Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/C9F3807639A111F19779A3E8CE1D38B0.roa
File: C9F3807639A111F19779A3E8CE1D38B0.roa (raw, json)
Hash identifier: NBdttGUK3ZbStCdajzwyXQWOv7GnFiTXarSVpV6i33k=
Subject key identifier: 36:EB:B3:DC:81:B3:FB:A1:31:AC:79:71:9E:32:78:98:5E:F9:9B:E8
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01C5AC
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/C9F3807639A111F19779A3E8CE1D38B0.roa
Signing time: Thu 16 Apr 2026 14:37:27 +0000
ROA not before: Thu 16 Apr 2026 14:37:22 +0000
ROA not after: Wed 29 Apr 2026 14:37:22 +0000
asID: 214143
IP address blocks: 154.196.214.0/24 maxlen: 24
154.197.25.0/24 maxlen: 24
154.197.90.0/24 maxlen: 24
154.197.127.0/24 maxlen: 24
154.200.72.0/21 maxlen: 24
154.200.109.0/24 maxlen: 24
154.203.196.0/22 maxlen: 24
154.203.208.0/22 maxlen: 24
154.203.240.0/24 maxlen: 24
154.205.248.0/22 maxlen: 24
154.206.4.0/22 maxlen: 24
154.206.11.0/24 maxlen: 24
154.208.72.0/22 maxlen: 24
154.208.88.0/22 maxlen: 24
154.222.72.0/23 maxlen: 24
154.222.80.0/23 maxlen: 24
154.222.82.0/23 maxlen: 24
154.223.232.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 19 Apr 2026 14:01:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 116140 (0x1c5ac)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Apr 16 14:37:22 2026 GMT
Not After : Apr 29 14:37:22 2026 GMT
Subject: CN=69e0f427-577c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:be:7d:93:c4:cd:13:1a:a8:e2:d3:ba:4f:c6:
3c:2a:67:28:9e:05:c5:76:ee:85:e0:a7:64:0f:66:
0f:cc:ab:de:3f:70:0e:93:fd:d3:24:42:cf:fc:91:
04:86:d0:c2:11:50:ba:4d:71:ad:dd:a2:20:07:80:
65:06:b9:63:3e:82:68:e0:a7:b8:da:a2:a9:dd:22:
0f:4a:4a:a1:41:03:69:4d:f5:29:2c:11:a9:9c:08:
8c:a8:79:e6:c9:b7:7c:d1:e7:25:bc:5b:bb:ca:8c:
eb:f6:d4:29:e0:42:3c:70:18:34:e3:94:6a:80:08:
4d:99:80:8d:24:d4:29:90:53:5f:5c:f6:09:e7:45:
03:83:e6:5d:99:88:60:10:37:04:a0:66:ab:9e:03:
4a:11:a3:9c:c2:bd:44:46:64:b7:40:cf:08:b3:14:
c6:ad:93:72:ec:fe:59:7a:7d:04:59:06:28:b7:0d:
ff:18:b1:d8:ce:14:88:ee:18:e6:cd:32:cd:76:a4:
68:21:20:d0:3a:b5:71:97:82:ed:32:f7:6e:2d:d5:
ae:10:67:9b:ad:d6:e1:a4:e7:60:75:05:00:f2:7d:
d4:f9:fe:47:a9:1b:5b:ef:82:66:db:aa:e1:ff:ca:
8d:ed:46:7e:d3:25:0c:c7:99:5f:df:a8:fa:b6:a3:
e2:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:EB:B3:DC:81:B3:FB:A1:31:AC:79:71:9E:32:78:98:5E:F9:9B:E8
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/C9F3807639A111F19779A3E8CE1D38B0.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.196.214.0/24
154.197.25.0/24
