Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/C94E7C2638BF11F19B68FC0ACF1D38B0.roa
File: C94E7C2638BF11F19B68FC0ACF1D38B0.roa (raw, json)
Hash identifier: zs59CVsp27I4zGA55VvU/bb+tSaW91YoBRDPT8gpgSk=
Subject key identifier: 6D:DF:11:8C:21:D7:85:5B:2A:E3:44:CC:56:AA:C8:CD:F2:56:85:C6
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01C558
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/C94E7C2638BF11F19B68FC0ACF1D38B0.roa
Signing time: Wed 15 Apr 2026 11:39:39 +0000
ROA not before: Wed 15 Apr 2026 11:39:35 +0000
ROA not after: Mon 11 May 2026 11:39:35 +0000
asID: 142032
IP address blocks: 154.94.224.0/20 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 20 Apr 2026 00:08:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 116056 (0x1c558)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Apr 15 11:39:35 2026 GMT
Not After : May 11 11:39:35 2026 GMT
Subject: CN=69df78fb-9916
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:dc:bb:05:f7:9a:01:81:d5:0c:6e:65:de:78:
fd:ae:6b:1c:48:89:09:23:db:c1:1a:db:5f:fd:ce:
92:77:3a:ef:50:5f:be:a3:f5:6c:3c:0e:37:57:a3:
35:cf:e4:38:78:34:cc:27:16:c1:91:18:90:09:00:
2b:9a:76:0a:73:3a:b1:0c:a5:b8:6d:98:f1:e1:83:
e4:49:b2:ab:b4:8d:73:a2:da:43:cb:f8:c9:6a:8e:
86:93:82:e0:79:07:f9:89:41:bf:70:3a:a2:5f:aa:
dc:c8:2e:5f:95:58:23:6c:70:45:ee:aa:95:e9:43:
aa:b9:bd:c9:0e:a6:b9:7c:c4:d6:b4:33:01:ab:11:
08:7d:32:8e:94:e3:c1:be:f4:e7:8a:64:56:19:ae:
bf:f5:61:dc:d3:92:5b:36:1a:53:fc:82:bb:ea:5a:
a8:1f:d3:15:1d:8c:53:52:52:7c:9b:27:29:c1:12:
84:ae:02:a1:3e:cb:ff:8b:d0:a5:c1:6c:4e:02:d8:
b2:c0:57:c0:7c:a3:79:e2:86:70:47:7c:7a:9c:b0:
a9:dc:35:69:44:85:80:27:eb:8c:ec:5b:e1:93:5a:
47:da:bd:ab:91:47:c7:29:63:c0:36:f3:76:c2:65:
87:9c:af:70:c6:64:b2:81:0b:d2:5d:b4:99:8e:b8:
86:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:DF:11:8C:21:D7:85:5B:2A:E3:44:CC:56:AA:C8:CD:F2:56:85:C6
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/C94E7C2638BF11F19B68FC0ACF1D38B0.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.94.224.0/20
Signature Algorithm: sha256WithRSAEncryption
02:b6:65:26:09:8c:8f:6d:6b:08:9b:58:84:9e:09:f0:17:dc:
70:81:5c:3c:2f:82:25:3b:e5:e3:35:9a:77:dd:91:9c:6e:ec:
f9:45:2f:80:d7:c5:85:a5:9e:00:c2:73:74:61:3e:5c:6a:cc:
4d:9f:07:94:0d:cb:9b:4c:74:d6:37:54:9d:62:33:99:8e:cd:
4a:75:6e:ac:14:e3:18:de:c2:4b:f6:7e:cf:84:4f:7b:72:d0:
92:68:20:a7:5a:95:49:bb:a1:82:87:30:a5:ac:dd:47:56:d6:
e3:41:70:78:1a:f1:5c:49:4d:d0:85:90:34:d2:0d:b4:21:6f:
2c:89:67:4e:24:bb:ee:8e:e6:a7:f0:63:4a:a8:c5:40:8d:d8:
00:83:ab:3f:b1:d5:93:82:3e:77:fb:37:4b:6e:ac:96:bf:45:
32:7f:d8:9a:e9:6e:0c:7b:0c:c5:97:e1:40:66:67:f6:b2:a9:
9d:e0:ca:45:0c:d4:de:9e:19:c2:32:f2:78:0e:03:61:b7:bb:
22:a5:29:3e:9c:44:f8:8a:ae:98:3f:31:fc:82:cd:d3:cb:5e:
57:ca:6c:f2:64:39:eb:5e:02:a8:d7:4b:f9:36:18:70:ca:4c:
1a:7c:36:60:22:5d:99:37:62:ec:b7:e5:da:af:aa:50:36:e3:
21:7b:25:db
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAcVYMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjYwNDE1MTEzOTM1WhcNMjYwNTExMTEzOTM1WjAYMRYw
FAYDVQQDEw02OWRmNzhmYi05OTE2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAzdy7BfeaAYHVDG5l3nj9rmscSIkJI9vBGttf/c6SdzrvUF++o/VsPA43
V6M1z+Q4eDTMJxbBkRiQCQArmnYKczqxDKW4bZjx4YPkSbKrtI1zotpDy/jJao6G
k4LgeQf5iUG/cDqiX6rcyC5flVgjbHBF7qqV6UOqub3JDqa5fMTWtDMBqxEIfTKO
lOPBvvTnimRWGa6/9WHc05JbNhpT/IK76lqoH9MVHYxTUlJ8mycpwRKErgKhPsv/
i9ClwWxOAtiywFfAfKN54oZwR3x6nLCp3DVpRIWAJ+uM7Fvhk1pH2r2rkUfHKWPA
NvN2wmWHnK9wxmSygQvSXbSZjriGuQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFG3f
EYwh14VbKuNEzFaqyM3yVoXGMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9DOTRFN0MyNjM4QkYxMUYxOUI2OEZDMEFDRjFEMzhCMC5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEml7gMA0GCSqGSIb3DQEB
CwUAA4IBAQACtmUmCYyPbWsIm1iEngnwF9xwgVw8L4IlO+XjNZp33ZGcbuz5RS+A
18WFpZ4AwnN0YT5casxNnweUDcubTHTWN1SdYjOZjs1KdW6sFOMY3sJL9n7PhE97
ctCSaCCnWpVJu6GChzClrN1HVtbjQXB4GvFcSU3QhZA00g20IW8siWdOJLvujuan
8GNKqMVAjdgAg6s/sdWTgj53+zdLbqyWv0Uyf9ia6W4MewzFl+FAZmf2sqmd4MpF
DNTenhnCMvJ4DgNht7sipSk+nET4iq6YPzH8gs3Ty15XymzyZDnrXgKo10v5Nhhw
ykwafDZgIl2ZN2Lst+Xar6pQNuMheyXb
-----END CERTIFICATE-----
Generated at Sat Apr 18 10:25:20 2026 by rpki-client