Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/E2BE0C72365C11F18919C1F1CE1D38B0.roa
File: E2BE0C72365C11F18919C1F1CE1D38B0.roa (raw, json)
Hash identifier: dP2CAXNXv1gEjijBkAymI28nQBAee2pVk4xQfX2ox/0=
Subject key identifier: BB:71:C6:EB:D5:7C:26:1A:F2:DC:49:25:41:60:EB:4E:80:11:3A:D1
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01C4BA
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/E2BE0C72365C11F18919C1F1CE1D38B0.roa
Signing time: Sun 12 Apr 2026 10:46:40 +0000
ROA not before: Sun 12 Apr 2026 10:46:35 +0000
ROA not after: Thu 12 Apr 2029 10:46:35 +0000
asID: 17561
IP address blocks: 154.214.133.0/24 maxlen: 24
154.214.134.0/24 maxlen: 24
154.214.135.0/24 maxlen: 24
154.214.136.0/24 maxlen: 24
154.214.137.0/24 maxlen: 24
154.214.138.0/24 maxlen: 24
154.214.139.0/24 maxlen: 24
154.221.67.0/24 maxlen: 24
154.221.68.0/24 maxlen: 24
154.221.69.0/24 maxlen: 24
154.221.70.0/24 maxlen: 24
154.221.71.0/24 maxlen: 24
154.221.72.0/24 maxlen: 24
154.221.73.0/24 maxlen: 24
154.221.74.0/24 maxlen: 24
154.221.75.0/24 maxlen: 24
154.221.76.0/24 maxlen: 24
154.221.77.0/24 maxlen: 24
154.221.78.0/24 maxlen: 24
154.221.79.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 19 Apr 2026 00:07:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 115898 (0x1c4ba)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Apr 12 10:46:35 2026 GMT
Not After : Apr 12 10:46:35 2029 GMT
Subject: CN=69db7810-45d0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:f3:4a:69:b6:77:3f:fa:a7:90:10:a1:40:82:
d3:eb:be:4f:f0:66:b4:18:cf:b0:69:58:e4:f4:82:
cd:66:ea:13:3e:3e:fd:0a:fa:f5:d7:57:a3:7c:51:
5a:62:03:ed:88:25:76:f0:da:05:f8:7c:52:e2:5f:
c5:cc:e9:9a:6c:e1:81:aa:fd:b3:78:0f:37:16:32:
ef:aa:66:c0:b6:62:bd:b4:fa:0b:b0:bf:fd:5e:bd:
08:78:89:c1:2c:da:64:99:8a:43:e3:81:22:ad:7e:
68:7a:3d:1f:0f:71:ec:33:77:f9:1e:51:a9:f5:2e:
4e:20:20:eb:b4:8d:1b:d5:ca:49:35:f4:5c:6f:d3:
19:bb:7d:f1:be:f0:4b:44:17:e5:55:43:a5:e9:03:
6a:23:31:9f:b1:93:e2:5c:07:1a:5b:2f:9f:a6:74:
48:23:a8:52:89:8e:7a:ea:10:37:72:f6:95:56:57:
31:d5:16:76:c2:f3:f6:12:fa:2b:0c:f8:f9:20:9f:
87:16:c8:de:dd:f4:d8:6d:99:88:7c:53:8f:da:e2:
be:61:28:a7:e1:08:6a:c8:b6:17:74:cb:34:87:ab:
3f:b5:0b:51:33:23:3e:0f:62:69:66:32:e5:26:3e:
5c:fc:e5:d2:44:bc:d5:52:c9:23:41:65:4b:82:e6:
72:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:71:C6:EB:D5:7C:26:1A:F2:DC:49:25:41:60:EB:4E:80:11:3A:D1