154.197.90.0/24
154.197.127.0/24
154.200.72.0/21
154.200.109.0/24
154.203.196.0/22
154.203.208.0/22
154.203.240.0/24
154.205.248.0/22
154.206.4.0/22
154.206.11.0/24
154.208.72.0/22
154.208.88.0/22
154.222.72.0/23
154.222.80.0/22
154.223.232.0/21
Signature Algorithm: sha256WithRSAEncryption
68:ba:a2:aa:27:e5:f9:75:a4:b2:85:9f:27:9b:a4:21:c8:a4:
8e:b1:2a:61:14:7e:2f:f1:7f:a4:ef:ae:9f:69:bb:b3:34:6e:
03:3e:28:90:dc:e3:c8:33:2b:47:18:5c:9d:16:00:ea:6a:50:
ef:ca:0c:c2:05:96:56:4a:e8:8d:34:c7:0d:f0:c7:9b:53:a1:
1b:d3:0a:22:d8:93:88:0d:d2:5b:66:8d:9c:a5:d7:32:cb:24:
78:fd:b6:f6:52:7f:11:ee:39:c6:45:a9:5d:5f:8b:8a:d5:c1:
c2:2e:bb:5a:1c:74:b9:8c:9a:8a:3a:2f:ba:a6:b7:ac:d1:d6:
a4:bf:d9:9d:62:9f:a7:56:97:23:f7:71:9e:17:50:d5:56:50:
f4:b2:e0:a6:a9:95:f8:f8:b8:78:68:78:10:ad:f6:7e:fc:4b:
67:74:5f:95:17:0c:0b:c1:ca:c0:f2:42:1d:f1:57:d5:fe:16:
25:a4:d3:fe:62:1e:a6:ac:03:6d:4b:06:47:f0:1a:35:05:f4:
a8:96:06:3f:0e:72:89:36:9e:12:00:e7:57:72:2a:a6:8c:13:
89:0f:53:d9:76:d6:75:2f:ef:6a:5a:cb:da:1f:4e:f7:31:d3:
85:0a:cb:49:13:0b:85:6b:97:38:36:2b:57:2b:e2:69:6a:4e:
26:0a:65:05
-----BEGIN CERTIFICATE-----
MIIF5DCCBMygAwIBAgIDAcWsMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjYwNDE2MTQzNzIyWhcNMjYwNDI5MTQzNzIyWjAYMRYw
FAYDVQQDEw02OWUwZjQyNy01NzdjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA5b59k8TNExqo4tO6T8Y8KmcongXFdu6F4KdkD2YPzKveP3AOk/3TJELP
/JEEhtDCEVC6TXGt3aIgB4BlBrljPoJo4Ke42qKp3SIPSkqhQQNpTfUpLBGpnAiM
qHnmybd80eclvFu7yozr9tQp4EI8cBg045RqgAhNmYCNJNQpkFNfXPYJ50UDg+Zd
mYhgEDcEoGarngNKEaOcwr1ERmS3QM8IsxTGrZNy7P5Zen0EWQYotw3/GLHYzhSI
7hjmzTLNdqRoISDQOrVxl4LtMvduLdWuEGebrdbhpOdgdQUA8n3U+f5HqRtb74Jm
26rh/8qN7UZ+0yUMx5lf36j6tqPijwIDAQABo4IDBTCCAwEwHQYDVR0OBBYEFDbr
s9yBs/uhMax5cZ4yeJhe+ZvoMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9DOUYzODA3NjM5QTExMUYxOTc3OUEzRThDRTFEMzhCMC5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMH8GCCsGAQUFBwEHAQH/BHAwbjBsBAIAATBmAwQAmsTWAwQAmsUZAwQAmsVa
AwQAmsV/AwQDmshIAwQAmshtAwQCmsvEAwQCmsvQAwQAmsvwAwQCms34AwQCms4E
AwQAms4LAwQCmtBIAwQCmtBYAwQBmt5IAwQCmt5QAwQDmt/oMA0GCSqGSIb3DQEB
CwUAA4IBAQBouqKqJ+X5daSyhZ8nm6QhyKSOsSphFH4v8X+k766fabuzNG4DPiiQ
3OPIMytHGFydFgDqalDvygzCBZZWSuiNNMcN8MebU6Eb0woi2JOIDdJbZo2cpdcy
yyR4/bb2Un8R7jnGRaldX4uK1cHCLrtaHHS5jJqKOi+6pres0dakv9mdYp+nVpcj
93GeF1DVVlD0suCmqZX4+Lh4aHgQrfZ+/EtndF+VFwwLwcrA8kId8VfV/hYlpNP+
Yh6mrANtSwZH8Bo1BfSolgY/DnKJNp4SAOdXciqmjBOJD1PZdtZ1L+9qWsvaH073
MdOFCstJEwuFa5c4NitXK+Jpak4mCmUF
-----END CERTIFICATE-----
Generated at Fri Apr 17 17:19:22 2026 by rpki-client