Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/EBBA23E8343A11F198D44C04CF1D38B0.roa
File: EBBA23E8343A11F198D44C04CF1D38B0.roa (raw, json)
Hash identifier: on3aqzfmAL7x2Erw1lSGIEQMtMCMvbdKFyysRB31pSk=
Subject key identifier: 3F:BA:98:CC:4A:67:C1:5C:EA:14:50:2A:4B:23:06:B8:D4:BB:6C:E7
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01C42A
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/EBBA23E8343A11F198D44C04CF1D38B0.roa
Signing time: Thu 09 Apr 2026 17:38:30 +0000
ROA not before: Thu 09 Apr 2026 17:38:07 +0000
ROA not after: Mon 09 Apr 2029 17:38:07 +0000
asID: 17561
IP address blocks: 154.86.254.0/24 maxlen: 24
154.86.255.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 19 Apr 2026 14:01:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 115754 (0x1c42a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Apr 9 17:38:07 2026 GMT
Not After : Apr 9 17:38:07 2029 GMT
Subject: CN=69d7e415-3c94
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:1e:5a:4e:4c:96:02:dd:93:65:12:ab:2a:85:
43:9a:26:09:8f:56:f8:00:1c:6f:36:fe:6a:86:5a:
16:12:a8:10:03:78:7f:39:b6:30:be:86:e5:6d:64:
64:9d:be:af:bf:83:0c:43:e4:2a:c0:48:2e:97:8b:
3d:fb:be:a8:9d:8a:af:4e:8a:cc:e5:d3:47:bb:6e:
25:e0:62:38:4c:6c:af:eb:3c:52:0f:c3:b1:63:dd:
f8:85:75:5b:e1:a3:b9:0e:b8:b3:25:38:d3:e4:6d:
0e:b2:57:bc:14:df:1a:78:a2:a9:a8:cd:f6:df:6c:
f5:7d:e0:c5:f4:f4:1c:a1:16:2b:61:97:69:a8:cd:
2b:dd:52:30:63:3c:1d:69:61:a9:fd:48:45:24:c3:
24:20:e6:a5:5c:6f:98:84:50:f8:57:81:61:f9:11:
44:d1:20:7d:98:ee:17:98:6a:d6:6d:af:c6:8c:ad:
e9:a5:3f:2d:2c:78:b5:96:49:57:dd:0b:1f:b9:1e:
5a:d9:0e:81:78:28:26:b1:fc:15:d7:76:5c:44:e2:
d5:0f:97:33:1f:1f:41:37:cc:6a:c6:e0:69:1e:71:
be:30:bb:5e:a8:66:a4:15:13:fa:91:08:b2:3d:c1:
9b:2e:8a:84:3a:4e:22:72:7a:71:e7:c4:83:2b:81:
7d:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:BA:98:CC:4A:67:C1:5C:EA:14:50:2A:4B:23:06:B8:D4:BB:6C:E7
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/EBBA23E8343A11F198D44C04CF1D38B0.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.86.254.0/23
Signature Algorithm: sha256WithRSAEncryption
1b:90:f8:81:99:f2:6b:cc:42:45:2a:c5:89:c2:23:45:e8:c2:
47:7a:81:d1:65:6d:47:1d:00:11:84:c7:58:7f:1b:70:e0:72:
ac:10:fb:67:9c:fd:42:86:a3:36:e1:fd:4a:62:40:9d:41:fa:
f8:d1:68:6a:69:f8:85:c7:62:92:ef:e9:24:af:1d:55:3f:c1:
d1:2b:e0:08:40:c4:28:1e:df:56:d5:db:a8:40:63:7f:a5:d0:
19:3e:f2:e5:b7:32:f2:d1:1b:63:fa:79:bf:a1:1b:43:ee:7d:
48:61:09:dd:69:a5:07:b2:0f:c9:fa:b2:f3:04:a3:a9:6a:80:
20:2b:f7:ef:79:e7:0a:f1:a2:77:3f:fa:ef:61:b1:be:56:50:
67:61:06:4b:f2:1e:08:6a:4f:d4:1f:33:fa:12:90:65:6c:35:
ed:7d:66:c5:e6:3f:76:47:7a:24:54:02:b4:19:f1:5b:b2:87:
5b:31:79:cb:a9:3e:fa:1d:2d:58:e7:cb:f9:48:64:3e:c5:5a:
27:28:6d:cd:35:65:f2:33:24:41:74:3a:f5:35:2b:55:96:98:
5b:67:5c:76:1b:6c:86:ab:71:53:cc:d7:a8:3d:c3:5a:dd:ce:
c0:41:53:58:7c:64:bc:dd:e2:2e:85:13:4b:33:08:88:42:7f:
90:f6:78:31
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAcQqMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjYwNDA5MTczODA3WhcNMjkwNDA5MTczODA3WjAYMRYw
FAYDVQQDEw02OWQ3ZTQxNS0zYzk0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAxR5aTkyWAt2TZRKrKoVDmiYJj1b4ABxvNv5qhloWEqgQA3h/ObYwvobl
bWRknb6vv4MMQ+QqwEgul4s9+76onYqvTorM5dNHu24l4GI4TGyv6zxSD8OxY934
hXVb4aO5DrizJTjT5G0Osle8FN8aeKKpqM3232z1feDF9PQcoRYrYZdpqM0r3VIw
YzwdaWGp/UhFJMMkIOalXG+YhFD4V4Fh+RFE0SB9mO4XmGrWba/GjK3ppT8tLHi1
lklX3QsfuR5a2Q6BeCgmsfwV13ZcROLVD5czHx9BN8xqxuBpHnG+MLteqGakFRP6
kQiyPcGbLoqEOk4icnpx58SDK4F9BQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFD+6
mMxKZ8Fc6hRQKksjBrjUu2znMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9FQkJBMjNFODM0M0ExMUYxOThENDRDMDRDRjFEMzhCMC5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBmlb+MA0GCSqGSIb3DQEB
CwUAA4IBAQAbkPiBmfJrzEJFKsWJwiNF6MJHeoHRZW1HHQARhMdYfxtw4HKsEPtn
nP1ChqM24f1KYkCdQfr40WhqafiFx2KS7+kkrx1VP8HRK+AIQMQoHt9W1duoQGN/
pdAZPvLltzLy0Rtj+nm/oRtD7n1IYQndaaUHsg/J+rLzBKOpaoAgK/fveecK8aJ3
P/rvYbG+VlBnYQZL8h4Iak/UHzP6EpBlbDXtfWbF5j92R3okVAK0GfFbsodbMXnL
qT76HS1Y58v5SGQ+xVonKG3NNWXyMyRBdDr1NStVlphbZ1x2G2yGq3FTzNeoPcNa
3c7AQVNYfGS83eIuhRNLMwiIQn+Q9ngx
-----END CERTIFICATE-----
Generated at Fri Apr 17 17:20:22 2026 by rpki-client