Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/CFACCED4326511F1AA66E3D2DAE4EC9C.roa
File: CFACCED4326511F1AA66E3D2DAE4EC9C.roa (raw, json)
Hash identifier: qBowVsaVOpzI9r5btrPVbgiGjyhVCy4vKUKPjM6jk8s=
Subject key identifier: E2:05:94:8C:26:05:60:3D:A9:EC:0F:F2:2E:A4:69:79:51:A7:20:E0
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01C373
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/CFACCED4326511F1AA66E3D2DAE4EC9C.roa
Signing time: Tue 07 Apr 2026 09:40:28 +0000
ROA not before: Tue 07 Apr 2026 09:40:24 +0000
ROA not after: Sun 25 Apr 2027 09:40:24 +0000
asID: 209242
IP address blocks: 154.197.64.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 19 Apr 2026 00:07:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 115571 (0x1c373)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Apr 7 09:40:24 2026 GMT
Not After : Apr 25 09:40:24 2027 GMT
Subject: CN=69d4d10c-5f0b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:0c:bd:1d:45:11:3d:88:11:02:85:63:cd:29:
55:74:8a:1e:09:ec:13:69:d3:97:f9:f5:dd:1f:a0:
96:8e:e8:7f:a5:23:f0:66:ed:19:bd:fc:ec:e8:c7:
ea:d5:cf:f1:fe:2b:dc:a6:be:ca:24:29:de:85:41:
0c:cf:58:22:a9:67:b7:76:de:d0:d5:dd:68:a6:b6:
f4:1c:45:22:58:d9:ab:c4:fe:4c:7d:38:7d:d2:2c:
93:f7:c6:ca:7c:0b:00:37:f2:4d:a6:3b:b3:83:ba:
8a:11:92:8f:c6:43:5b:52:04:d2:89:3b:74:66:7b:
d1:66:8c:2d:ae:67:91:6e:f0:a3:dd:44:c5:83:69:
4a:9d:b5:a4:68:8b:70:1d:f7:df:f3:2d:e1:d4:8d:
32:60:32:23:9f:82:6c:7a:e1:1e:51:da:b6:1c:03:
7b:e9:3c:94:ec:73:f6:20:eb:98:90:12:81:e3:d4:
bf:5e:e4:4f:4d:ad:d9:25:d5:48:e6:22:05:ba:30:
8f:6c:02:d2:80:8a:25:a4:08:ae:03:c4:ee:5b:4e:
00:cc:70:f8:38:da:d5:1a:52:dc:76:dc:60:bb:33:
e8:c0:1c:3a:2a:d8:b5:b3:36:e9:54:67:04:d6:0c:
8e:07:6e:f9:ad:70:5a:1c:36:00:94:11:8a:a9:a5:
a2:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:05:94:8C:26:05:60:3D:A9:EC:0F:F2:2E:A4:69:79:51:A7:20:E0
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/CFACCED4326511F1AA66E3D2DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.197.64.0/24
Signature Algorithm: sha256WithRSAEncryption
be:60:9d:03:f2:dd:af:47:54:9a:f6:0e:6a:a4:2b:cf:f6:4c:
6a:6b:3a:91:16:0b:06:23:63:28:de:aa:de:11:22:26:14:e5:
32:44:db:16:27:c0:d8:6b:88:64:33:87:0d:e3:14:1f:04:2d:
8b:18:72:07:dd:1a:d5:76:35:e7:c7:db:13:03:05:91:a8:dd:
3a:a9:f4:ba:bd:85:b6:2c:b5:9a:72:02:a7:4b:51:73:1c:42:
14:85:7b:1c:de:2c:5f:47:61:3a:58:3d:78:ce:c1:63:fb:12:
c4:04:20:d1:20:6d:77:a8:bd:18:2f:32:ff:78:26:4a:94:dc:
ba:34:3b:55:9d:79:d7:b0:b7:2d:f4:ae:92:9c:a7:af:47:0f:
16:01:02:e1:d1:22:8b:59:d7:f1:1b:ee:0e:ce:2c:7c:b8:48:
f9:60:01:40:b1:58:71:99:fc:1a:00:de:e1:01:e8:6a:27:c9:
06:05:d4:62:a1:33:03:13:c6:6f:25:d8:09:1b:a3:0f:18:22:
00:d2:63:c0:49:5e:c3:65:a0:c7:08:a5:98:a9:49:88:95:46:
16:98:76:47:d5:2e:96:e0:e9:1f:4e:54:1e:f7:db:9f:0f:02:
4c:c0:28:ce:b6:c0:ad:c6:85:ec:fa:5b:df:81:8c:6e:5c:cb:
d3:00:6e:88
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAcNzMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjYwNDA3MDk0MDI0WhcNMjcwNDI1MDk0MDI0WjAYMRYw
FAYDVQQDEw02OWQ0ZDEwYy01ZjBiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA6wy9HUURPYgRAoVjzSlVdIoeCewTadOX+fXdH6CWjuh/pSPwZu0Zvfzs
6Mfq1c/x/ivcpr7KJCnehUEMz1giqWe3dt7Q1d1oprb0HEUiWNmrxP5MfTh90iyT
98bKfAsAN/JNpjuzg7qKEZKPxkNbUgTSiTt0ZnvRZowtrmeRbvCj3UTFg2lKnbWk
aItwHfff8y3h1I0yYDIjn4JseuEeUdq2HAN76TyU7HP2IOuYkBKB49S/XuRPTa3Z
JdVI5iIFujCPbALSgIolpAiuA8TuW04AzHD4ONrVGlLcdtxguzPowBw6Kti1szbp
VGcE1gyOB275rXBaHDYAlBGKqaWi0wIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFOIF
lIwmBWA9qewP8i6kaXlRpyDgMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9DRkFDQ0VENDMyNjUxMUYxQUE2NkUzRDJEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmsVAMA0GCSqGSIb3DQEB
CwUAA4IBAQC+YJ0D8t2vR1Sa9g5qpCvP9kxqazqRFgsGI2Mo3qreESImFOUyRNsW
J8DYa4hkM4cN4xQfBC2LGHIH3RrVdjXnx9sTAwWRqN06qfS6vYW2LLWacgKnS1Fz
HEIUhXsc3ixfR2E6WD14zsFj+xLEBCDRIG13qL0YLzL/eCZKlNy6NDtVnXnXsLct
9K6SnKevRw8WAQLh0SKLWdfxG+4Ozix8uEj5YAFAsVhxmfwaAN7hAehqJ8kGBdRi
oTMDE8ZvJdgJG6MPGCIA0mPASV7DZaDHCKWYqUmIlUYWmHZH1S6W4OkfTlQe99uf
DwJMwCjOtsCtxoXs+lvfgYxuXMvTAG6I
-----END CERTIFICATE-----
Generated at Fri Apr 17 11:25:18 2026 by rpki-client