Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D40E7CA8365B11F1953F9BEBCE1D38B0.roa
File: D40E7CA8365B11F1953F9BEBCE1D38B0.roa (raw, json)
Hash identifier: wKYcg/Sbu7lIzD+2jr5Xqrn0yIL1B87QmiexQzAaW4M=
Subject key identifier: E1:3D:4B:BA:8A:F3:22:4A:77:10:62:7D:FA:55:03:8E:18:54:07:3F
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01C4B8
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D40E7CA8365B11F1953F9BEBCE1D38B0.roa
Signing time: Sun 12 Apr 2026 10:39:06 +0000
ROA not before: Sun 12 Apr 2026 10:39:00 +0000
ROA not after: Thu 12 Apr 2029 10:39:00 +0000
asID: 17561
IP address blocks: 154.218.71.0/24 maxlen: 24
154.218.72.0/24 maxlen: 24
154.218.73.0/24 maxlen: 24
154.218.74.0/24 maxlen: 24
154.218.75.0/24 maxlen: 24
154.218.76.0/24 maxlen: 24
154.218.77.0/24 maxlen: 24
154.218.78.0/24 maxlen: 24
154.218.79.0/24 maxlen: 24
154.218.120.0/24 maxlen: 24
154.218.121.0/24 maxlen: 24
154.218.122.0/24 maxlen: 24
154.218.123.0/24 maxlen: 24
154.218.124.0/24 maxlen: 24
154.218.125.0/24 maxlen: 24
154.218.126.0/24 maxlen: 24
154.218.127.0/24 maxlen: 24
154.221.64.0/24 maxlen: 24
154.221.65.0/24 maxlen: 24
154.221.66.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 19 Apr 2026 16:08:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 115896 (0x1c4b8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Apr 12 10:39:00 2026 GMT
Not After : Apr 12 10:39:00 2029 GMT
Subject: CN=69db7649-c6db
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f2:09:8f:b2:f8:7d:64:55:bd:78:3e:e1:16:ba:
cb:0f:d0:cd:b4:e5:34:48:39:61:7e:bf:38:eb:db:
4d:ef:d6:f0:c3:fb:5f:51:d8:c6:a4:38:62:eb:3c:
44:19:4b:8e:fb:bb:3d:ec:dd:19:43:40:d1:25:28:
ec:20:b3:ad:f4:8d:7e:25:a1:6b:84:b0:6b:a2:f5:
94:27:f8:c0:fb:f1:82:a9:6b:1e:ce:2a:19:41:a3:
36:93:8d:b5:44:80:d2:52:23:a0:74:64:44:0a:da:
08:97:5d:6a:ea:c6:b7:5f:cb:81:41:91:f6:c5:db:
fb:0f:3b:a9:23:8b:55:38:4f:f2:03:c8:e5:7e:7b:
03:69:97:e4:02:5f:47:61:ce:95:3a:c5:2b:77:a0:
cf:39:5f:90:be:cb:98:0e:2f:f1:5e:71:35:a8:e9:
eb:db:2c:d0:04:c0:76:43:c0:b6:af:b4:a2:d3:fc:
8e:d4:65:b8:c5:0b:ef:67:fc:0d:e2:a5:c0:21:d4:
05:c1:0b:28:08:9c:8f:1a:ad:d1:0b:b5:18:e3:c2:
6b:9b:84:a4:a0:e7:9e:1c:71:a8:77:3f:07:e9:9f:
28:a0:27:ca:f5:4b:f0:f7:ad:ec:9e:36:b7:7e:16:
dc:56:68:7d:63:c6:23:4b:7b:f6:c4:ad:91:85:d6:
70:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:3D:4B:BA:8A:F3:22:4A:77:10:62:7D:FA:55:03:8E:18:54:07:3F
