Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/BF2F6E3834CA11F1BB84FFD6CE1D38B0.roa
File: BF2F6E3834CA11F1BB84FFD6CE1D38B0.roa (raw, json)
Hash identifier: wnv5lFOmpoQpE0UhQO1QLKQ2EwcsghMAOQxKoTSokHU=
Subject key identifier: E8:AD:4D:74:07:8D:F9:B5:7A:13:F2:44:AC:80:D9:4F:BF:F9:86:0C
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01C45D
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/BF2F6E3834CA11F1BB84FFD6CE1D38B0.roa
Signing time: Fri 10 Apr 2026 10:48:02 +0000
ROA not before: Fri 10 Apr 2026 10:47:58 +0000
ROA not after: Mon 18 May 2026 10:47:58 +0000
asID: 395886
IP address blocks: 154.200.128.0/24 maxlen: 24
154.200.132.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 19 Apr 2026 15:47:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 115805 (0x1c45d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Apr 10 10:47:58 2026 GMT
Not After : May 18 10:47:58 2026 GMT
Subject: CN=69d8d562-3e88
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:47:fe:55:25:2d:8f:9c:6c:c0:2d:81:b2:07:
dc:38:b8:e3:ec:69:ed:76:44:d2:9f:8b:8b:21:6d:
9b:0a:03:41:12:26:6b:f7:7c:df:cd:d7:28:94:7e:
0b:21:f0:1e:74:23:04:b1:ac:cb:27:78:90:f3:c0:
1b:7c:f3:17:7a:8a:4e:5c:8a:70:78:85:ba:5f:37:
7f:1b:2c:d6:d6:23:f3:a4:71:58:d9:7b:5e:ff:31:
d8:48:f4:4e:74:0e:0b:8a:04:84:36:3b:01:9c:cc:
77:31:c4:64:b0:20:f5:74:e7:d3:9a:31:76:ab:1c:
fe:f6:24:03:90:60:e2:66:7c:d2:61:e1:74:a1:b2:
c0:1f:cf:a4:76:37:c7:9c:06:e6:b5:be:2d:be:27:
f6:6a:a5:76:ed:e3:70:65:fc:33:79:b2:f5:b9:a5:
2d:4a:3b:de:69:13:0d:9e:7e:2d:45:2b:08:45:d1:
cc:3d:9c:b6:80:3a:1d:23:8e:d4:29:e0:7e:b8:d6:
8c:62:ad:55:34:4f:2e:16:fe:88:33:5c:97:fd:30:
11:cb:29:73:e1:02:d5:2b:1c:57:94:43:cf:50:b9:
fa:28:86:33:73:29:a6:87:30:c3:c1:1c:d8:c7:7d:
6f:27:76:d0:39:a4:cc:e6:87:88:0d:73:a6:53:c7:
8b:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:AD:4D:74:07:8D:F9:B5:7A:13:F2:44:AC:80:D9:4F:BF:F9:86:0C
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/BF2F6E3834CA11F1BB84FFD6CE1D38B0.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.200.128.0/24
154.200.132.0/24
Signature Algorithm: sha256WithRSAEncryption
19:cb:4b:c8:1b:41:ca:da:b7:4e:bf:39:9e:a7:6b:3e:e2:9e:
6c:e3:e6:e4:fa:35:74:3a:cd:6f:b6:09:82:40:5a:81:76:40:
6b:b6:e7:54:28:3e:0b:d4:ad:d7:be:4d:bd:1e:ed:6b:7c:d6:
fa:de:e8:81:6d:c3:5e:dc:0d:95:3a:5d:96:c4:57:1f:fd:ce:
7e:a5:d7:69:d9:4d:8b:2e:d7:bd:ba:92:7d:a9:74:19:b9:72:
20:f1:9f:03:13:25:11:71:c8:ac:85:cc:c9:06:08:c1:37:fb:
60:ce:34:37:5f:3f:76:da:3b:58:62:24:70:af:bc:61:01:82:
70:88:60:58:8c:52:70:68:0d:33:ff:1a:43:11:82:ea:69:3b:
37:1d:33:38:af:9d:3a:c5:a8:c4:14:55:b0:3a:d0:7f:c0:58:
89:8f:e4:1e:87:42:88:f1:90:12:7d:4f:35:79:31:c7:63:5b:
76:28:54:10:b8:fb:f6:e3:62:46:0d:42:e9:bf:10:ae:34:7a:
4f:c4:ec:0b:e6:4e:7c:6f:43:38:ae:be:c1:64:c6:ee:91:3a:
75:c2:ef:91:dc:5c:15:f1:2d:1b:e3:d4:ae:27:4e:a5:a2:04:
4a:70:9e:e2:06:11:a3:bf:85:77:e0:ff:81:80:bc:48:f7:1a:
5a:0f:d0:3f
-----BEGIN CERTIFICATE-----
MIIFijCCBHKgAwIBAgIDAcRdMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjYwNDEwMTA0NzU4WhcNMjYwNTE4MTA0NzU4WjAYMRYw
FAYDVQQDEw02OWQ4ZDU2Mi0zZTg4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAv0f+VSUtj5xswC2BsgfcOLjj7GntdkTSn4uLIW2bCgNBEiZr93zfzdco
lH4LIfAedCMEsazLJ3iQ88AbfPMXeopOXIpweIW6Xzd/GyzW1iPzpHFY2Xte/zHY
SPROdA4LigSENjsBnMx3McRksCD1dOfTmjF2qxz+9iQDkGDiZnzSYeF0obLAH8+k
djfHnAbmtb4tvif2aqV27eNwZfwzebL1uaUtSjveaRMNnn4tRSsIRdHMPZy2gDod
I47UKeB+uNaMYq1VNE8uFv6IM1yX/TARyylz4QLVKxxXlEPPULn6KIYzcymmhzDD
wRzYx31vJ3bQOaTM5oeIDXOmU8eLowIDAQABo4ICqzCCAqcwHQYDVR0OBBYEFOit
TXQHjfm1ehPyRKyA2U+/+YYMMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9CRjJGNkUzODM0Q0ExMUYxQkI4NEZGRDZDRTFEMzhCMC5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAmsiAAwQAmsiEMA0GCSqG
SIb3DQEBCwUAA4IBAQAZy0vIG0HK2rdOvzmep2s+4p5s4+bk+jV0Os1vtgmCQFqB
dkBrtudUKD4L1K3Xvk29Hu1rfNb63uiBbcNe3A2VOl2WxFcf/c5+pddp2U2LLte9
upJ9qXQZuXIg8Z8DEyURccishczJBgjBN/tgzjQ3Xz922jtYYiRwr7xhAYJwiGBY
jFJwaA0z/xpDEYLqaTs3HTM4r506xajEFFWwOtB/wFiJj+Qeh0KI8ZASfU81eTHH
Y1t2KFQQuPv242JGDULpvxCuNHpPxOwL5k58b0M4rr7BZMbukTp1wu+R3FwV8S0b
49SuJ06logRKcJ7iBhGjv4V34P+BgLxI9xpaD9A/
-----END CERTIFICATE-----
Generated at Fri Apr 17 17:52:08 2026 by rpki-client