Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/E0CFAE5C34AE11F1B4DF39B0CE1D38B0.roa
File: E0CFAE5C34AE11F1B4DF39B0CE1D38B0.roa (raw, json)
Hash identifier: zn8bBbgD01o8Ie9HRz+xiTJ6+xT/8hTThDerVDICzVs=
Subject key identifier: D5:29:71:1C:07:2F:DF:18:6A:65:D0:09:CC:C4:82:4D:BD:87:DF:A9
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01C459
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/E0CFAE5C34AE11F1B4DF39B0CE1D38B0.roa
Signing time: Fri 10 Apr 2026 07:28:33 +0000
ROA not before: Fri 10 Apr 2026 07:28:28 +0000
ROA not after: Sun 10 May 2026 07:28:28 +0000
asID: 54801
IP address blocks: 154.86.0.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 19 Apr 2026 14:01:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 115801 (0x1c459)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Apr 10 07:28:28 2026 GMT
Not After : May 10 07:28:28 2026 GMT
Subject: CN=69d8a6a1-dd7d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:8e:d4:31:31:e3:fc:03:bf:da:fa:eb:74:55:
e3:6a:1f:62:9a:fc:35:f6:9f:95:2d:9d:fb:5f:9f:
d4:d7:3b:5d:bb:0c:66:d1:f5:bc:97:3f:aa:b9:ee:
db:b9:f9:72:06:81:dd:d1:af:3a:64:73:5e:75:42:
cf:f4:69:5a:21:48:2b:53:19:31:a1:c4:2f:40:38:
10:9c:cd:94:a1:2f:f9:89:51:3b:df:ca:d6:55:5e:
af:96:98:5a:f5:8a:55:fc:8d:a9:7d:fe:1a:ad:7f:
fa:ad:d2:4b:57:af:f2:ea:a1:ac:c0:db:18:a2:6f:
b6:da:c0:3b:c7:49:70:5d:53:c1:de:85:e9:50:52:
a8:0c:ca:c3:94:80:cb:cd:ae:ea:f5:9f:c8:b8:0b:
c8:5e:2a:d9:d8:20:64:ca:47:c3:a7:84:59:e7:20:
65:05:11:3b:64:7e:e5:99:f7:a0:fb:6d:19:5b:5e:
b9:12:53:88:b3:a1:a3:4c:2d:33:8b:17:a7:f0:61:
38:94:f8:13:b8:56:aa:5c:e5:52:d7:5e:23:8c:9e:
f6:7b:ee:94:80:0d:10:ec:ec:69:28:b4:b2:6a:2d:
74:29:45:f3:24:03:1c:ab:95:33:65:77:35:94:f7:
5c:3a:75:85:f3:99:9a:04:2d:a5:de:53:88:96:e2:
28:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:29:71:1C:07:2F:DF:18:6A:65:D0:09:CC:C4:82:4D:BD:87:DF:A9
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/E0CFAE5C34AE11F1B4DF39B0CE1D38B0.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.86.0.0/24
Signature Algorithm: sha256WithRSAEncryption
61:77:6b:c6:81:17:17:96:b1:9e:14:a7:61:21:db:94:25:7b:
e0:de:b1:85:43:95:bc:ea:ee:88:81:34:be:30:dd:83:5e:7f:
10:27:a0:a4:2d:2d:e1:3d:b1:9c:b4:53:c8:bf:e6:94:cc:eb:
07:2f:86:3b:52:b8:cd:93:62:c9:38:95:c9:d0:84:99:c3:99:
04:a8:0e:90:0e:a7:eb:92:7f:a8:a7:1c:74:a6:fb:2a:f1:83:
6f:66:0d:35:7d:9c:4f:08:55:8f:f7:d4:dc:cd:97:5e:5c:6d:
8b:42:7d:c6:29:34:e5:7f:d7:97:3e:fa:b3:c8:7c:4b:51:36:
ad:15:71:f4:87:ba:c1:61:98:88:49:d8:ec:67:2d:85:ec:50:
d9:f1:1e:b8:99:06:a2:71:45:f6:5a:7b:7b:d6:05:fe:bd:ce:
66:e8:c5:99:b1:66:e6:e3:6d:48:dc:fa:db:e7:a4:85:ca:71:
fe:02:c9:b8:a9:61:3a:74:7d:90:a5:1b:29:b5:a5:09:23:54:
fd:ff:db:5f:35:a7:a9:67:74:53:f7:8a:f3:80:5b:ba:82:19:
50:d9:71:f3:6c:1b:7f:aa:a4:c8:5a:82:17:3f:b3:32:b7:cd:
40:1a:95:02:a3:e3:98:83:4a:df:33:9e:03:50:e4:ea:ee:b7:
c9:79:c5:6d
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAcRZMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjYwNDEwMDcyODI4WhcNMjYwNTEwMDcyODI4WjAYMRYw
FAYDVQQDEw02OWQ4YTZhMS1kZDdkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAyo7UMTHj/AO/2vrrdFXjah9imvw19p+VLZ37X5/U1ztduwxm0fW8lz+q
ue7buflyBoHd0a86ZHNedULP9GlaIUgrUxkxocQvQDgQnM2UoS/5iVE738rWVV6v
lpha9YpV/I2pff4arX/6rdJLV6/y6qGswNsYom+22sA7x0lwXVPB3oXpUFKoDMrD
lIDLza7q9Z/IuAvIXirZ2CBkykfDp4RZ5yBlBRE7ZH7lmfeg+20ZW165ElOIs6Gj
TC0zixen8GE4lPgTuFaqXOVS114jjJ72e+6UgA0Q7OxpKLSyai10KUXzJAMcq5Uz
ZXc1lPdcOnWF85maBC2l3lOIluIo5QIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFNUp
cRwHL98YamXQCczEgk29h9+pMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9FMENGQUU1QzM0QUUxMUYxQjRERjM5QjBDRTFEMzhCMC5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmlYAMA0GCSqGSIb3DQEB
CwUAA4IBAQBhd2vGgRcXlrGeFKdhIduUJXvg3rGFQ5W86u6IgTS+MN2DXn8QJ6Ck
LS3hPbGctFPIv+aUzOsHL4Y7UrjNk2LJOJXJ0ISZw5kEqA6QDqfrkn+opxx0pvsq
8YNvZg01fZxPCFWP99TczZdeXG2LQn3GKTTlf9eXPvqzyHxLUTatFXH0h7rBYZiI
SdjsZy2F7FDZ8R64mQaicUX2Wnt71gX+vc5m6MWZsWbm421I3Prb56SFynH+Asm4
qWE6dH2QpRsptaUJI1T9/9tfNaepZ3RT94rzgFu6ghlQ2XHzbBt/qqTIWoIXP7My
t81AGpUCo+OYg0rfM54DUOTq7rfJecVt
-----END CERTIFICATE-----
Generated at Fri Apr 17 16:28:29 2026 by rpki-client