Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/CD9A0388352F11F182077AB2CE1D38B0.roa
File: CD9A0388352F11F182077AB2CE1D38B0.roa (raw, json)
Hash identifier: K9PzrFqq2V111yBuqrhZroQcMasWnV4DXzyHEmXNmJU=
Subject key identifier: ED:06:C8:24:BA:CE:6C:A0:7D:72:76:10:97:BF:31:8F:B1:12:F3:E0
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01C47F
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/CD9A0388352F11F182077AB2CE1D38B0.roa
Signing time: Fri 10 Apr 2026 22:51:26 +0000
ROA not before: Fri 10 Apr 2026 22:51:20 +0000
ROA not after: Tue 10 Apr 2029 22:51:20 +0000
asID: 17561
IP address blocks: 154.194.44.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 19 Apr 2026 00:07:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 115839 (0x1c47f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Apr 10 22:51:20 2026 GMT
Not After : Apr 10 22:51:20 2029 GMT
Subject: CN=69d97eee-8f3d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:bb:08:bc:8e:a1:85:9b:a1:32:fc:30:09:17:
00:f2:60:ac:87:bb:aa:0a:d1:49:2b:fe:cb:6e:d3:
cb:b3:4e:c8:75:76:2d:08:17:42:35:27:63:9c:00:
0b:9f:46:b2:8f:6f:64:82:f6:5d:7c:b8:6c:d8:73:
bf:a2:b5:df:c3:6b:c3:72:7b:a2:9b:7f:40:79:50:
54:ad:c6:43:05:7a:46:53:34:03:90:bb:15:e3:ef:
a5:15:5c:6a:d1:8b:49:bf:40:bd:de:d3:5b:c7:78:
22:95:a3:eb:35:89:6a:fc:37:5a:3a:0d:99:62:1a:
c4:b5:b5:64:5e:d7:0c:70:e0:24:bd:ce:9f:c2:52:
40:5d:15:e3:01:f2:32:01:ae:b3:49:40:62:9b:1a:
6e:61:31:b3:98:28:c6:de:92:e7:68:6b:da:88:21:
76:54:93:3a:e3:bb:22:ca:46:31:b5:09:79:06:21:
b1:77:cd:2c:45:44:c5:e6:54:67:0b:53:3a:49:b9:
89:42:3f:65:cd:18:39:61:48:98:be:f7:57:29:64:
15:6b:98:e5:3b:54:29:40:89:14:a3:0f:39:c6:77:
9c:75:c4:4f:ca:d5:9c:13:c9:eb:d7:15:6d:8c:09:
bd:15:96:2f:ee:43:e8:ea:0b:1a:c9:6a:6d:cd:02:
af:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:06:C8:24:BA:CE:6C:A0:7D:72:76:10:97:BF:31:8F:B1:12:F3:E0
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/CD9A0388352F11F182077AB2CE1D38B0.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.194.44.0/24
Signature Algorithm: sha256WithRSAEncryption
d0:a6:c0:11:55:97:c2:d2:c1:4d:7a:3c:d1:62:3f:f4:66:29:
af:6d:f5:ed:30:6a:47:db:e0:47:09:b7:8d:8f:ee:b8:bb:09:
f0:9e:57:14:26:a0:bd:80:75:58:9e:b4:61:bb:7c:24:17:71:
c7:cd:bc:91:70:71:4a:cd:f5:df:2d:13:15:b2:48:b2:b3:92:
43:91:54:7d:c4:15:83:34:03:97:0f:3a:14:c9:98:3e:96:80:
bf:1e:3b:91:63:24:9a:c8:6c:b9:10:96:6e:ee:bd:7e:7f:96:
71:72:9b:c4:5f:c0:25:15:4a:d1:ef:61:56:a1:42:8c:53:15:
1f:85:2d:27:d6:1d:84:dd:58:1d:ad:17:ef:c4:b2:71:0c:95:
d9:67:90:73:4f:ec:be:05:7e:7e:6f:9c:23:da:1b:39:fd:d1:
8a:be:2a:e8:d0:df:8f:f3:ca:66:94:4b:68:f7:81:c9:e5:9e:
60:b6:bb:97:e9:38:b9:14:90:27:fc:db:f8:42:b6:a5:11:04:
52:3c:b4:d1:ba:5b:f3:c0:5a:97:e3:2d:cf:b4:5d:b9:84:d3:
0e:a3:c6:02:89:ea:58:a8:8f:14:c4:06:1c:37:73:a2:14:68:
92:48:af:5c:70:ef:21:b9:b4:3f:e1:bd:2c:c8:49:8b:79:c1:
da:64:e2:f4
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAcR/MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjYwNDEwMjI1MTIwWhcNMjkwNDEwMjI1MTIwWjAYMRYw
FAYDVQQDEw02OWQ5N2VlZS04ZjNkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAqrsIvI6hhZuhMvwwCRcA8mCsh7uqCtFJK/7LbtPLs07IdXYtCBdCNSdj
nAALn0ayj29kgvZdfLhs2HO/orXfw2vDcnuim39AeVBUrcZDBXpGUzQDkLsV4++l
FVxq0YtJv0C93tNbx3gilaPrNYlq/DdaOg2ZYhrEtbVkXtcMcOAkvc6fwlJAXRXj
AfIyAa6zSUBimxpuYTGzmCjG3pLnaGvaiCF2VJM647siykYxtQl5BiGxd80sRUTF
5lRnC1M6SbmJQj9lzRg5YUiYvvdXKWQVa5jlO1QpQIkUow85xnecdcRPytWcE8nr
1xVtjAm9FZYv7kPo6gsayWptzQKv2QIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFO0G
yCS6zmygfXJ2EJe/MY+xEvPgMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9DRDlBMDM4ODM1MkYxMUYxODIwNzdBQjJDRTFEMzhCMC5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmsIsMA0GCSqGSIb3DQEB
CwUAA4IBAQDQpsARVZfC0sFNejzRYj/0ZimvbfXtMGpH2+BHCbeNj+64uwnwnlcU
JqC9gHVYnrRhu3wkF3HHzbyRcHFKzfXfLRMVskiys5JDkVR9xBWDNAOXDzoUyZg+
loC/HjuRYySayGy5EJZu7r1+f5ZxcpvEX8AlFUrR72FWoUKMUxUfhS0n1h2E3Vgd
rRfvxLJxDJXZZ5BzT+y+BX5+b5wj2hs5/dGKviro0N+P88pmlEto94HJ5Z5gtruX
6Ti5FJAn/Nv4QralEQRSPLTRulvzwFqX4y3PtF25hNMOo8YCiepYqI8UxAYcN3Oi
FGiSSK9ccO8hubQ/4b0syEmLecHaZOL0
-----END CERTIFICATE-----
Generated at Fri Apr 17 11:25:31 2026 by rpki-client