Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/CFAD76C42F3411F1AB4429CEDAE4EC9C.roa
File: CFAD76C42F3411F1AB4429CEDAE4EC9C.roa (raw, json)
Hash identifier: /UuO3B3E1LdnI2uXi2v3/lbRG1R4ktjc9fA7h0W72EQ=
Subject key identifier: 3D:9F:4F:C3:5C:EB:D3:E6:B1:D1:06:DC:D3:DF:4A:73:DB:ED:8B:41
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01C2A4
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/CFAD76C42F3411F1AB4429CEDAE4EC9C.roa
Signing time: Fri 03 Apr 2026 08:12:10 +0000
ROA not before: Fri 03 Apr 2026 08:12:05 +0000
ROA not after: Sun 17 May 2026 08:12:05 +0000
asID: 272854
IP address blocks: 154.194.54.0/24 maxlen: 24
154.197.1.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 19 Apr 2026 16:08:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 115364 (0x1c2a4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Apr 3 08:12:05 2026 GMT
Not After : May 17 08:12:05 2026 GMT
Subject: CN=69cf765a-503c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:bb:be:53:40:12:4f:2b:5f:74:85:7a:96:a8:
7d:eb:57:f1:51:a6:a3:cd:0b:4d:bb:2e:84:e8:4c:
53:bf:07:52:b2:43:84:42:54:cf:46:b4:e4:16:35:
37:17:20:61:09:b1:57:7f:99:2d:24:a6:d5:96:c9:
74:f2:61:8e:44:8a:67:48:17:c9:5b:da:1b:3e:c9:
62:1b:32:1e:29:17:71:9b:cb:c1:2f:19:cc:28:6e:
4c:c8:ec:66:f5:ed:d2:7a:b1:f1:b0:a0:35:a1:88:
fb:60:94:48:94:0b:46:06:c0:7f:f4:31:d9:d5:cc:
85:0f:16:5a:17:05:5f:fa:7c:b4:d8:3f:b5:95:b2:
42:1f:1e:03:5b:87:86:d9:33:c3:73:2b:5c:c5:6a:
20:fb:24:10:a7:8e:12:82:ad:b3:2b:e5:37:0b:7d:
c9:23:72:55:2b:18:94:4c:ed:44:31:c3:61:8d:52:
0b:8b:74:45:4d:8f:5c:6f:3b:c8:82:10:67:33:c6:
ff:54:9b:67:d6:f5:12:db:d7:2a:c1:09:0d:c1:60:
e7:e4:cb:e4:55:1e:0a:55:3e:59:c6:ca:13:36:87:
0a:95:a5:4a:6a:05:c5:41:79:71:a1:b2:f9:70:07:
29:f7:56:a6:4e:8a:a6:e7:a0:d4:7c:ee:15:19:92:
a7:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:9F:4F:C3:5C:EB:D3:E6:B1:D1:06:DC:D3:DF:4A:73:DB:ED:8B:41
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/CFAD76C42F3411F1AB4429CEDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.194.54.0/24
154.197.1.0/24
Signature Algorithm: sha256WithRSAEncryption
18:b2:47:68:01:65:21:2b:66:45:8c:a4:5b:91:67:92:01:17:
8b:54:00:98:02:7d:59:38:95:b8:e5:ca:57:9b:9d:ec:28:29:
af:d8:a6:fc:b6:71:d9:ee:58:94:1b:c0:7c:50:30:7e:2f:c0:
89:60:8e:fc:25:53:9b:f7:4d:ec:13:22:91:c1:d7:0c:20:05:
d9:61:21:5e:74:f0:91:26:e7:9b:12:33:fb:b1:de:6c:32:a8:
c8:c6:ba:82:50:47:45:07:7b:31:05:94:c9:07:c6:e6:f8:c0:
4b:aa:c2:4e:4b:86:c0:ca:3e:63:07:99:ce:ea:3b:09:20:5f:
39:9b:af:f3:e7:ca:50:4a:df:86:27:86:cc:5e:c6:af:2b:f1:
6b:e5:c7:7b:f7:f0:46:28:87:f7:ac:e4:d5:ad:7f:f7:f0:08:
55:ea:6c:13:64:bb:b8:89:36:a9:c3:49:23:81:87:0c:69:1d:
43:af:cc:07:d4:55:d8:47:7b:66:2e:64:9c:35:32:7b:6e:a8:
c7:14:d3:c9:a5:76:26:3f:9f:c3:93:77:15:d5:e2:3f:ea:94:
df:1c:60:24:aa:69:47:8e:40:3d:ea:54:81:a0:70:3a:e6:3b:
93:fc:39:2b:20:3c:1d:37:5c:8e:5c:b9:23:b8:09:31:47:9a:
41:3c:c9:f2
-----BEGIN CERTIFICATE-----
MIIFijCCBHKgAwIBAgIDAcKkMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjYwNDAzMDgxMjA1WhcNMjYwNTE3MDgxMjA1WjAYMRYw
FAYDVQQDEw02OWNmNzY1YS01MDNjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAwLu+U0ASTytfdIV6lqh961fxUaajzQtNuy6E6ExTvwdSskOEQlTPRrTk
FjU3FyBhCbFXf5ktJKbVlsl08mGORIpnSBfJW9obPsliGzIeKRdxm8vBLxnMKG5M
yOxm9e3SerHxsKA1oYj7YJRIlAtGBsB/9DHZ1cyFDxZaFwVf+ny02D+1lbJCHx4D
W4eG2TPDcytcxWog+yQQp44Sgq2zK+U3C33JI3JVKxiUTO1EMcNhjVILi3RFTY9c
bzvIghBnM8b/VJtn1vUS29cqwQkNwWDn5MvkVR4KVT5ZxsoTNocKlaVKagXFQXlx
obL5cAcp91amToqm56DUfO4VGZKnAQIDAQABo4ICqzCCAqcwHQYDVR0OBBYEFD2f
T8Nc69PmsdEG3NPfSnPb7YtBMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9DRkFENzZDNDJGMzQxMUYxQUI0NDI5Q0VEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAmsI2AwQAmsUBMA0GCSqG
SIb3DQEBCwUAA4IBAQAYskdoAWUhK2ZFjKRbkWeSAReLVACYAn1ZOJW45cpXm53s
KCmv2Kb8tnHZ7liUG8B8UDB+L8CJYI78JVOb903sEyKRwdcMIAXZYSFedPCRJueb
EjP7sd5sMqjIxrqCUEdFB3sxBZTJB8bm+MBLqsJOS4bAyj5jB5nO6jsJIF85m6/z
58pQSt+GJ4bMXsavK/Fr5cd79/BGKIf3rOTVrX/38AhV6mwTZLu4iTapw0kjgYcM
aR1Dr8wH1FXYR3tmLmScNTJ7bqjHFNPJpXYmP5/Dk3cV1eI/6pTfHGAkqmlHjkA9
6lSBoHA65juT/DkrIDwdN1yOXLkjuAkxR5pBPMny
-----END CERTIFICATE-----
Generated at Sat Apr 18 01:19:09 2026 by rpki-client