Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D7BE6836366F11F1916BBCE4CE1D38B0.roa
File: D7BE6836366F11F1916BBCE4CE1D38B0.roa (raw, json)
Hash identifier: di3WeJrNAvaVNmlNUM4mYjrhfepJJHAKPo/+xRH9b78=
Subject key identifier: 20:40:62:C0:77:C0:0E:72:00:45:DA:77:BE:E8:41:64:9E:D5:9E:47
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01C4CC
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D7BE6836366F11F1916BBCE4CE1D38B0.roa
Signing time: Sun 12 Apr 2026 13:02:22 +0000
ROA not before: Sun 12 Apr 2026 13:02:16 +0000
ROA not after: Sat 04 Jul 2026 13:02:16 +0000
asID: 149440
IP address blocks: 154.81.220.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 19 Apr 2026 00:07:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 115916 (0x1c4cc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Apr 12 13:02:16 2026 GMT
Not After : Jul 4 13:02:16 2026 GMT
Subject: CN=69db97de-0b62
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:55:2a:51:12:dc:ec:4d:2a:da:ae:db:39:cd:
13:41:14:42:60:cd:0e:ae:4b:3c:e6:13:2c:64:b8:
70:20:44:2d:f3:30:97:cf:83:a0:5d:43:1c:42:e2:
36:45:5e:f8:b6:26:22:43:11:e7:92:94:c7:dd:7f:
33:10:c5:22:85:73:53:2f:e1:b1:d5:82:d2:0f:c7:
b6:4a:36:57:e7:06:f1:9f:65:d8:4d:87:dd:e6:b1:
87:b9:5a:29:98:ee:d2:54:30:0b:1e:fb:3f:25:aa:
15:fd:8f:47:eb:ca:8a:44:dc:27:29:cd:e2:4d:a5:
3d:8d:53:d4:b9:d5:88:3c:ef:88:07:1a:af:50:59:
ff:25:c4:89:88:41:d4:5a:37:ba:af:94:9d:d8:4f:
5d:1f:83:d4:24:08:7f:c2:ec:25:36:fe:8d:c6:46:
cf:79:13:01:1b:75:5d:5a:4a:0a:73:b2:97:db:9a:
3f:2c:32:7c:42:a7:f9:be:a7:f2:15:67:d0:e3:7a:
66:42:13:fd:a7:71:e1:ea:1d:4c:db:ee:4a:5f:7c:
f4:fd:9b:15:92:00:9c:59:ca:76:de:0c:f3:74:41:
82:ea:e1:21:b8:de:3f:8f:70:6c:f8:de:9b:cf:9e:
49:11:a8:a6:45:92:a1:21:6b:e3:7a:07:50:fd:ae:
49:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:40:62:C0:77:C0:0E:72:00:45:DA:77:BE:E8:41:64:9E:D5:9E:47
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D7BE6836366F11F1916BBCE4CE1D38B0.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.81.220.0/24
Signature Algorithm: sha256WithRSAEncryption
2d:5f:e8:d9:d0:fa:1b:0f:a2:15:d8:97:bf:50:77:e6:b5:29:
ab:40:ad:d9:f3:12:1d:ec:e9:94:e9:cb:5f:f5:d8:ba:30:c0:
ff:52:80:26:c8:05:9e:16:0f:97:18:1a:e2:03:3f:1d:10:b9:
23:59:8b:1b:d9:1f:01:48:e6:d1:a2:92:f6:74:c3:e8:c7:cb:
dd:28:ac:0f:88:b2:e5:d4:6e:c7:21:96:d4:b6:a3:0e:8f:01:
15:b8:79:d7:f2:27:35:1b:41:92:9b:2d:b9:d5:47:18:0f:42:
e4:00:ea:62:ad:5b:23:2c:a5:9f:29:8e:73:33:06:17:a8:04:
b2:d0:38:a6:a2:aa:c1:ff:46:53:93:14:65:fb:a9:5b:56:df:
76:9e:b2:60:d5:8e:ad:15:6f:8b:e5:85:cd:b9:33:ed:e2:5f:
72:56:8e:f8:a2:d9:81:7a:f3:69:a1:10:1d:a8:60:32:08:1e:
9e:c0:03:43:dc:ab:f6:b2:0a:83:96:62:d2:16:c4:f3:79:e5:
98:95:14:9e:67:75:f1:36:46:0e:8a:2c:63:fa:c7:b2:60:d8:
50:4b:a6:c7:cc:80:79:39:47:f6:5f:de:a8:ec:86:b7:7c:30:
09:e4:ef:56:21:73:2b:e4:8a:fe:79:74:a1:e9:d8:d3:41:f4:
26:43:ef:c1
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAcTMMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjYwNDEyMTMwMjE2WhcNMjYwNzA0MTMwMjE2WjAYMRYw
FAYDVQQDEw02OWRiOTdkZS0wYjYyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAy1UqURLc7E0q2q7bOc0TQRRCYM0Orks85hMsZLhwIEQt8zCXz4OgXUMc
QuI2RV74tiYiQxHnkpTH3X8zEMUihXNTL+Gx1YLSD8e2SjZX5wbxn2XYTYfd5rGH
uVopmO7SVDALHvs/JaoV/Y9H68qKRNwnKc3iTaU9jVPUudWIPO+IBxqvUFn/JcSJ
iEHUWje6r5Sd2E9dH4PUJAh/wuwlNv6NxkbPeRMBG3VdWkoKc7KX25o/LDJ8Qqf5
vqfyFWfQ43pmQhP9p3Hh6h1M2+5KX3z0/ZsVkgCcWcp23gzzdEGC6uEhuN4/j3Bs
+N6bz55JEaimRZKhIWvjegdQ/a5JsQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFCBA
YsB3wA5yAEXad77oQWSe1Z5HMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9EN0JFNjgzNjM2NkYxMUYxOTE2QkJDRTRDRTFEMzhCMC5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmlHcMA0GCSqGSIb3DQEB
CwUAA4IBAQAtX+jZ0PobD6IV2Je/UHfmtSmrQK3Z8xId7OmU6ctf9di6MMD/UoAm
yAWeFg+XGBriAz8dELkjWYsb2R8BSObRopL2dMPox8vdKKwPiLLl1G7HIZbUtqMO
jwEVuHnX8ic1G0GSmy251UcYD0LkAOpirVsjLKWfKY5zMwYXqASy0DimoqrB/0ZT
kxRl+6lbVt92nrJg1Y6tFW+L5YXNuTPt4l9yVo74otmBevNpoRAdqGAyCB6ewAND
3Kv2sgqDlmLSFsTzeeWYlRSeZ3XxNkYOiixj+seyYNhQS6bHzIB5OUf2X96o7Ia3
fDAJ5O9WIXMr5Ir+eXSh6djTQfQmQ+/B
-----END CERTIFICATE-----
Generated at Fri Apr 17 13:45:22 2026 by rpki-client