Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/CA89037838C811F187C92EC2CE1D38B0.roa
File: CA89037838C811F187C92EC2CE1D38B0.roa (raw, json)
Hash identifier: vK9hJEruX2Xmffway+mncc+V58dzwT0ob+STYTBQuUM=
Subject key identifier: 53:08:2E:DC:E9:04:89:9D:17:E5:9E:AD:1D:CE:0E:45:FF:2E:21:0F
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01C564
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/CA89037838C811F187C92EC2CE1D38B0.roa
Signing time: Wed 15 Apr 2026 12:44:07 +0000
ROA not before: Wed 15 Apr 2026 12:44:02 +0000
ROA not after: Mon 11 May 2026 12:44:02 +0000
asID: 401701
IP address blocks: 154.94.224.0/20 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 20 Apr 2026 00:08:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 116068 (0x1c564)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Apr 15 12:44:02 2026 GMT
Not After : May 11 12:44:02 2026 GMT
Subject: CN=69df8817-7a40
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:8d:a8:0f:51:4a:b0:69:7a:f5:fc:71:e2:06:
b6:63:a5:22:0b:25:53:98:e1:cb:42:a6:28:de:28:
48:f9:b3:fb:b3:5c:6a:dd:ae:bf:26:4d:2d:a1:3e:
73:df:36:4a:e2:a1:8c:3b:eb:5f:77:ba:45:9d:87:
87:cb:80:9b:42:3a:20:87:8a:15:fb:ed:2b:44:49:
ca:87:ae:98:28:26:73:b1:da:8c:92:98:33:a6:73:
7b:b6:ed:75:67:cd:0c:52:1e:40:84:2b:a8:ed:94:
99:61:85:76:62:27:5c:f1:5e:25:67:25:5b:d4:19:
49:df:48:d6:db:11:5f:fd:71:27:6c:8e:57:be:ba:
24:e3:80:d2:d2:29:8e:a4:8d:57:09:4e:65:ad:e9:
b9:7e:ac:6a:6a:98:f4:5c:22:2d:bc:aa:f8:70:81:
94:2c:65:d6:b9:43:66:86:b8:2b:bb:23:bd:c4:1b:
2c:0e:7a:d9:ca:0e:00:52:7c:31:36:86:5c:50:d2:
70:66:86:b7:30:97:5d:0a:47:0a:17:7e:61:20:8e:
bb:a8:60:02:68:8d:55:cc:02:24:3e:e0:40:5f:6f:
5f:05:3d:37:a8:f8:8b:c1:e3:45:86:18:e1:e9:3b:
d2:44:c5:2f:5d:9c:4d:70:a4:7c:eb:98:bd:02:40:
f2:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:08:2E:DC:E9:04:89:9D:17:E5:9E:AD:1D:CE:0E:45:FF:2E:21:0F
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/CA89037838C811F187C92EC2CE1D38B0.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.94.224.0/20
Signature Algorithm: sha256WithRSAEncryption
66:6d:65:94:d6:92:ea:95:9a:46:2c:6b:e6:fb:b4:a7:c7:3b:
d9:ec:08:44:b0:1e:ab:37:d4:ea:d1:29:20:e0:07:3b:44:6f:
f3:1e:b6:fb:b2:52:d7:dd:63:b3:29:da:b2:29:c1:2d:db:0f:
85:99:17:74:9b:a6:df:e9:d8:b3:8e:06:57:39:fc:ea:46:2e:
06:58:74:51:51:68:b5:fc:e1:8c:4c:6f:a8:4b:8d:00:8b:1e:
28:c5:2e:56:14:1a:9d:45:16:1f:a4:6a:c0:89:85:d1:33:e1:
3d:a6:05:3b:da:b8:1c:7d:00:dc:c3:2d:77:a4:cb:e9:be:7d:
c8:a6:45:e7:06:b9:0c:f9:50:6e:5b:bb:a6:20:dd:3e:b8:38:
df:7d:38:08:ca:4a:3c:0c:fc:0f:94:c7:16:c3:b0:83:36:cd:
0d:6d:f9:9d:bc:ce:16:1d:59:9f:4d:39:6f:38:f3:d5:5b:2e:
5e:0a:58:3c:d7:ce:1d:1f:e2:ea:52:56:85:23:01:5e:61:b7:
0c:cd:7f:58:4d:a6:15:c5:fd:0f:cd:ee:5a:3d:6c:c7:99:95:
dc:a2:90:f1:10:c3:4f:51:e4:5a:a1:90:cd:20:bb:bc:4d:e1:
91:02:ad:e4:69:85:10:7f:fe:15:d5:ac:ca:0c:7a:e1:d9:56:
35:d6:c6:53
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAcVkMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjYwNDE1MTI0NDAyWhcNMjYwNTExMTI0NDAyWjAYMRYw
FAYDVQQDEw02OWRmODgxNy03YTQwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAt42oD1FKsGl69fxx4ga2Y6UiCyVTmOHLQqYo3ihI+bP7s1xq3a6/Jk0t
oT5z3zZK4qGMO+tfd7pFnYeHy4CbQjogh4oV++0rREnKh66YKCZzsdqMkpgzpnN7
tu11Z80MUh5AhCuo7ZSZYYV2Yidc8V4lZyVb1BlJ30jW2xFf/XEnbI5Xvrok44DS
0imOpI1XCU5lrem5fqxqapj0XCItvKr4cIGULGXWuUNmhrgruyO9xBssDnrZyg4A
UnwxNoZcUNJwZoa3MJddCkcKF35hII67qGACaI1VzAIkPuBAX29fBT03qPiLweNF
hhjh6TvSRMUvXZxNcKR865i9AkDyyQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFFMI
LtzpBImdF+WerR3ODkX/LiEPMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9DQTg5MDM3ODM4QzgxMUYxODdDOTJFQzJDRTFEMzhCMC5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEml7gMA0GCSqGSIb3DQEB
CwUAA4IBAQBmbWWU1pLqlZpGLGvm+7SnxzvZ7AhEsB6rN9Tq0Skg4Ac7RG/zHrb7
slLX3WOzKdqyKcEt2w+FmRd0m6bf6dizjgZXOfzqRi4GWHRRUWi1/OGMTG+oS40A
ix4oxS5WFBqdRRYfpGrAiYXRM+E9pgU72rgcfQDcwy13pMvpvn3IpkXnBrkM+VBu
W7umIN0+uDjffTgIyko8DPwPlMcWw7CDNs0NbfmdvM4WHVmfTTlvOPPVWy5eClg8
184dH+LqUlaFIwFeYbcMzX9YTaYVxf0Pze5aPWzHmZXcopDxEMNPUeRaoZDNILu8
TeGRAq3kaYUQf/4V1azKDHrh2VY11sZT
-----END CERTIFICATE-----
Generated at Sat Apr 18 10:25:30 2026 by rpki-client