Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/F2C87D68364911F1822ED501CF1D38B0.roa
File: F2C87D68364911F1822ED501CF1D38B0.roa (raw, json)
Hash identifier: 4DdFrjFutMzho0sM4Lhnktyl0NA8050aZLAJ66ZgaVg=
Subject key identifier: 94:C9:8D:CA:F0:92:E4:53:7E:4C:96:39:BE:EF:AF:2F:C3:F4:39:7B
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01C4AE
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/F2C87D68364911F1822ED501CF1D38B0.roa
Signing time: Sun 12 Apr 2026 08:31:06 +0000
ROA not before: Sun 12 Apr 2026 08:31:01 +0000
ROA not after: Thu 12 Apr 2029 08:31:01 +0000
asID: 17561
IP address blocks: 154.208.192.0/24 maxlen: 24
154.214.173.0/24 maxlen: 24
154.214.174.0/24 maxlen: 24
154.214.175.0/24 maxlen: 24
154.214.176.0/24 maxlen: 24
154.214.177.0/24 maxlen: 24
154.214.178.0/24 maxlen: 24
154.214.179.0/24 maxlen: 24
154.214.180.0/24 maxlen: 24
154.214.181.0/24 maxlen: 24
154.214.182.0/24 maxlen: 24
154.214.183.0/24 maxlen: 24
154.214.184.0/24 maxlen: 24
154.214.185.0/24 maxlen: 24
154.214.186.0/24 maxlen: 24
154.214.187.0/24 maxlen: 24
154.214.188.0/24 maxlen: 24
154.214.189.0/24 maxlen: 24
154.214.190.0/24 maxlen: 24
154.214.191.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 19 Apr 2026 14:01:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 115886 (0x1c4ae)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Apr 12 08:31:01 2026 GMT
Not After : Apr 12 08:31:01 2029 GMT
Subject: CN=69db584a-b580
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:43:74:af:1c:1e:63:fe:7c:a1:3d:ad:ae:ac:
66:86:08:31:80:b3:9d:d5:7e:0c:0d:9a:96:69:9c:
5d:8f:34:e2:e4:4a:6d:4a:11:ac:4d:d9:59:94:45:
f3:c4:1e:61:af:df:d3:3b:15:b0:48:4d:69:8a:0d:
f7:7c:d0:6d:db:fc:6f:8b:35:e5:a1:41:0c:8a:3e:
bc:b4:51:48:aa:b6:09:55:1d:e1:e3:3b:5d:05:4d:
22:b4:13:fa:6f:71:1f:3f:fd:df:14:d3:e6:4f:95:
e0:71:25:ea:7d:02:87:90:14:6e:8d:2f:81:6d:ec:
ee:5e:50:b9:2b:ec:1b:95:ab:71:7e:4f:bf:f6:f2:
37:f2:b4:35:73:3a:3b:70:fb:47:57:13:71:26:63:
e8:bd:7f:fd:0f:33:c6:25:47:0c:3e:27:e4:f8:eb:
8e:fb:ea:6b:4b:a1:07:81:5c:b4:b6:42:4b:80:4c:
f2:a5:f8:95:76:2b:6d:7c:1c:38:1d:67:1d:30:a6:
1c:46:94:c5:83:69:70:c4:e2:41:82:b9:46:33:0d:
ad:78:6f:f4:9f:fa:9a:f2:73:eb:e0:b9:f5:07:d5:
da:6c:b9:75:72:fa:ed:13:fa:d3:7f:62:23:fd:25:
0a:96:54:98:cc:ac:94:88:16:68:c2:86:38:bc:11:
a1:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:C9:8D:CA:F0:92:E4:53:7E:4C:96:39:BE:EF:AF:2F:C3:F4:39:7B
