Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/E22EF318364611F1930673EECE1D38B0.roa
File: E22EF318364611F1930673EECE1D38B0.roa (raw, json)
Hash identifier: zf1eJMglBL9OmgUDpfyI7QKQlLbivi4xU4TnyJPM/Yc=
Subject key identifier: EC:94:74:00:8C:BC:7C:96:C6:CE:4E:06:61:05:98:B8:98:88:CA:79
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01C4A8
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/E22EF318364611F1930673EECE1D38B0.roa
Signing time: Sun 12 Apr 2026 08:09:10 +0000
ROA not before: Sun 12 Apr 2026 08:09:05 +0000
ROA not after: Thu 12 Apr 2029 08:09:05 +0000
asID: 17561
IP address blocks: 154.198.56.0/24 maxlen: 24
154.198.57.0/24 maxlen: 24
154.198.58.0/24 maxlen: 24
154.198.59.0/24 maxlen: 24
154.198.60.0/24 maxlen: 24
154.198.61.0/24 maxlen: 24
154.198.62.0/24 maxlen: 24
154.214.128.0/24 maxlen: 24
154.214.129.0/24 maxlen: 24
154.214.130.0/24 maxlen: 24
154.214.131.0/24 maxlen: 24
154.214.132.0/24 maxlen: 24
154.221.120.0/24 maxlen: 24
154.221.121.0/24 maxlen: 24
154.221.122.0/24 maxlen: 24
154.221.123.0/24 maxlen: 24
154.221.124.0/24 maxlen: 24
154.221.125.0/24 maxlen: 24
154.221.126.0/24 maxlen: 24
154.221.127.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 19 Apr 2026 15:47:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 115880 (0x1c4a8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Apr 12 08:09:05 2026 GMT
Not After : Apr 12 08:09:05 2029 GMT
Subject: CN=69db5326-8c94
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:49:57:cb:19:79:0f:0b:51:87:12:79:a3:09:
ea:93:58:36:fe:12:a1:de:7b:61:3a:31:8f:07:c3:
db:10:12:24:22:35:32:79:94:12:fb:4b:ee:ef:fc:
74:fe:ef:da:88:0f:d5:b6:d6:b9:c1:b3:07:d4:a1:
c6:d1:37:2e:2c:aa:86:b5:2f:1f:50:f1:46:2e:96:
97:46:a7:93:d4:a1:e2:cc:06:76:e1:46:ed:f6:48:
a4:72:c9:98:aa:99:95:89:65:44:5c:af:bc:2b:d8:
9d:3b:89:7a:5c:3b:ac:e8:d4:07:1e:12:ba:f0:25:
fb:66:48:88:d3:d1:30:49:a8:ff:1a:79:27:dd:7a:
47:87:61:82:d4:3f:e5:30:0d:1f:d1:d3:56:ea:eb:
34:5e:42:61:d4:82:0c:fb:54:a5:e5:d3:38:1f:4c:
45:76:03:a4:b6:6b:85:aa:c4:bc:44:89:90:ad:c5:
7f:d9:4b:1a:fa:68:9c:15:80:78:ec:5f:ec:f3:b9:
8f:66:d3:da:8f:1e:0e:28:cb:7a:00:88:85:9b:d7:
c3:4a:00:43:95:9a:aa:f4:4e:3f:6d:d8:b4:46:4d:
ac:31:e2:c9:1e:f9:55:45:1b:35:45:e6:ed:34:5d:
60:f4:10:fd:41:0d:05:f3:42:db:1a:ab:72:c4:26:
a8:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:94:74:00:8C:BC:7C:96:C6:CE:4E:06:61:05:98:B8:98:88:CA:79
