Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/E909D2D2357B11F1A0E7AE15CF1D38B0.roa
File: E909D2D2357B11F1A0E7AE15CF1D38B0.roa (raw, json)
Hash identifier: hxM30n+UVjn0h5XvotY065UuuU8tZylCbKISFujXeCQ=
Subject key identifier: CA:85:C5:9E:9E:3D:33:FC:7D:1B:27:2F:5D:CE:6F:3F:1F:71:0F:A4
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01C491
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/E909D2D2357B11F1A0E7AE15CF1D38B0.roa
Signing time: Sat 11 Apr 2026 07:56:13 +0000
ROA not before: Sat 11 Apr 2026 07:54:46 +0000
ROA not after: Fri 01 May 2026 07:54:46 +0000
asID: 61461
IP address blocks: 154.216.192.0/18 maxlen: 24
154.218.192.0/18 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 19 Apr 2026 16:08:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 115857 (0x1c491)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Apr 11 07:54:46 2026 GMT
Not After : May 1 07:54:46 2026 GMT
Subject: CN=69d9fe9d-ecd9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:01:30:cb:63:cd:8b:8d:30:ec:3f:3f:93:73:
a6:d2:9b:64:cb:7b:21:56:9b:55:5f:2f:a0:f3:88:
e7:68:e0:a3:5d:64:12:d4:3b:46:be:9f:a4:2c:70:
fd:3c:78:f6:47:15:a8:44:75:a6:bd:ee:e2:68:f5:
52:29:c8:4d:56:98:f6:ad:2a:8c:da:18:25:87:72:
95:12:b8:bd:9e:0f:33:4d:79:19:14:4e:b3:e4:f3:
ca:de:3a:82:d5:d5:22:f1:a5:6e:84:a7:62:e6:01:
94:00:7d:d0:c3:51:be:2c:47:cb:84:65:da:43:f5:
52:5e:e1:1a:0d:13:4a:d0:d9:c6:ae:b3:d2:5d:ed:
01:f4:72:fb:b1:e5:06:12:31:8e:b8:69:36:56:d8:
d6:4f:86:e3:ff:98:ab:99:b9:3f:02:13:75:61:37:
23:00:c1:ab:24:7f:39:52:fe:7e:bb:46:23:31:95:
bb:52:72:5f:70:06:b6:d5:97:a5:ae:00:5f:c3:e5:
a3:bb:01:ca:e5:06:e1:f1:0e:38:ed:8d:fa:e6:7f:
08:be:11:cf:6a:09:06:ff:3f:9a:94:be:e3:a6:9f:
f7:26:8b:3b:d7:32:af:78:f9:6a:fe:5e:54:63:59:
2a:2c:bb:5a:fd:f2:8f:b2:d6:4b:71:00:ae:dd:59:
14:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:85:C5:9E:9E:3D:33:FC:7D:1B:27:2F:5D:CE:6F:3F:1F:71:0F:A4
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/E909D2D2357B11F1A0E7AE15CF1D38B0.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.216.192.0/18
154.218.192.0/18
Signature Algorithm: sha256WithRSAEncryption
87:20:19:4e:96:7a:38:f6:e3:69:ee:34:12:7b:e1:f6:2f:8d:
60:d3:b4:ed:db:01:5d:50:bf:b4:d8:35:67:88:63:d2:69:af:
ae:09:6e:90:a0:99:4b:a0:fd:72:dc:70:13:14:b2:5b:62:fe:
81:f4:61:fa:70:2d:ba:15:23:c5:69:d1:7a:aa:32:70:0d:03:
ba:95:62:3f:3f:f4:72:66:9b:2f:f5:e4:09:e3:ea:ba:c8:97:
f3:7c:c9:b6:16:14:c6:5e:23:0e:24:e9:54:d1:44:f9:38:b0:
43:2f:19:f2:81:19:ad:c0:cd:05:9f:54:cd:69:00:a8:3c:5e:
d3:fd:0d:99:aa:e8:1b:f0:7f:4d:1f:f6:f4:98:df:1b:e5:10:
18:9d:4e:e2:b8:9c:87:65:cd:51:b8:2c:c1:af:20:16:df:d5:
4a:ca:2c:bf:48:1e:85:40:9c:29:a4:00:f9:a7:86:2e:9e:64:
71:a5:92:e2:79:52:4f:7a:bd:e4:71:15:83:fc:61:6b:28:34:
3e:2d:88:d0:4b:95:82:8a:fc:92:c3:60:f2:57:08:d2:af:5b:
43:7d:33:89:82:27:b8:01:72:a2:d4:c4:f8:59:38:42:0d:5c:
af:2b:55:1e:b1:1c:02:f5:36:80:57:59:ee:01:9c:4b:65:af:
bd:e4:d9:24
-----BEGIN CERTIFICATE-----
MIIFijCCBHKgAwIBAgIDAcSRMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjYwNDExMDc1NDQ2WhcNMjYwNTAxMDc1NDQ2WjAYMRYw
FAYDVQQDEw02OWQ5ZmU5ZC1lY2Q5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA5AEwy2PNi40w7D8/k3Om0ptky3shVptVXy+g84jnaOCjXWQS1DtGvp+k
LHD9PHj2RxWoRHWmve7iaPVSKchNVpj2rSqM2hglh3KVEri9ng8zTXkZFE6z5PPK
3jqC1dUi8aVuhKdi5gGUAH3Qw1G+LEfLhGXaQ/VSXuEaDRNK0NnGrrPSXe0B9HL7
seUGEjGOuGk2VtjWT4bj/5irmbk/AhN1YTcjAMGrJH85Uv5+u0YjMZW7UnJfcAa2
1ZelrgBfw+WjuwHK5Qbh8Q447Y365n8IvhHPagkG/z+alL7jpp/3Jos71zKvePlq
/l5UY1kqLLta/fKPstZLcQCu3VkU8QIDAQABo4ICqzCCAqcwHQYDVR0OBBYEFMqF
xZ6ePTP8fRsnL13Obz8fcQ+kMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9FOTA5RDJEMjM1N0IxMUYxQTBFN0FFMTVDRjFEMzhCMC5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQGmtjAAwQGmtrAMA0GCSqG
SIb3DQEBCwUAA4IBAQCHIBlOlno49uNp7jQSe+H2L41g07Tt2wFdUL+02DVniGPS
aa+uCW6QoJlLoP1y3HATFLJbYv6B9GH6cC26FSPFadF6qjJwDQO6lWI/P/RyZpsv
9eQJ4+q6yJfzfMm2FhTGXiMOJOlU0UT5OLBDLxnygRmtwM0Fn1TNaQCoPF7T/Q2Z
qugb8H9NH/b0mN8b5RAYnU7iuJyHZc1RuCzBryAW39VKyiy/SB6FQJwppAD5p4Yu
nmRxpZLieVJPer3kcRWD/GFrKDQ+LYjQS5WCivySw2DyVwjSr1tDfTOJgie4AXKi
1MT4WThCDVyvK1UesRwC9TaAV1nuAZxLZa+95Nkk
-----END CERTIFICATE-----
Generated at Sat Apr 18 01:20:37 2026 by rpki-client