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/F2C87D68364911F1822ED501CF1D38B0.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.208.192.0/24
154.214.173.0-154.214.191.255
Signature Algorithm: sha256WithRSAEncryption
1d:36:5b:3b:0b:1c:23:35:f4:ec:01:99:64:ff:ff:35:3f:7b:
53:53:7f:83:60:18:b3:7a:f8:a4:37:fc:b9:ac:8a:64:fa:d8:
9f:0e:6a:e2:ce:67:3e:ee:fc:fd:7c:a4:e7:49:b0:0f:77:50:
0e:bd:8d:ac:2b:43:11:20:f1:66:94:a1:ba:46:1f:d7:af:a9:
ee:ae:8d:59:f0:4f:6e:3d:4a:30:fa:7d:35:74:1d:d2:a2:2e:
1e:93:8f:f6:42:41:a1:bb:94:15:ed:37:32:d8:25:fd:a9:46:
7d:1b:aa:3a:47:c3:13:0b:c7:06:60:51:16:52:d4:5f:73:76:
56:b6:df:79:f4:df:37:40:a0:b0:4d:0e:78:65:10:c0:e3:8b:
82:75:c7:24:06:d1:74:10:ea:62:23:2f:23:45:46:d0:4f:43:
90:05:32:23:35:df:57:4c:47:ae:65:95:90:72:94:b5:f8:69:
d8:00:aa:de:fc:95:87:e2:82:cc:04:01:35:6f:7f:27:f2:f5:
0e:45:7e:60:1c:19:80:a6:d7:90:8a:52:8d:7b:5e:fa:a2:fd:
15:89:d9:15:19:1d:5c:34:4f:e8:78:26:b1:43:c2:7a:39:9e:
0e:92:d7:35:1c:78:d6:65:0f:dd:f9:69:fd:f0:d7:77:2b:8f:
e8:5c:43:a4
-----BEGIN CERTIFICATE-----
MIIFkjCCBHqgAwIBAgIDAcSuMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjYwNDEyMDgzMTAxWhcNMjkwNDEyMDgzMTAxWjAYMRYw
FAYDVQQDEw02OWRiNTg0YS1iNTgwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAs0N0rxweY/58oT2trqxmhggxgLOd1X4MDZqWaZxdjzTi5EptShGsTdlZ
lEXzxB5hr9/TOxWwSE1pig33fNBt2/xvizXloUEMij68tFFIqrYJVR3h4ztdBU0i
tBP6b3EfP/3fFNPmT5XgcSXqfQKHkBRujS+BbezuXlC5K+wblatxfk+/9vI38rQ1
czo7cPtHVxNxJmPovX/9DzPGJUcMPifk+OuO++prS6EHgVy0tkJLgEzypfiVditt
fBw4HWcdMKYcRpTFg2lwxOJBgrlGMw2teG/0n/qa8nPr4Ln1B9XabLl1cvrtE/rT
f2Ij/SUKllSYzKyUiBZowoY4vBGh+QIDAQABo4ICszCCAq8wHQYDVR0OBBYEFJTJ
jcrwkuRTfkyWOb7vry/D9Dl7MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9GMkM4N0Q2ODM2NDkxMUYxODIyRUQ1MDFDRjFEMzhCMC5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQAmtDAMAwDBACa1q0DBAaa
1oAwDQYJKoZIhvcNAQELBQADggEBAB02WzsLHCM19OwBmWT//zU/e1NTf4NgGLN6
+KQ3/LmsimT62J8OauLOZz7u/P18pOdJsA93UA69jawrQxEg8WaUobpGH9evqe6u
jVnwT249SjD6fTV0HdKiLh6Tj/ZCQaG7lBXtNzLYJf2pRn0bqjpHwxMLxwZgURZS
1F9zdla233n03zdAoLBNDnhlEMDji4J1xyQG0XQQ6mIjLyNFRtBPQ5AFMiM131dM
R65llZBylLX4adgAqt78lYfigswEATVvfyfy9Q5FfmAcGYCm15CKUo17Xvqi/RWJ
2RUZHVw0T+h4JrFDwno5ng6S1zUceNZlD935af3w13crj+hcQ6Q=
-----END CERTIFICATE-----
Generated at Fri Apr 17 16:28:36 2026 by rpki-client