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/E22EF318364611F1930673EECE1D38B0.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.198.56.0-154.198.62.255
154.214.128.0-154.214.132.255
154.221.120.0/21
Signature Algorithm: sha256WithRSAEncryption
17:c6:cd:cf:b4:79:c1:a4:f6:53:6b:a6:32:9b:8d:be:f2:1b:
e4:d1:9f:b5:08:4f:66:d2:6a:78:36:d1:d7:ca:ae:2d:fb:f3:
8c:c5:1c:e8:57:f3:19:3b:44:02:9b:4e:32:d6:59:19:74:61:
06:e8:e6:01:ef:3e:d9:dc:5c:11:a6:4f:ba:8c:a7:bc:db:91:
d1:07:3d:a0:92:ca:72:77:61:53:f5:6c:d0:3f:c6:9c:b0:8b:
7d:28:22:e5:ce:09:25:fd:8a:45:48:9c:51:1e:b4:23:bb:3f:
14:a4:d4:97:83:93:d5:c2:33:44:fa:1b:86:12:72:02:29:6d:
44:49:48:24:14:3d:79:a2:f4:55:8d:c7:30:f0:89:67:d0:38:
b4:76:ba:b2:16:85:d0:cf:f4:10:78:14:f1:90:55:e7:63:d6:
ac:27:de:62:19:d8:32:b9:2a:a4:ab:c2:ee:68:30:0a:ea:18:
f4:14:e8:20:85:38:18:2e:ca:b6:58:46:0e:ab:65:1d:70:be:
d4:8f:83:1b:3a:6e:2d:6a:e6:13:12:56:1d:98:98:bd:23:7d:
17:2e:b2:7d:f7:ff:a5:77:83:40:d8:70:a9:81:1d:9f:41:25:
b2:c4:ef:49:e3:56:d2:d6:54:3b:58:99:59:77:f5:c2:86:e2:
a2:9f:0d:91
-----BEGIN CERTIFICATE-----
MIIFoDCCBIigAwIBAgIDAcSoMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjYwNDEyMDgwOTA1WhcNMjkwNDEyMDgwOTA1WjAYMRYw
FAYDVQQDEw02OWRiNTMyNi04Yzk0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAtklXyxl5DwtRhxJ5ownqk1g2/hKh3nthOjGPB8PbEBIkIjUyeZQS+0vu
7/x0/u/aiA/Vtta5wbMH1KHG0TcuLKqGtS8fUPFGLpaXRqeT1KHizAZ24Ubt9kik
csmYqpmViWVEXK+8K9idO4l6XDus6NQHHhK68CX7ZkiI09EwSaj/Gnkn3XpHh2GC
1D/lMA0f0dNW6us0XkJh1IIM+1Sl5dM4H0xFdgOktmuFqsS8RImQrcV/2Usa+mic
FYB47F/s87mPZtPajx4OKMt6AIiFm9fDSgBDlZqq9E4/bdi0Rk2sMeLJHvlVRRs1
RebtNF1g9BD9QQ0F80LbGqtyxCaoNQIDAQABo4ICwTCCAr0wHQYDVR0OBBYEFOyU
dACMvHyWxs5OBmEFmLiYiMp5MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9FMjJFRjMxODM2NDYxMUYxOTMwNjczRUVDRTFEMzhCMC5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMDsGCCsGAQUFBwEHAQH/BCwwKjAoBAIAATAiMAwDBAOaxjgDBACaxj4wDAME
B5rWgAMEAJrWhAMEA5rdeDANBgkqhkiG9w0BAQsFAAOCAQEAF8bNz7R5waT2U2um
MpuNvvIb5NGftQhPZtJqeDbR18quLfvzjMUc6FfzGTtEAptOMtZZGXRhBujmAe8+
2dxcEaZPuoynvNuR0Qc9oJLKcndhU/Vs0D/GnLCLfSgi5c4JJf2KRUicUR60I7s/
FKTUl4OT1cIzRPobhhJyAiltRElIJBQ9eaL0VY3HMPCJZ9A4tHa6shaF0M/0EHgU
8ZBV52PWrCfeYhnYMrkqpKvC7mgwCuoY9BToIIU4GC7KtlhGDqtlHXC+1I+DGzpu
LWrmExJWHZiYvSN9Fy6yfff/pXeDQNhwqYEdn0ElssTvSeNW0tZUO1iZWXf1wobi
op8NkQ==
-----END CERTIFICATE-----
Generated at Fri Apr 17 18:23:20 2026 by rpki-client