Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/CB6D1E6A372D11F1891370F0CE1D38B0.roa
File: CB6D1E6A372D11F1891370F0CE1D38B0.roa (raw, json)
Hash identifier: FKiI34PMzK3r04QXLDA3D4henzhDODT7RH3FrBXDcsY=
Subject key identifier: 9D:B8:44:F5:D2:A4:84:B6:81:D8:C0:3A:0E:FE:1D:DF:77:9C:4F:98
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01C51C
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/CB6D1E6A372D11F1891370F0CE1D38B0.roa
Signing time: Mon 13 Apr 2026 11:42:05 +0000
ROA not before: Mon 13 Apr 2026 11:42:01 +0000
ROA not after: Sun 17 May 2026 11:42:01 +0000
asID: 153671
IP address blocks: 154.81.152.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 19 Apr 2026 14:01:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 115996 (0x1c51c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Apr 13 11:42:01 2026 GMT
Not After : May 17 11:42:01 2026 GMT
Subject: CN=69dcd68d-feb0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:25:15:31:7b:9f:72:54:61:23:16:a9:5d:76:
dc:ff:eb:b4:57:7b:ed:33:4e:b5:9b:05:0e:7c:aa:
92:e5:22:45:75:83:e4:93:a7:2a:9f:13:9a:53:58:
6c:f8:eb:10:c8:cf:fe:c1:ee:63:ca:77:e6:53:1d:
4b:78:a0:1a:77:16:ff:ed:fa:15:bd:84:b7:6d:05:
b5:cd:e1:56:f1:29:60:1f:2a:ce:39:10:0c:5e:6f:
3b:2c:73:a6:62:3d:8d:60:23:46:d7:15:e7:43:be:
95:82:5b:43:26:5f:c1:2c:b5:5a:60:09:82:87:bd:
c6:f1:ef:7a:23:10:92:a8:ea:9f:c6:74:dd:ba:1b:
48:87:7f:19:35:b9:bf:cb:64:68:41:d9:7e:0d:10:
9f:99:ce:06:2a:57:f0:67:2c:f4:ad:1e:0f:84:02:
0b:39:bb:98:ca:7c:70:48:8a:1c:d6:f0:dc:80:86:
8d:ff:6f:06:ee:0e:54:f8:15:d5:4c:40:9c:06:8b:
fc:1c:e5:06:4b:ed:11:f2:96:69:cd:f7:8e:01:9f:
0e:96:2f:1a:ba:4a:ed:26:b6:4b:eb:c7:98:d4:49:
1e:72:cc:18:7f:83:8f:fc:69:68:e9:d6:a8:74:ca:
58:ca:08:85:c3:aa:89:bc:ec:c0:64:c9:4f:3f:09:
70:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:B8:44:F5:D2:A4:84:B6:81:D8:C0:3A:0E:FE:1D:DF:77:9C:4F:98
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/CB6D1E6A372D11F1891370F0CE1D38B0.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.81.152.0/22
Signature Algorithm: sha256WithRSAEncryption
31:af:20:06:40:86:51:c8:da:fd:7d:94:34:90:c5:47:f4:61:
ce:b1:c8:c1:fd:3a:86:37:72:ed:ca:be:38:f0:cd:5c:ca:ad:
70:da:57:0e:ef:d7:69:59:29:bc:0c:a9:cc:31:ab:89:9f:7e:
98:81:cd:2b:b5:bb:24:6c:d4:41:40:4c:59:73:0c:6f:60:95:
09:8b:d1:c1:a7:d4:23:53:a3:7e:c3:fb:52:a8:a6:61:a1:f7:
a3:22:8e:01:16:a1:99:ab:31:e8:c5:1a:1e:90:34:08:ac:55:
0c:b8:95:14:68:76:8d:fb:4e:fe:a6:6a:d7:8a:50:a2:8b:19:
f4:c3:33:74:2b:43:3c:10:b4:51:69:d4:99:8b:01:47:41:8f:
b8:96:f0:b9:82:73:a1:49:d5:16:e1:96:b2:00:41:73:6e:1a:
95:2c:76:9a:1a:e1:db:0f:e0:b8:1f:c8:cd:b7:0e:7a:44:22:
ff:44:02:bc:98:41:92:45:24:15:24:08:11:61:fe:8a:8d:33:
2b:a6:b6:3a:b5:84:fa:21:67:07:8a:cd:4b:ab:43:99:e4:3e:
8d:ae:01:ef:eb:91:54:f0:7e:41:30:ad:0e:00:23:61:65:9e:
16:b8:8f:58:10:da:0d:fc:f2:6b:59:86:b6:6a:82:78:3a:25:
70:bb:40:9d
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAcUcMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjYwNDEzMTE0MjAxWhcNMjYwNTE3MTE0MjAxWjAYMRYw
FAYDVQQDEw02OWRjZDY4ZC1mZWIwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA5CUVMXufclRhIxapXXbc/+u0V3vtM061mwUOfKqS5SJFdYPkk6cqnxOa
U1hs+OsQyM/+we5jynfmUx1LeKAadxb/7foVvYS3bQW1zeFW8SlgHyrOORAMXm87
LHOmYj2NYCNG1xXnQ76VgltDJl/BLLVaYAmCh73G8e96IxCSqOqfxnTduhtIh38Z
Nbm/y2RoQdl+DRCfmc4GKlfwZyz0rR4PhAILObuYynxwSIoc1vDcgIaN/28G7g5U
+BXVTECcBov8HOUGS+0R8pZpzfeOAZ8Oli8aukrtJrZL68eY1EkecswYf4OP/Glo
6daodMpYygiFw6qJvOzAZMlPPwlwoQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFJ24
RPXSpIS2gdjAOg7+Hd93nE+YMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9DQjZEMUU2QTM3MkQxMUYxODkxMzcwRjBDRTFEMzhCMC5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCmlGYMA0GCSqGSIb3DQEB
CwUAA4IBAQAxryAGQIZRyNr9fZQ0kMVH9GHOscjB/TqGN3Ltyr448M1cyq1w2lcO
79dpWSm8DKnMMauJn36Ygc0rtbskbNRBQExZcwxvYJUJi9HBp9QjU6N+w/tSqKZh
ofejIo4BFqGZqzHoxRoekDQIrFUMuJUUaHaN+07+pmrXilCiixn0wzN0K0M8ELRR
adSZiwFHQY+4lvC5gnOhSdUW4ZayAEFzbhqVLHaaGuHbD+C4H8jNtw56RCL/RAK8
mEGSRSQVJAgRYf6KjTMrprY6tYT6IWcHis1Lq0OZ5D6NrgHv65FU8H5BMK0OACNh
ZZ4WuI9YENoN/PJrWYa2aoJ4OiVwu0Cd
-----END CERTIFICATE-----
Generated at Fri Apr 17 17:19:58 2026 by rpki-client