Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/9A12C0AE4C4F11F1A83017E9CE1D38B0.roa
File: 9A12C0AE4C4F11F1A83017E9CE1D38B0.roa (raw, json)
Hash identifier: c68avc6Exi+QOi7F4G30x+rYnzfvThxgJEIZaNxYLGw=
Subject key identifier: B3:21:F9:0A:EA:46:07:29:20:59:30:16:34:E4:51:0B:55:4D:59:3A
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01CAAD
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/9A12C0AE4C4F11F1A83017E9CE1D38B0.roa
Signing time: Sun 10 May 2026 09:07:00 +0000
ROA not before: Sun 10 May 2026 09:06:55 +0000
ROA not after: Wed 10 Jun 2026 09:06:55 +0000
asID: 141883
IP address blocks: 154.204.0.0/24 maxlen: 24
154.208.12.0/22 maxlen: 24
154.208.16.0/20 maxlen: 24
154.212.128.0/24 maxlen: 24
154.215.0.0/24 maxlen: 24
154.218.0.0/24 maxlen: 24
154.221.0.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 15 May 2026 06:17:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 117421 (0x1caad)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: May 10 09:06:55 2026 GMT
Not After : Jun 10 09:06:55 2026 GMT
Subject: CN=6a004ab4-4c6b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:4a:8c:50:e7:07:db:3b:c7:0c:d7:20:a7:7b:
2c:2b:f5:47:76:d9:48:60:3e:df:b0:71:9f:7d:f7:
1a:88:7c:f6:ae:8b:96:0a:bf:b3:a2:1b:d0:3f:63:
76:a9:3b:8e:b1:f2:17:dd:2a:51:b8:f5:ad:5e:0f:
37:f2:5f:9e:18:fb:89:d0:1e:d5:21:25:47:f4:5c:
57:82:33:dc:ed:15:ee:b4:3b:86:c5:51:a1:a3:a7:
41:ad:60:54:84:02:db:84:10:45:98:3e:4f:26:1d:
ef:d6:e9:3e:c5:56:b7:15:96:57:eb:bc:71:b8:d8:
38:94:fd:0d:9f:40:96:1a:ac:e8:90:5f:7b:bd:d3:
fb:23:6e:aa:5b:98:4a:61:0d:41:bc:5f:27:96:cd:
ed:9b:79:ee:d1:de:5d:31:ef:62:23:d1:c0:67:d3:
3a:f6:5d:6c:ea:11:4f:81:95:1d:1d:68:68:36:cb:
ca:41:ac:cc:32:63:db:e8:23:6b:e8:df:29:af:78:
6c:66:81:24:e6:cd:93:19:c3:86:0a:14:c9:b0:80:
05:95:9f:55:f8:ca:89:7e:55:80:85:d7:fd:7e:39:
58:f2:67:6d:8b:dc:51:b6:30:b3:03:d2:8e:93:e0:
a3:fa:2d:0e:9e:4d:ca:d8:56:2a:85:5b:3d:3d:8b:
79:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:21:F9:0A:EA:46:07:29:20:59:30:16:34:E4:51:0B:55:4D:59:3A
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/9A12C0AE4C4F11F1A83017E9CE1D38B0.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.204.0.0/24
154.208.12.0-154.208.31.255
154.212.128.0/24
