Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/174BC7384BA511F1A370FAD9CE1D38B0.roa
File: 174BC7384BA511F1A370FAD9CE1D38B0.roa (raw, json)
Hash identifier: 6b2yFYBtOkolda0+4U6gfGRCdEQimAbY7NyKO7pWR0E=
Subject key identifier: 1E:5E:FE:AB:71:D1:49:1B:85:17:02:97:4C:71:57:82:1A:8A:35:14
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01CAA4
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/174BC7384BA511F1A370FAD9CE1D38B0.roa
Signing time: Sat 09 May 2026 12:46:26 +0000
ROA not before: Sat 09 May 2026 12:46:21 +0000
ROA not after: Sun 21 Jun 2026 12:46:21 +0000
asID: 32043
IP address blocks: 154.91.143.0/24 maxlen: 24
154.91.171.0/24 maxlen: 24
154.91.200.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 15 May 2026 00:07:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 117412 (0x1caa4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: May 9 12:46:21 2026 GMT
Not After : Jun 21 12:46:21 2026 GMT
Subject: CN=69ff2ca2-0ffa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:ca:ed:e8:89:b4:f8:68:83:9b:fc:2c:21:b6:
28:99:0c:59:3e:71:74:74:3a:4b:22:ca:bc:55:9d:
20:d7:82:2b:d9:e9:fd:8b:62:f5:23:07:db:5e:79:
aa:3c:8a:5e:f0:7c:e6:06:b1:94:32:52:74:bb:6f:
8d:dc:d3:cb:fd:c2:80:09:ed:22:57:a4:f5:15:62:
b2:b7:db:77:ec:ed:fd:93:58:9f:a6:e9:ee:cc:c4:
ba:48:94:0e:8e:1e:0a:ea:d3:fd:6c:84:01:e2:a3:
f3:28:32:3b:71:9b:94:c8:37:58:2a:96:77:ae:5f:
c3:1d:5f:ba:c7:9a:50:ae:88:16:7c:29:ce:20:c0:
44:bc:a0:dc:5d:f5:05:b6:e5:41:95:38:f3:c2:55:
c8:18:31:d6:12:20:19:51:1b:e7:6a:4e:11:bf:1e:
54:33:a2:d8:d6:de:57:bc:83:9c:b1:43:18:4a:0d:
ca:4b:fa:a7:40:c7:26:dd:4b:c8:5e:1b:c2:50:07:
8d:03:83:39:8e:54:01:77:a6:8b:7d:71:2f:6e:d3:
bf:d2:e0:e3:97:e5:47:a5:81:22:1b:7d:3d:55:05:
fd:fe:9c:c2:26:75:0f:12:59:bb:ca:f3:de:fb:f1:
2f:3a:4c:84:fe:4b:53:cb:60:45:dd:73:d5:aa:22:
30:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:5E:FE:AB:71:D1:49:1B:85:17:02:97:4C:71:57:82:1A:8A:35:14
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/174BC7384BA511F1A370FAD9CE1D38B0.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.91.143.0/24
154.91.171.0/24
154.91.200.0/24
Signature Algorithm: sha256WithRSAEncryption
a7:97:e3:0e:15:39:28:ed:14:5a:fe:13:11:52:ed:6f:23:bf:
67:6a:ac:de:fb:d8:04:37:dd:68:35:09:60:3a:6f:09:d6:76:
0b:ec:9e:a9:32:f9:e3:33:e0:ab:11:54:1c:c7:bf:bd:1c:7f:
c9:7d:df:f2:f7:f0:dd:ff:70:f2:62:9f:df:cc:68:08:55:6c:
96:e2:92:2f:54:bf:92:83:df:b2:a2:93:85:44:d4:34:f9:ef:
9d:0f:73:18:31:7d:70:18:a4:5a:a2:f1:9a:9e:9e:61:3e:a1:
1b:be:3b:91:0a:69:8a:97:33:a4:72:6a:91:18:3a:62:8a:e5:
94:3f:ac:67:26:eb:b1:b4:69:e5:61:16:a4:fc:c2:d0:0a:c0:
c0:85:b6:e4:e3:b3:7d:8a:71:1c:d6:02:7a:2b:fa:b9:45:b9:
81:31:53:66:0d:e0:ce:16:28:c0:71:c8:95:cf:05:80:cd:00:
4e:3e:52:a7:3f:fe:fa:3e:c4:2f:80:46:28:ae:87:d2:47:79:
c6:7c:f7:41:0c:05:b2:e7:58:ce:0c:d1:fc:06:d2:ca:f9:f1:
92:f4:6c:be:cc:77:f5:b2:46:72:6e:4c:b3:00:f4:7b:87:f2:
86:6d:16:a6:3f:8e:ec:a4:57:28:fc:7b:fd:90:16:23:68:e9:
45:5e:2c:18
-----BEGIN CERTIFICATE-----
MIIFkDCCBHigAwIBAgIDAcqkMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjYwNTA5MTI0NjIxWhcNMjYwNjIxMTI0NjIxWjAYMRYw
FAYDVQQDEw02OWZmMmNhMi0wZmZhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEApcrt6Im0+GiDm/wsIbYomQxZPnF0dDpLIsq8VZ0g14Ir2en9i2L1Iwfb
XnmqPIpe8HzmBrGUMlJ0u2+N3NPL/cKACe0iV6T1FWKyt9t37O39k1ifpunuzMS6
SJQOjh4K6tP9bIQB4qPzKDI7cZuUyDdYKpZ3rl/DHV+6x5pQrogWfCnOIMBEvKDc
XfUFtuVBlTjzwlXIGDHWEiAZURvnak4Rvx5UM6LY1t5XvIOcsUMYSg3KS/qnQMcm
3UvIXhvCUAeNA4M5jlQBd6aLfXEvbtO/0uDjl+VHpYEiG309VQX9/pzCJnUPElm7
yvPe+/EvOkyE/ktTy2BF3XPVqiIwnwIDAQABo4ICsTCCAq0wHQYDVR0OBBYEFB5e
/qtx0UkbhRcCl0xxV4IaijUUMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8xNzRCQzczODRCQTUxMUYxQTM3MEZBRDlDRTFEMzhCMC5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAmluPAwQAmlurAwQAmlvI
MA0GCSqGSIb3DQEBCwUAA4IBAQCnl+MOFTko7RRa/hMRUu1vI79naqze+9gEN91o
NQlgOm8J1nYL7J6pMvnjM+CrEVQcx7+9HH/Jfd/y9/Dd/3DyYp/fzGgIVWyW4pIv
VL+Sg9+yopOFRNQ0+e+dD3MYMX1wGKRaovGanp5hPqEbvjuRCmmKlzOkcmqRGDpi
iuWUP6xnJuuxtGnlYRak/MLQCsDAhbbk47N9inEc1gJ6K/q5RbmBMVNmDeDOFijA
cciVzwWAzQBOPlKnP/76PsQvgEYorofSR3nGfPdBDAWy51jODNH8BtLK+fGS9Gy+
zHf1skZybkyzAPR7h/KGbRamP47spFco/Hv9kBYjaOlFXiwY
-----END CERTIFICATE-----
Generated at Wed May 13 04:17:01 2026 by rpki-client