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/E2BE0C72365C11F18919C1F1CE1D38B0.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.214.133.0-154.214.139.255
154.221.67.0-154.221.79.255
Signature Algorithm: sha256WithRSAEncryption
30:4a:f3:d4:76:98:99:4d:ab:74:dc:00:42:cc:67:cd:2b:e9:
fe:0a:a4:10:41:d2:9b:e4:7f:b7:fd:d0:fb:3a:4e:ac:45:26:
df:84:a4:87:a3:59:bf:fa:ab:b0:d0:2d:7e:dd:e5:42:5e:6d:
2c:d4:57:73:fa:97:a8:f0:6e:e1:cf:b1:aa:66:6e:53:b1:6b:
57:e5:d9:3d:2b:15:ff:f8:bd:b6:8e:12:80:8d:33:a4:92:73:
fa:4a:f1:a9:78:3f:88:ca:ca:39:1e:87:38:a7:6b:f6:34:d5:
e5:06:b0:76:f1:66:ac:43:90:d2:03:36:91:6b:55:20:52:94:
bc:0c:4e:b8:3f:04:f2:28:f5:9d:80:ed:8c:77:db:63:44:8e:
87:a8:03:f5:e4:d3:a0:0f:93:4a:80:3d:f9:96:3b:9a:a2:1e:
17:00:7d:1a:54:bf:9a:a6:c5:b6:a5:e0:49:d4:d2:dd:13:b3:
b6:6b:15:10:08:38:24:f2:e4:d8:12:d0:f0:a3:8b:15:af:31:
20:1a:fd:b2:1e:10:9b:6d:1f:ba:24:3d:34:fa:4e:37:cd:45:
cf:b1:b4:b2:4a:6c:a5:fd:89:b7:ce:f9:8d:87:4b:90:95:91:
68:43:79:30:58:64:a7:87:57:60:10:f3:b1:fd:4d:5c:5c:a0:
f8:b0:fa:c4
-----BEGIN CERTIFICATE-----
MIIFmjCCBIKgAwIBAgIDAcS6MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjYwNDEyMTA0NjM1WhcNMjkwNDEyMTA0NjM1WjAYMRYw
FAYDVQQDEw02OWRiNzgxMC00NWQwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAuPNKabZ3P/qnkBChQILT675P8Ga0GM+waVjk9ILNZuoTPj79Cvr111ej
fFFaYgPtiCV28NoF+HxS4l/FzOmabOGBqv2zeA83FjLvqmbAtmK9tPoLsL/9Xr0I
eInBLNpkmYpD44EirX5oej0fD3HsM3f5HlGp9S5OICDrtI0b1cpJNfRcb9MZu33x
vvBLRBflVUOl6QNqIzGfsZPiXAcaWy+fpnRII6hSiY566hA3cvaVVlcx1RZ2wvP2
EvorDPj5IJ+HFsje3fTYbZmIfFOP2uK+YSin4QhqyLYXdMs0h6s/tQtRMyM+D2Jp
ZjLlJj5c/OXSRLzVUskjQWVLguZyEwIDAQABo4ICuzCCArcwHQYDVR0OBBYEFLtx
xuvVfCYa8txJJUFg606AETrRMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9FMkJFMEM3MjM2NUMxMUYxODkxOUMxRjFDRTFEMzhCMC5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMDUGCCsGAQUFBwEHAQH/BCYwJDAiBAIAATAcMAwDBACa1oUDBAKa1ogwDAME
AJrdQwMEBJrdQDANBgkqhkiG9w0BAQsFAAOCAQEAMErz1HaYmU2rdNwAQsxnzSvp
/gqkEEHSm+R/t/3Q+zpOrEUm34Skh6NZv/qrsNAtft3lQl5tLNRXc/qXqPBu4c+x
qmZuU7FrV+XZPSsV//i9to4SgI0zpJJz+krxqXg/iMrKOR6HOKdr9jTV5QawdvFm
rEOQ0gM2kWtVIFKUvAxOuD8E8ij1nYDtjHfbY0SOh6gD9eTToA+TSoA9+ZY7mqIe
FwB9GlS/mqbFtqXgSdTS3ROztmsVEAg4JPLk2BLQ8KOLFa8xIBr9sh4Qm20fuiQ9
NPpON81Fz7G0skpspf2Jt875jYdLkJWRaEN5MFhkp4dXYBDzsf1NXFyg+LD6xA==
-----END CERTIFICATE-----
Generated at Fri Apr 17 15:07:58 2026 by rpki-client