Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/CD08136E390411F1BDA545A9CE1D38B0.roa
File: CD08136E390411F1BDA545A9CE1D38B0.roa (raw, json)
Hash identifier: rG/3DlcElIJ639OiKnyoIjHlDf7W3SJ5gv01HrBMBZo=
Subject key identifier: 2D:7A:7E:98:88:C0:2F:0A:6C:40:07:B4:63:D8:A7:7D:7F:4E:7D:90
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01C576
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/CD08136E390411F1BDA545A9CE1D38B0.roa
Signing time: Wed 15 Apr 2026 19:53:41 +0000
ROA not before: Wed 15 Apr 2026 19:53:36 +0000
ROA not after: Thu 08 Apr 2027 19:53:36 +0000
asID: 52423
IP address blocks: 154.85.21.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 19 Apr 2026 14:01:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 116086 (0x1c576)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Apr 15 19:53:36 2026 GMT
Not After : Apr 8 19:53:36 2027 GMT
Subject: CN=69dfecc5-b6fb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:ec:60:5a:72:dc:cd:a4:6c:d2:8c:f0:30:78:
14:0c:00:9f:17:a4:a1:61:6b:63:14:fd:bf:e0:cd:
e6:05:32:a3:82:e1:19:d0:11:f2:a3:6a:f8:e5:e0:
aa:79:41:5f:26:40:c9:38:ed:04:82:39:12:37:dd:
f4:d2:b5:53:80:61:7e:cc:5d:46:4c:d7:74:6e:2d:
7a:87:ca:8e:44:39:27:8e:b6:04:6a:e8:a7:d8:df:
49:52:78:ef:a9:db:6f:88:2d:f2:1e:c1:a1:95:c0:
c8:f3:c5:21:df:74:36:ad:00:8d:4a:73:2a:b9:17:
99:41:90:c1:23:88:19:b2:c4:3d:40:5a:c7:c7:4f:
53:3a:88:4b:cc:c0:75:3d:e9:f4:8c:9b:32:3a:06:
50:a0:68:2a:bf:8a:72:0e:2f:12:9b:86:18:5f:2f:
ab:8c:03:16:a4:b9:d3:e5:0d:52:bc:1a:67:6c:37:
c7:f5:47:d8:21:e8:22:2e:6d:83:c2:78:cc:66:16:
3a:93:ba:b1:8d:7d:3f:a9:1e:25:e4:ed:10:20:29:
c1:32:3b:03:05:76:06:da:6a:ec:16:1d:a7:35:14:
6f:e4:45:50:56:f4:10:dd:c7:52:77:e9:e7:49:2f:
fc:e3:44:54:bd:f4:e8:3c:20:37:97:24:d4:c6:f7:
9e:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:7A:7E:98:88:C0:2F:0A:6C:40:07:B4:63:D8:A7:7D:7F:4E:7D:90
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/CD08136E390411F1BDA545A9CE1D38B0.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.85.21.0/24
Signature Algorithm: sha256WithRSAEncryption
67:cb:53:70:68:5b:02:56:72:23:99:4e:c1:1c:e9:de:86:32:
7b:d5:66:26:11:12:39:fd:34:e3:46:b2:35:41:e7:c1:1e:ee:
09:02:e7:6c:28:ed:b0:7a:3c:99:09:78:bf:98:e4:ba:1a:21:
30:f2:8a:57:63:f7:de:3b:fe:8b:5d:be:20:bc:bf:e5:60:50:
3d:07:a3:84:7a:6f:95:6d:51:c4:5b:c4:10:d5:e3:f5:77:fb:
46:49:d2:9d:b7:a4:2f:2d:7f:e7:93:f1:a9:fa:a1:64:1a:19:
f1:ca:26:4b:a6:ee:4c:ba:2c:41:43:0b:b0:a0:ed:3b:30:9e:
e6:0f:32:77:5c:0f:32:b5:1e:64:29:56:54:09:cc:02:af:b8:
04:96:c9:be:98:ed:98:17:02:7a:b5:6d:12:bc:f2:c1:47:e8:
58:6d:7b:dd:ef:1c:03:3f:b4:e5:a8:99:58:b0:47:7d:17:b6:
f5:10:11:35:d9:44:ea:82:fb:90:10:6c:f5:c1:08:48:0a:4b:
3b:b5:8a:5b:7c:03:f5:d7:52:e0:68:24:08:f4:91:91:e9:ce:
77:38:a9:87:94:28:54:d9:fb:74:bf:34:25:91:dd:87:b5:ea:
25:3d:df:fb:61:6e:1c:04:6b:4f:55:18:d5:0a:f2:a0:33:9f:
d2:bc:7f:d8
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAcV2MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjYwNDE1MTk1MzM2WhcNMjcwNDA4MTk1MzM2WjAYMRYw
FAYDVQQDEw02OWRmZWNjNS1iNmZiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAsexgWnLczaRs0ozwMHgUDACfF6ShYWtjFP2/4M3mBTKjguEZ0BHyo2r4
5eCqeUFfJkDJOO0EgjkSN9300rVTgGF+zF1GTNd0bi16h8qORDknjrYEauin2N9J
UnjvqdtviC3yHsGhlcDI88Uh33Q2rQCNSnMquReZQZDBI4gZssQ9QFrHx09TOohL
zMB1Pen0jJsyOgZQoGgqv4pyDi8Sm4YYXy+rjAMWpLnT5Q1SvBpnbDfH9UfYIegi
Lm2DwnjMZhY6k7qxjX0/qR4l5O0QICnBMjsDBXYG2mrsFh2nNRRv5EVQVvQQ3cdS
d+nnSS/840RUvfToPCA3lyTUxvee3wIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFC16
fpiIwC8KbEAHtGPYp31/Tn2QMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9DRDA4MTM2RTM5MDQxMUYxQkRBNTQ1QTlDRTFEMzhCMC5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmlUVMA0GCSqGSIb3DQEB
CwUAA4IBAQBny1NwaFsCVnIjmU7BHOnehjJ71WYmERI5/TTjRrI1QefBHu4JAuds
KO2wejyZCXi/mOS6GiEw8opXY/feO/6LXb4gvL/lYFA9B6OEem+VbVHEW8QQ1eP1
d/tGSdKdt6QvLX/nk/Gp+qFkGhnxyiZLpu5MuixBQwuwoO07MJ7mDzJ3XA8ytR5k
KVZUCcwCr7gElsm+mO2YFwJ6tW0SvPLBR+hYbXvd7xwDP7TlqJlYsEd9F7b1EBE1
2UTqgvuQEGz1wQhICks7tYpbfAP111LgaCQI9JGR6c53OKmHlChU2ft0vzQlkd2H
teolPd/7YW4cBGtPVRjVCvKgM5/SvH/Y
-----END CERTIFICATE-----
Generated at Fri Apr 17 16:10:55 2026 by rpki-client