Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/C8D2F9983A5911F1B851EED2CE1D38B0.roa
File: C8D2F9983A5911F1B851EED2CE1D38B0.roa (raw, json)
Hash identifier: VaXp6AHoxpTXGuKDXj/LJ9tbV0iUgqZ7kXuTksPPqOc=
Subject key identifier: C7:BD:2D:38:4D:9C:53:24:0F:AD:4E:EA:C7:E4:0E:87:CC:5D:79:33
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01C5D3
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/C8D2F9983A5911F1B851EED2CE1D38B0.roa
Signing time: Fri 17 Apr 2026 12:34:32 +0000
ROA not before: Fri 17 Apr 2026 12:34:28 +0000
ROA not after: Sun 24 May 2026 12:34:28 +0000
asID: 153706
IP address blocks: 154.89.194.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 19 Apr 2026 16:08:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 116179 (0x1c5d3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Apr 17 12:34:28 2026 GMT
Not After : May 24 12:34:28 2026 GMT
Subject: CN=69e228d8-eb85
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:a4:db:f7:1f:4a:30:db:2c:12:fb:ff:1e:c2:
76:a6:ff:85:a2:be:63:79:11:15:a0:d4:ae:b5:5a:
76:5e:b1:b6:e4:63:50:42:67:28:c9:9f:08:19:94:
99:35:36:19:5b:38:b5:3d:29:98:5b:bf:16:79:43:
e5:c1:1c:25:bd:ca:7a:07:0d:37:ee:65:96:d8:be:
27:18:fc:02:65:5d:60:fc:5f:7d:bf:09:77:35:ef:
08:4d:e2:19:6a:4e:57:95:9a:22:4c:24:d0:65:4e:
f7:8d:67:c8:e4:5c:84:f8:27:83:20:e0:23:fc:21:
8d:cc:ea:6e:80:95:0b:8b:e7:63:15:f4:db:dd:b4:
05:b3:70:1a:a1:ce:82:d2:9c:16:f0:7d:a2:fc:22:
e9:26:28:62:3b:e4:36:e7:5a:99:8c:e6:1b:4f:97:
f0:cc:58:53:1b:5d:8b:65:1e:55:91:76:89:ee:2a:
f7:f6:1f:58:27:e0:b6:45:52:67:01:9d:ec:50:2f:
93:93:9a:b9:4d:6f:f8:3d:f8:8b:78:f1:e6:1d:c3:
f5:2c:64:b1:52:14:65:74:95:0c:d1:c0:5b:cf:f7:
6f:f5:b1:df:cd:e1:cc:6e:19:a4:d9:16:64:f8:10:
4f:18:c5:f4:6f:39:35:81:48:cf:ed:58:1c:15:7a:
54:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:BD:2D:38:4D:9C:53:24:0F:AD:4E:EA:C7:E4:0E:87:CC:5D:79:33
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/C8D2F9983A5911F1B851EED2CE1D38B0.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.89.194.0/24
Signature Algorithm: sha256WithRSAEncryption
46:db:96:04:ee:43:51:07:c9:88:35:f1:b8:06:11:60:55:54:
97:c1:9b:59:79:82:be:3d:db:77:96:58:aa:5d:23:d7:4a:23:
ee:a0:72:a7:67:65:17:2f:bf:e5:12:8a:52:2d:52:37:04:16:
34:84:6b:e1:1a:bf:43:5f:11:54:76:ad:d6:27:d6:0d:a6:38:
17:50:90:91:ca:93:27:cd:fc:36:5f:91:ee:24:b9:cd:31:f3:
8d:b0:ac:bc:f3:bc:0f:1b:d6:cb:a1:17:5c:94:d7:0b:bf:51:
4d:37:b8:33:f8:2f:b7:d0:9d:00:ae:1a:a2:2d:ac:d4:bf:0f:
18:1c:82:60:9e:fd:5f:c3:6a:e3:2b:5b:0b:90:93:5f:1f:82:
82:ee:21:8d:e0:13:08:9b:a2:94:08:e8:32:c6:75:71:e7:0c:
79:31:06:48:54:2c:3d:11:7a:a3:97:b3:4a:f6:6b:2e:bc:54:
f8:22:29:60:64:bc:b0:a8:83:d7:98:98:d0:81:88:9e:30:06:
85:23:4a:e0:9a:18:d8:99:87:75:01:c2:3e:6a:30:a4:f6:c1:
b9:fe:1c:97:26:ca:5f:19:35:0b:79:8d:65:7f:7e:f0:34:70:
f1:07:cc:d6:14:17:05:94:49:bc:52:27:f9:f5:ec:49:0e:98:
ef:9b:e7:bd
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAcXTMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjYwNDE3MTIzNDI4WhcNMjYwNTI0MTIzNDI4WjAYMRYw
FAYDVQQDEw02OWUyMjhkOC1lYjg1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA7KTb9x9KMNssEvv/HsJ2pv+For5jeREVoNSutVp2XrG25GNQQmcoyZ8I
GZSZNTYZWzi1PSmYW78WeUPlwRwlvcp6Bw037mWW2L4nGPwCZV1g/F99vwl3Ne8I
TeIZak5XlZoiTCTQZU73jWfI5FyE+CeDIOAj/CGNzOpugJULi+djFfTb3bQFs3Aa
oc6C0pwW8H2i/CLpJihiO+Q251qZjOYbT5fwzFhTG12LZR5VkXaJ7ir39h9YJ+C2
RVJnAZ3sUC+Tk5q5TW/4PfiLePHmHcP1LGSxUhRldJUM0cBbz/dv9bHfzeHMbhmk
2RZk+BBPGMX0bzk1gUjP7VgcFXpUPwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFMe9
LThNnFMkD61O6sfkDofMXXkzMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9DOEQyRjk5ODNBNTkxMUYxQjg1MUVFRDJDRTFEMzhCMC5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmlnCMA0GCSqGSIb3DQEB
CwUAA4IBAQBG25YE7kNRB8mINfG4BhFgVVSXwZtZeYK+Pdt3lliqXSPXSiPuoHKn
Z2UXL7/lEopSLVI3BBY0hGvhGr9DXxFUdq3WJ9YNpjgXUJCRypMnzfw2X5HuJLnN
MfONsKy887wPG9bLoRdclNcLv1FNN7gz+C+30J0ArhqiLazUvw8YHIJgnv1fw2rj
K1sLkJNfH4KC7iGN4BMIm6KUCOgyxnVx5wx5MQZIVCw9EXqjl7NK9msuvFT4Iilg
ZLywqIPXmJjQgYieMAaFI0rgmhjYmYd1AcI+ajCk9sG5/hyXJspfGTULeY1lf37w
NHDxB8zWFBcFlEm8Uif59exJDpjvm+e9
-----END CERTIFICATE-----
Generated at Fri Apr 17 23:55:10 2026 by rpki-client