Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D19170A4364511F18A4E51E8CE1D38B0.roa
File: D19170A4364511F18A4E51E8CE1D38B0.roa (raw, json)
Hash identifier: rUGRcMH4Bv17lgaC2sVhyqGZplfOTtQWRUq4hIRzd9Y=
Subject key identifier: 06:CF:BE:EA:D9:9D:D0:FB:52:41:CF:7E:8B:03:80:E0:35:D3:89:54
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01C4A6
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D19170A4364511F18A4E51E8CE1D38B0.roa
Signing time: Sun 12 Apr 2026 08:01:32 +0000
ROA not before: Sun 12 Apr 2026 08:01:28 +0000
ROA not after: Thu 12 Apr 2029 08:01:28 +0000
asID: 17561
IP address blocks: 154.221.100.0/24 maxlen: 24
154.221.101.0/24 maxlen: 24
154.221.102.0/24 maxlen: 24
154.221.103.0/24 maxlen: 24
154.221.104.0/24 maxlen: 24
154.221.105.0/24 maxlen: 24
154.221.106.0/24 maxlen: 24
154.221.107.0/24 maxlen: 24
154.221.108.0/24 maxlen: 24
154.221.109.0/24 maxlen: 24
154.221.110.0/24 maxlen: 24
154.221.111.0/24 maxlen: 24
154.221.112.0/24 maxlen: 24
154.221.113.0/24 maxlen: 24
154.221.114.0/24 maxlen: 24
154.221.115.0/24 maxlen: 24
154.221.116.0/24 maxlen: 24
154.221.117.0/24 maxlen: 24
154.221.118.0/24 maxlen: 24
154.221.119.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 19 Apr 2026 16:08:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 115878 (0x1c4a6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Apr 12 08:01:28 2026 GMT
Not After : Apr 12 08:01:28 2029 GMT
Subject: CN=69db515c-8102
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:7f:7c:d9:0c:95:49:16:54:6a:3c:94:32:64:
53:be:99:c5:1f:c2:bd:fa:b2:2e:3c:f5:84:ce:d8:
9e:42:01:3e:d1:b4:60:e4:cd:7c:65:f7:9d:2a:00:
26:ed:6e:bf:b3:8e:e1:43:c5:a6:57:c6:6f:ee:8d:
65:bb:9a:27:ba:69:63:34:b2:1e:fb:35:f2:37:2e:
72:42:85:28:26:3c:94:33:18:9d:84:4a:5d:27:19:
8f:f5:e4:dd:ec:8b:bf:cb:41:6f:8d:ae:14:4d:cf:
f1:26:60:07:a1:2b:d9:e4:67:53:7b:77:c1:69:37:
45:01:bf:00:38:7e:e6:0f:46:ae:63:d9:d5:df:14:
02:09:66:1c:48:e4:e1:5f:ee:79:f0:11:3c:54:58:
6e:48:5b:df:75:0e:d4:32:02:b9:14:5b:e4:d8:f3:
92:b0:96:e3:7a:6a:40:c8:84:54:7e:b1:c7:d3:e5:
ca:92:68:f8:c5:42:e7:cc:bf:61:c0:70:db:87:3b:
72:b3:05:84:fd:7c:84:0f:8e:ba:56:c4:9c:4b:9e:
6c:1b:97:da:03:4d:3b:10:d0:3a:c5:37:f1:7b:50:
cd:e5:ce:f1:05:2f:55:c9:dd:ad:9d:3f:63:95:69:
14:19:fb:b3:29:9f:b9:b5:e4:43:c3:67:1b:a1:08:
