18:1a:8c:e3:96:72:
69:fd:5e:eb:71:a8:2e:82:5d:83:b6:67:27:6b:24:
64:d4:8d:d5:69:eb:fc:18:c2:9a:44:17:23:a1:f5:
c6:84:80:7a:2c:32:51:4f:ba:67:51:bf:46:e9:dc:
4d:88:8d:0a:b8:eb:7e:16:66:4d:4a:71:80:46:72:
a7:5c:84:00:37:5c:2b:ec:f6:50:e5:57:d3:88:2f:
0c:56:ce:fd:99:71:bb:15:4f:bf:f8:57:01:66:fb:
c1:58:d7:02:77:6c:7d:97:a4:e7:e2:1c:47:a8:51:
eb:be:8d:64:5c:f1:1e:e8:86:40:ed:fb:7a:b3:ec:
dd:de:a3:35:17:4f:81:52:e1:06:61:d0:72:03:ba:
e1:67:f1:06:3c:21:86:66:32:74:44:33:a2:02:28:
45:9f:03:92:79:07:c2:b0:35:d1:bd:50:1a:d1:4e:
d3:84:20:da:6e:f3:89:52:5a:4c:ec:7a:b7:ca:87:
27:54:4e:c9:6b:97:b8:99:1d:ed:24:83:60:7f:80:
8e:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:33:D2:17:D1:01:7D:BC:D7:2C:5B:8F:02:14:E8:A2:5C:16:10:2B
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/BF2D0B16348911F1A0320AC1CE1D38B0.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.200.2.0-154.200.7.255
154.200.104.0/22
Signature Algorithm: sha256WithRSAEncryption
c0:54:a1:d0:f6:8f:7a:f8:9b:7f:d5:d1:2b:fa:ce:55:b8:38:
d5:aa:7f:5e:d5:43:4b:01:d1:30:16:d1:a5:2d:92:32:30:88:
6c:e3:9d:a0:0f:03:03:c9:85:dc:8c:c8:19:4f:52:d8:cc:e6:
dd:e9:5c:88:ab:ee:2c:ca:a9:15:e2:10:f7:a8:28:28:d3:12:
2b:d7:1d:73:01:62:9b:ff:62:0d:74:60:b6:fb:c5:91:73:a3:
d9:16:e7:44:e3:ec:b7:63:f8:91:7c:3b:40:a7:fd:16:8a:96:
9e:f6:d3:6b:f7:dc:26:7f:da:39:5b:e9:57:d6:1a:5c:b1:fb:
ef:54:60:f6:a8:eb:51:36:28:6f:98:0e:41:fd:fb:23:25:ae:
af:e1:6c:60:b5:54:3a:eb:bd:3b:b5:0e:2a:29:ad:fa:e2:8e:
6d:55:63:c3:5f:d3:8c:52:f8:a9:1e:ae:bb:6e:38:30:f5:28:
7f:0c:1b:d4:af:8d:4a:3c:db:d4:1e:cb:ac:3f:af:c2:10:e0:
fb:39:fe:47:a7:87:d9:99:49:e7:28:f9:37:cf:0f:dd:71:d6:
52:f5:c2:e9:1e:17:df:ba:4e:2d:14:06:ab:4b:e7:78:14:a1:
81:83:1d:0e:48:7c:27:66:cc:f0:f5:e1:53:b5:73:37:b5:33:
78:28:ea:86
-----BEGIN CERTIFICATE-----
MIIFkjCCBHqgAwIBAgIDAcQ/MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjYwNDEwMDMwMjQwWhcNMjYwNDE5MDMwMjQwWjAYMRYw
FAYDVQQDEw02OWQ4Njg1NS0zZGIxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAwx5YwV77vr7GQnI8410tJrrxFZQCcliog1VurkO9F9ca1uTaCTFynRK4
nFupo+cllijFQWYYGozjlnJp/V7rcagugl2DtmcnayRk1I3Vaev8GMKaRBcjofXG
hIB6LDJRT7pnUb9G6dxNiI0KuOt+FmZNSnGARnKnXIQAN1wr7PZQ5VfTiC8MVs79
mXG7FU+/+FcBZvvBWNcCd2x9l6Tn4hxHqFHrvo1kXPEe6IZA7ft6s+zd3qM1F0+B
UuEGYdByA7rhZ/EGPCGGZjJ0RDOiAihFnwOSeQfCsDXRvVAa0U7ThCDabvOJUlpM
7Hq3yocnVE7Ja5e4mR3tJINgf4COGwIDAQABo4ICszCCAq8wHQYDVR0OBBYEFE8z
0hfRAX281yxbjwIU6KJcFhArMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9CRjJEMEIxNjM0ODkxMUYxQTAzMjBBQzFDRTFEMzhCMC5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBAGayAIDBAOayAADBAKa
yGgwDQYJKoZIhvcNAQELBQADggEBAMBUodD2j3r4m3/V0Sv6zlW4ONWqf17VQ0sB
0TAW0aUtkjIwiGzjnaAPAwPJhdyMyBlPUtjM5t3pXIir7izKqRXiEPeoKCjTEivX
HXMBYpv/Yg10YLb7xZFzo9kW50Tj7Ldj+JF8O0Cn/RaKlp7202v33CZ/2jlb6VfW
Glyx++9UYPao61E2KG+YDkH9+yMlrq/hbGC1VDrrvTu1Dioprfrijm1VY8Nf04xS
+KkerrtuODD1KH8MG9SvjUo829Qey6w/r8IQ4Ps5/kenh9mZSeco+TfPD91x1lL1
wukeF9+6Ti0UBqtL53gUoYGDHQ5IfCdmzPD14VO1cze1M3go6oY=
-----END CERTIFICATE-----
Generated at Fri Apr 17 18:13:09 2026 by rpki-client