Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/3E136CB04DD311F1BF8AF11CCF1D38B0.roa
File: 3E136CB04DD311F1BF8AF11CCF1D38B0.roa (raw, json)
Hash identifier: NYuQAnGUVhs8yWrsQc9sMXkn3nhPiyaUD7v5cjYvVFE=
Subject key identifier: 4E:24:96:AA:D2:DD:2C:14:27:F9:A0:55:50:D6:E7:D1:23:05:B5:66
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01CB33
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/3E136CB04DD311F1BF8AF11CCF1D38B0.roa
Signing time: Tue 12 May 2026 07:21:50 +0000
ROA not before: Tue 12 May 2026 07:21:46 +0000
ROA not after: Tue 09 Jun 2026 07:21:46 +0000
asID: 147176
IP address blocks: 154.212.139.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 15 May 2026 06:17:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 117555 (0x1cb33)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: May 12 07:21:46 2026 GMT
Not After : Jun 9 07:21:46 2026 GMT
Subject: CN=6a02d50e-7989
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:d7:25:7e:23:42:ef:7f:3d:fe:97:7e:a7:14:
59:d1:ff:50:7a:4b:2a:d2:d5:e7:9e:56:39:de:fb:
56:b2:e2:47:2f:97:50:09:df:bc:18:38:d6:c8:76:
37:a0:35:c8:97:6a:46:ef:2b:b0:92:15:bd:88:c5:
d7:1c:43:2e:b9:44:56:2c:55:36:b0:88:97:dd:7c:
40:48:48:73:85:3a:6e:7d:aa:46:c8:54:24:80:b9:
f5:da:67:9e:08:0b:99:77:20:eb:9b:75:b7:0b:c3:
91:85:a4:a7:da:4b:1b:f3:39:cf:15:5c:da:a8:7e:
9a:4c:09:c9:35:b6:61:7b:bd:1f:50:89:98:b3:89:
fa:0d:a2:31:93:b9:e3:65:a8:e5:9e:2a:7e:00:d6:
90:8f:74:19:6b:7e:70:d2:fc:91:23:b9:8c:7b:b8:
5c:30:47:85:01:3f:43:94:4d:b8:a1:5a:79:c4:44:
66:f2:ee:c1:bb:c5:c2:22:2c:0f:56:0d:ec:d9:54:
1d:f0:c9:a4:51:33:2a:c7:14:be:98:c5:76:d8:8b:
40:2b:cb:84:0e:75:7b:04:d3:e7:00:dd:5e:3f:29:
90:8b:ab:54:a2:51:12:b1:71:b6:aa:d2:24:0c:69:
b4:85:90:83:e6:5e:ab:98:b7:92:47:db:21:73:cd:
e5:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:24:96:AA:D2:DD:2C:14:27:F9:A0:55:50:D6:E7:D1:23:05:B5:66
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/3E136CB04DD311F1BF8AF11CCF1D38B0.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.212.139.0/24
Signature Algorithm: sha256WithRSAEncryption
b1:f6:49:cd:92:38:26:84:a0:2d:2b:17:45:82:73:57:2a:f0:
6a:ba:99:db:70:bd:e7:ab:18:14:21:77:22:7d:3b:4e:6f:0b:
a1:c6:54:8a:23:ac:be:70:05:2f:51:89:7f:0e:ae:9c:4f:cc:
cf:4c:57:f7:aa:13:e4:63:96:d2:79:87:2a:ba:af:ce:b8:b6:
06:4a:75:d5:9c:01:dc:84:59:60:6b:53:a5:a1:31:3f:eb:7c:
08:89:51:45:17:a9:2c:3a:18:6d:a0:7e:d5:3d:c7:ef:92:d9:
ff:f0:2b:48:4c:99:0b:e4:2a:a8:4e:8e:49:4a:28:28:7e:53:
d7:a4:a6:93:9a:d5:9a:ce:3c:6b:e4:23:ac:9a:8c:42:22:7e:
83:e3:79:4d:b1:bd:7c:1d:5e:ba:1e:22:10:5f:a8:f8:d3:6e:
14:d5:2c:44:eb:94:77:28:f9:9f:74:3d:ea:b3:12:88:62:55:
00:72:6f:8f:e8:1c:dd:45:93:13:55:e5:77:9a:48:8d:ba:c5:
2b:8d:b0:79:2b:6f:8b:e1:e4:71:04:f6:bd:ae:1e:77:63:15:
37:2b:2b:83:5b:e1:49:19:06:b6:20:ed:d4:03:ed:ae:7f:95:
75:10:b4:ec:bc:b7:33:fd:9a:b5:f3:5e:59:21:fb:92:66:21:
86:32:6d:0c
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAcszMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjYwNTEyMDcyMTQ2WhcNMjYwNjA5MDcyMTQ2WjAYMRYw
FAYDVQQDEw02YTAyZDUwZS03OTg5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAvtclfiNC7389/pd+pxRZ0f9Qeksq0tXnnlY53vtWsuJHL5dQCd+8GDjW
yHY3oDXIl2pG7yuwkhW9iMXXHEMuuURWLFU2sIiX3XxASEhzhTpufapGyFQkgLn1
2meeCAuZdyDrm3W3C8ORhaSn2ksb8znPFVzaqH6aTAnJNbZhe70fUImYs4n6DaIx
k7njZajlnip+ANaQj3QZa35w0vyRI7mMe7hcMEeFAT9DlE24oVp5xERm8u7Bu8XC
IiwPVg3s2VQd8MmkUTMqxxS+mMV22ItAK8uEDnV7BNPnAN1ePymQi6tUolESsXG2
qtIkDGm0hZCD5l6rmLeSR9shc83lPwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFE4k
lqrS3SwUJ/mgVVDW59EjBbVmMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8zRTEzNkNCMDRERDMxMUYxQkY4QUYxMUNDRjFEMzhCMC5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmtSLMA0GCSqGSIb3DQEB
CwUAA4IBAQCx9knNkjgmhKAtKxdFgnNXKvBqupnbcL3nqxgUIXcifTtObwuhxlSK
I6y+cAUvUYl/Dq6cT8zPTFf3qhPkY5bSeYcquq/OuLYGSnXVnAHchFlga1OloTE/
63wIiVFFF6ksOhhtoH7VPcfvktn/8CtITJkL5CqoTo5JSigoflPXpKaTmtWazjxr
5COsmoxCIn6D43lNsb18HV66HiIQX6j4024U1SxE65R3KPmfdD3qsxKIYlUAcm+P
6BzdRZMTVeV3mkiNusUrjbB5K2+L4eRxBPa9rh53YxU3KyuDW+FJGQa2IO3UA+2u
f5V1ELTsvLcz/Zq1815ZIfuSZiGGMm0M
-----END CERTIFICATE-----
Generated at Wed May 13 12:25:17 2026 by rpki-client