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D40E7CA8365B11F1953F9BEBCE1D38B0.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.218.71.0-154.218.79.255
154.218.120.0/21
154.221.64.0-154.221.66.255
Signature Algorithm: sha256WithRSAEncryption
70:54:2c:70:ce:00:12:bc:81:02:54:e4:cc:85:e9:0e:f3:db:
4e:49:3d:b9:d3:2f:ed:59:dc:02:10:fe:43:ad:83:8c:6f:2d:
4f:72:a4:40:b1:c4:4b:1a:b6:b0:4a:63:fe:e4:ea:50:9d:8c:
fb:f5:68:11:5e:61:4d:27:dc:34:fa:06:2f:fd:74:d2:87:39:
8c:e7:2a:31:ce:e8:f9:47:d6:ad:40:ea:a2:3d:93:b9:46:11:
e8:b0:0a:f6:c9:79:7f:6a:8c:6d:cd:69:2c:a0:e7:27:31:5b:
d3:c9:3f:8d:e1:4a:cb:44:c2:5e:6c:6d:ab:e6:c6:89:b6:1b:
17:2e:d4:fa:6e:f8:01:9b:a5:12:f8:87:ad:dc:d8:b1:7c:54:
a0:05:ad:e3:90:44:45:b8:bc:c6:09:10:20:a1:41:9e:6f:e0:
79:18:ec:17:4a:e5:cf:eb:46:56:65:23:e8:e5:92:2d:33:53:
0a:ce:36:bc:e3:09:4b:73:3f:80:d8:46:6b:64:a4:31:10:95:
4d:62:a7:2f:23:6a:cd:15:33:c1:77:3b:c9:52:c0:4a:1a:9c:
bb:da:48:c4:f0:14:d7:8a:84:04:e4:92:a7:54:66:70:f0:dc:
aa:04:59:5b:e0:4b:e0:16:0d:7e:0e:58:83:7d:bb:d6:4e:4e:
b9:15:fc:34
-----BEGIN CERTIFICATE-----
MIIFoDCCBIigAwIBAgIDAcS4MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjYwNDEyMTAzOTAwWhcNMjkwNDEyMTAzOTAwWjAYMRYw
FAYDVQQDEw02OWRiNzY0OS1jNmRiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA8gmPsvh9ZFW9eD7hFrrLD9DNtOU0SDlhfr8469tN79bww/tfUdjGpDhi
6zxEGUuO+7s97N0ZQ0DRJSjsILOt9I1+JaFrhLBrovWUJ/jA+/GCqWsezioZQaM2
k421RIDSUiOgdGRECtoIl11q6sa3X8uBQZH2xdv7DzupI4tVOE/yA8jlfnsDaZfk
Al9HYc6VOsUrd6DPOV+QvsuYDi/xXnE1qOnr2yzQBMB2Q8C2r7Si0/yO1GW4xQvv
Z/wN4qXAIdQFwQsoCJyPGq3RC7UY48Jrm4SkoOeeHHGodz8H6Z8ooCfK9Uvw963s
nja3fhbcVmh9Y8YjS3v2xK2RhdZwVQIDAQABo4ICwTCCAr0wHQYDVR0OBBYEFOE9
S7qK8yJKdxBiffpVA44YVAc/MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9ENDBFN0NBODM2NUIxMUYxOTUzRjlCRUJDRTFEMzhCMC5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMDsGCCsGAQUFBwEHAQH/BCwwKjAoBAIAATAiMAwDBACa2kcDBASa2kADBAOa
2ngwDAMEBprdQAMEAJrdQjANBgkqhkiG9w0BAQsFAAOCAQEAcFQscM4AEryBAlTk
zIXpDvPbTkk9udMv7VncAhD+Q62DjG8tT3KkQLHESxq2sEpj/uTqUJ2M+/VoEV5h
TSfcNPoGL/100oc5jOcqMc7o+UfWrUDqoj2TuUYR6LAK9sl5f2qMbc1pLKDnJzFb
08k/jeFKy0TCXmxtq+bGibYbFy7U+m74AZulEviHrdzYsXxUoAWt45BERbi8xgkQ
IKFBnm/geRjsF0rlz+tGVmUj6OWSLTNTCs42vOMJS3M/gNhGa2SkMRCVTWKnLyNq
zRUzwXc7yVLAShqcu9pIxPAU14qEBOSSp1RmcPDcqgRZW+BL4BYNfg5Yg3271k5O
uRX8NA==
-----END CERTIFICATE-----
Generated at Fri Apr 17 23:56:03 2026 by rpki-client