3a:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:CF:BE:EA:D9:9D:D0:FB:52:41:CF:7E:8B:03:80:E0:35:D3:89:54
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D19170A4364511F18A4E51E8CE1D38B0.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.221.100.0-154.221.119.255
Signature Algorithm: sha256WithRSAEncryption
87:12:98:f1:6f:df:c7:1b:49:bd:54:97:39:14:cb:f5:37:9a:
4e:21:b4:c2:08:a5:19:53:24:0c:da:aa:f0:c2:68:1c:bf:29:
bb:8f:20:77:b7:7a:4f:b5:e1:21:53:ae:b6:3c:21:e3:68:bd:
9e:78:f9:af:aa:b4:90:0d:0c:6b:88:56:a1:fc:51:22:f1:25:
26:6d:d4:cd:5f:42:f4:a7:58:24:70:39:5d:f2:d5:98:a6:ae:
dd:f9:9d:76:c6:c3:dd:da:b6:74:1c:60:58:e3:22:48:57:ee:
02:48:ea:c0:18:04:0e:f9:5e:b6:d9:14:50:cd:b5:c5:2f:59:
17:39:87:c8:46:62:05:d9:99:b7:a0:8c:9e:a8:27:8a:ac:0f:
7d:1a:fd:39:4b:f1:27:73:8e:95:c1:a4:e3:5d:ed:12:00:55:
3f:0d:f5:0c:1c:20:e6:1e:5d:79:1e:f6:94:fc:9f:e0:36:98:
bc:e3:24:77:2d:30:46:3a:b7:bd:4c:3c:dc:39:0b:a5:17:d8:
64:15:58:cd:da:c3:1c:ad:d0:1a:65:07:40:91:a3:5e:29:43:
b8:43:5c:b9:1b:39:4a:2e:0b:a2:b2:6f:d8:f0:15:39:0d:5a:
ba:91:52:53:c2:96:55:f7:de:00:50:c4:68:a6:bb:5a:79:1b:
57:ab:72:41
-----BEGIN CERTIFICATE-----
MIIFjDCCBHSgAwIBAgIDAcSmMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjYwNDEyMDgwMTI4WhcNMjkwNDEyMDgwMTI4WjAYMRYw
FAYDVQQDEw02OWRiNTE1Yy04MTAyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAv3982QyVSRZUajyUMmRTvpnFH8K9+rIuPPWEztieQgE+0bRg5M18Zfed
KgAm7W6/s47hQ8WmV8Zv7o1lu5onumljNLIe+zXyNy5yQoUoJjyUMxidhEpdJxmP
9eTd7Iu/y0Fvja4UTc/xJmAHoSvZ5GdTe3fBaTdFAb8AOH7mD0auY9nV3xQCCWYc
SOThX+558BE8VFhuSFvfdQ7UMgK5FFvk2POSsJbjempAyIRUfrHH0+XKkmj4xULn
zL9hwHDbhztyswWE/XyED466VsScS55sG5faA007ENA6xTfxe1DN5c7xBS9Vyd2t
nT9jlWkUGfuzKZ+5teRDw2cboQg6KwIDAQABo4ICrTCCAqkwHQYDVR0OBBYEFAbP
vurZndD7UkHPfosDgOA104lUMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9EMTkxNzBBNDM2NDUxMUYxOEE0RTUxRThDRTFEMzhCMC5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAKa3WQDBAOa3XAwDQYJ
KoZIhvcNAQELBQADggEBAIcSmPFv38cbSb1UlzkUy/U3mk4htMIIpRlTJAzaqvDC
aBy/KbuPIHe3ek+14SFTrrY8IeNovZ54+a+qtJANDGuIVqH8USLxJSZt1M1fQvSn
WCRwOV3y1Zimrt35nXbGw93atnQcYFjjIkhX7gJI6sAYBA75XrbZFFDNtcUvWRc5
h8hGYgXZmbegjJ6oJ4qsD30a/TlL8SdzjpXBpONd7RIAVT8N9QwcIOYeXXke9pT8
n+A2mLzjJHctMEY6t71MPNw5C6UX2GQVWM3awxyt0BplB0CRo14pQ7hDXLkbOUou
C6Kyb9jwFTkNWrqRUlPCllX33gBQxGimu1p5G1erckE=
-----END CERTIFICATE-----
Generated at Fri Apr 17 20:25:11 2026 by rpki-client