Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/84712DD24DF611F1AF1D12F1CE1D38B0.roa
File: 84712DD24DF611F1AF1D12F1CE1D38B0.roa (raw, json)
Hash identifier: b0JSMGpcHwmtb6tAUtUCdppGopr4PjEE4AzRL3UKDrw=
Subject key identifier: B4:CD:0A:72:5D:C8:10:07:66:87:90:6D:B9:36:E1:1A:B6:CB:A7:7E
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01CB43
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/84712DD24DF611F1AF1D12F1CE1D38B0.roa
Signing time: Tue 12 May 2026 11:34:21 +0000
ROA not before: Tue 12 May 2026 11:34:15 +0000
ROA not after: Sat 20 Jun 2026 11:34:15 +0000
asID: 273155
IP address blocks: 154.200.236.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 15 May 2026 00:07:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 117571 (0x1cb43)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: May 12 11:34:15 2026 GMT
Not After : Jun 20 11:34:15 2026 GMT
Subject: CN=6a03103d-9247
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:55:dc:71:f5:aa:3c:84:57:3c:b7:15:f9:c8:
b9:8d:c4:ec:d0:07:78:49:15:52:06:b9:df:62:72:
3d:6e:f0:e8:ca:bb:f4:aa:3a:e2:c2:f9:67:69:29:
5a:30:ac:bc:17:07:fd:5c:4a:bd:1d:18:f4:cf:05:
df:47:19:ea:05:f3:fa:af:6b:84:03:15:ce:58:c3:
4e:9e:1f:16:7f:e6:17:a1:5e:72:90:16:62:2b:95:
c4:29:cb:ac:21:83:e9:39:21:c1:ac:53:38:f2:a7:
4c:10:0d:3e:cf:0e:de:76:44:92:00:29:63:e6:1b:
c0:f6:85:4c:1a:41:63:a9:24:50:92:7c:b8:1a:5b:
7a:66:e9:df:bf:f2:f3:f8:68:26:e6:78:b4:83:0d:
70:cc:c0:c0:77:41:fa:03:a0:27:73:ee:bd:1b:4d:
05:86:58:79:b2:97:85:82:b6:74:f4:89:05:b0:24:
b8:f7:e5:5e:74:90:8a:02:39:7d:48:f4:df:7b:90:
c9:0e:23:f2:55:f1:fa:18:49:d9:5f:18:24:1d:2c:
60:e0:c2:80:ec:ff:2a:b5:9c:ed:0f:29:88:41:b9:
87:f6:3d:e3:c3:46:de:38:cf:45:83:7e:24:05:56:
48:f4:f8:4b:fb:20:60:be:db:29:a2:20:0f:fd:de:
a7:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:CD:0A:72:5D:C8:10:07:66:87:90:6D:B9:36:E1:1A:B6:CB:A7:7E
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/84712DD24DF611F1AF1D12F1CE1D38B0.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.200.236.0/22
Signature Algorithm: sha256WithRSAEncryption
72:43:3b:84:de:93:da:8a:ae:d3:17:0b:57:94:33:05:88:4e:
e8:2a:02:c3:36:95:fc:d3:61:e5:c0:1c:45:d2:fd:2b:3b:cd:
ea:4e:12:5d:2d:d6:f3:de:08:cb:9f:d3:46:02:2c:59:52:80:
f7:5f:b9:f2:0c:88:84:ab:d1:6e:ae:07:cb:37:39:92:ce:9e:
37:0a:29:2e:ff:c3:d0:0a:12:f1:16:2c:29:e8:ce:54:77:27:
e5:4c:14:9c:a7:c9:8f:0b:71:7a:dd:1d:23:20:23:ae:d2:f8:
59:28:d8:fd:e7:ca:a2:de:0e:17:41:93:f2:d6:a3:70:db:a3:
01:e9:f4:a8:a0:28:bb:87:b4:43:b4:f2:8f:15:8f:18:7d:85:
64:87:91:1f:10:ab:30:90:5e:ad:81:4e:6f:df:d2:f7:15:68:
f8:df:19:42:09:72:9e:0e:dc:46:df:8e:23:bd:8d:cb:75:4f:
c4:92:52:df:e5:e6:d8:26:b7:1f:2e:99:59:39:34:19:30:11:
12:10:2c:69:76:31:b7:6d:76:ec:ac:26:fc:57:8f:52:17:a3:
a7:0d:10:53:53:e8:b2:b0:01:d8:f5:b8:d1:5c:3f:d8:a2:22:
5b:b6:04:95:0a:26:f6:97:5b:35:e5:7c:7d:47:2d:79:bd:67:
cb:84:b9:cb
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDActDMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjYwNTEyMTEzNDE1WhcNMjYwNjIwMTEzNDE1WjAYMRYw
FAYDVQQDEw02YTAzMTAzZC05MjQ3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAslXccfWqPIRXPLcV+ci5jcTs0Ad4SRVSBrnfYnI9bvDoyrv0qjriwvln
aSlaMKy8Fwf9XEq9HRj0zwXfRxnqBfP6r2uEAxXOWMNOnh8Wf+YXoV5ykBZiK5XE
KcusIYPpOSHBrFM48qdMEA0+zw7edkSSAClj5hvA9oVMGkFjqSRQkny4Glt6Zunf
v/Lz+Ggm5ni0gw1wzMDAd0H6A6Anc+69G00Fhlh5speFgrZ09IkFsCS49+VedJCK
Ajl9SPTfe5DJDiPyVfH6GEnZXxgkHSxg4MKA7P8qtZztDymIQbmH9j3jw0beOM9F
g34kBVZI9PhL+yBgvtspoiAP/d6nKwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFLTN
CnJdyBAHZoeQbbk24Rq2y6d+MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC84NDcxMkREMjRERjYxMUYxQUYxRDEyRjFDRTFEMzhCMC5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCmsjsMA0GCSqGSIb3DQEB
CwUAA4IBAQByQzuE3pPaiq7TFwtXlDMFiE7oKgLDNpX802HlwBxF0v0rO83qThJd
Ldbz3gjLn9NGAixZUoD3X7nyDIiEq9FurgfLNzmSzp43Ciku/8PQChLxFiwp6M5U
dyflTBScp8mPC3F63R0jICOu0vhZKNj958qi3g4XQZPy1qNw26MB6fSooCi7h7RD
tPKPFY8YfYVkh5EfEKswkF6tgU5v39L3FWj43xlCCXKeDtxG344jvY3LdU/EklLf
5ebYJrcfLplZOTQZMBESECxpdjG3bXbsrCb8V49SF6OnDRBTU+iysAHY9bjRXD/Y
oiJbtgSVCib2l1s15Xx9Ry15vWfLhLnL
-----END CERTIFICATE-----
Generated at Wed May 13 06:00:59 2026 by rpki-client