154.215.0.0/24
154.218.0.0/24
154.221.0.0/24
Signature Algorithm: sha256WithRSAEncryption
56:ed:67:60:13:e4:9d:6d:b3:56:bd:56:39:5d:04:21:5e:f6:
4a:ad:da:32:9a:34:67:55:ca:9b:91:7f:00:79:d1:cd:c7:49:
70:dc:e7:4d:d8:ad:c1:0b:df:7a:fe:ee:77:e7:9b:95:b5:87:
92:f5:b4:3a:16:26:1e:44:80:bc:a7:44:3e:5b:de:48:e2:41:
67:94:d9:d9:ec:41:71:82:c2:e2:92:13:69:16:26:28:eb:76:
96:d0:09:a7:53:f5:d0:e4:6b:22:c1:a5:20:ad:7d:a3:d9:ab:
66:ac:f5:54:45:cb:3d:86:a2:a7:92:81:c0:a7:39:13:a2:de:
09:ca:06:26:23:a9:b9:de:7b:da:3e:f7:c2:7d:3e:d4:6a:9f:
1b:6b:4e:60:2a:b1:1a:33:f9:91:3a:1d:c3:2e:27:69:fc:b9:
c9:14:7d:c3:43:95:0a:2c:14:88:98:91:c3:1e:25:9d:cd:87:
54:d6:f9:2f:99:78:ce:9b:72:c5:81:b1:d7:98:73:2e:08:9c:
d9:bb:40:41:d9:6b:d6:cb:2b:8c:c1:18:fe:a2:35:7d:1a:48:
6a:cc:67:51:51:d4:46:9e:19:4e:44:76:e9:cd:b3:3d:cd:55:
1c:08:31:a5:8b:60:cc:a2:e5:94:63:22:26:59:52:b6:b0:4a:
eb:8e:65:c9
-----BEGIN CERTIFICATE-----
MIIFqjCCBJKgAwIBAgIDAcqtMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjYwNTEwMDkwNjU1WhcNMjYwNjEwMDkwNjU1WjAYMRYw
FAYDVQQDEw02YTAwNGFiNC00YzZiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAvUqMUOcH2zvHDNcgp3ssK/VHdtlIYD7fsHGfffcaiHz2rouWCr+zohvQ
P2N2qTuOsfIX3SpRuPWtXg838l+eGPuJ0B7VISVH9FxXgjPc7RXutDuGxVGho6dB
rWBUhALbhBBFmD5PJh3v1uk+xVa3FZZX67xxuNg4lP0Nn0CWGqzokF97vdP7I26q
W5hKYQ1BvF8nls3tm3nu0d5dMe9iI9HAZ9M69l1s6hFPgZUdHWhoNsvKQazMMmPb
6CNr6N8pr3hsZoEk5s2TGcOGChTJsIAFlZ9V+MqJflWAhdf9fjlY8mdti9xRtjCz
A9KOk+Cj+i0Onk3K2FYqhVs9PYt5eQIDAQABo4ICyzCCAscwHQYDVR0OBBYEFLMh
+QrqRgcpIFkwFjTkUQtVTVk6MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC85QTEyQzBBRTRDNEYxMUYxQTgzMDE3RTlDRTFEMzhCMC5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMEUGCCsGAQUFBwEHAQH/BDYwNDAyBAIAATAsAwQAmswAMAwDBAKa0AwDBAWa
0AADBACa1IADBACa1wADBACa2gADBACa3QAwDQYJKoZIhvcNAQELBQADggEBAFbt
Z2AT5J1ts1a9VjldBCFe9kqt2jKaNGdVypuRfwB50c3HSXDc503YrcEL33r+7nfn
m5W1h5L1tDoWJh5EgLynRD5b3kjiQWeU2dnsQXGCwuKSE2kWJijrdpbQCadT9dDk
ayLBpSCtfaPZq2as9VRFyz2GoqeSgcCnOROi3gnKBiYjqbnee9o+98J9PtRqnxtr
TmAqsRoz+ZE6HcMuJ2n8uckUfcNDlQosFIiYkcMeJZ3Nh1TW+S+ZeM6bcsWBsdeY
cy4InNm7QEHZa9bLK4zBGP6iNX0aSGrMZ1FR1EaeGU5EdunNsz3NVRwIMaWLYMyi
5ZRjIiZZUrawSuuOZck=
-----END CERTIFICATE-----
Generated at Wed May 13 11:55:35 2026 by rpki-client