Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/CD4ADF7A4CDF11F1ADF09ACACE1D38B0.roa
File: CD4ADF7A4CDF11F1ADF09ACACE1D38B0.roa (raw, json)
Hash identifier: gpOIdeXOLqGsLONGrTWpG8QdBJM3f+8CHZoB4/GCRYM=
Subject key identifier: 4D:B6:49:B9:70:CB:0B:5B:41:89:DD:33:D6:09:C0:EF:C7:3D:E3:2D
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01CAD8
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/CD4ADF7A4CDF11F1ADF09ACACE1D38B0.roa
Signing time: Mon 11 May 2026 02:19:13 +0000
ROA not before: Mon 11 May 2026 02:19:09 +0000
ROA not after: Thu 21 May 2026 02:19:09 +0000
asID: 17497
IP address blocks: 154.196.184.0/24 maxlen: 24
154.211.128.0/23 maxlen: 24
154.217.232.0/24 maxlen: 24
154.222.128.0/24 maxlen: 24
154.222.140.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Thu 14 May 2026 12:11:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 117464 (0x1cad8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: May 11 02:19:09 2026 GMT
Not After : May 21 02:19:09 2026 GMT
Subject: CN=6a013ca1-4511
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:d3:0c:ad:fc:4f:85:3c:32:4b:7b:d3:14:f0:
a1:35:1b:4a:af:c3:de:94:05:21:f8:72:75:b3:e0:
ad:72:aa:44:d9:72:9e:51:27:07:33:1a:cd:76:81:
2d:c2:de:2a:f5:14:28:15:96:95:c9:c2:a7:84:9f:
07:2f:92:7b:b8:27:45:9f:cb:89:0a:29:5d:3e:e1:
22:2b:d0:0d:9c:2f:09:a6:08:a3:ba:55:7a:78:1b:
ca:db:14:08:0a:60:e0:9a:fc:d4:02:fe:b2:c3:58:
0f:c3:4b:aa:c2:cd:87:65:c9:2a:3b:83:6f:6b:14:
bd:ae:db:0c:f0:79:90:8c:64:fb:8a:f2:46:93:a9:
38:8c:9d:50:39:8b:30:2a:23:57:b1:41:57:7e:36:
3b:a1:8e:44:a5:77:fd:8b:53:27:36:b7:80:00:04:
f7:e3:a2:37:aa:df:61:31:eb:e6:3f:50:89:63:f2:
2f:a3:93:2c:be:ac:a5:1d:f4:d3:99:1c:28:8c:76:
e5:ea:0a:ed:0b:66:e4:27:f0:05:cd:0f:e8:49:43:
62:f6:1d:14:a0:ce:e9:0c:e0:6b:b0:ef:dd:1e:4e:
a9:d6:7f:93:60:23:13:ad:26:ca:38:32:86:58:57:
95:61:af:ca:a3:a5:c2:c3:72:72:dd:17:c9:63:a8:
fb:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:B6:49:B9:70:CB:0B:5B:41:89:DD:33:D6:09:C0:EF:C7:3D:E3:2D
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/CD4ADF7A4CDF11F1ADF09ACACE1D38B0.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.196.184.0/24
154.211.128.0/23
154.217.232.0/24
154.222.128.0/24
154.222.140.0/24
Signature Algorithm: sha256WithRSAEncryption
00:12:e4:e0:e2:f7:40:64:d7:c1:1a:7e:da:10:d1:6d:2b:d5:
07:3d:c3:77:89:c5:1b:32:d7:ea:5c:94:46:08:d6:a5:25:d0:
50:a1:64:12:56:92:79:67:f2:a3:03:48:0b:f9:7a:19:70:1a:
d7:a3:1a:20:8f:20:fb:a2:f3:59:d4:77:c6:15:44:5e:43:e8:
ee:64:f0:10:42:0d:7c:54:b8:97:5d:e2:cf:d2:d7:07:19:9a:
03:e2:84:2a:25:fc:8e:d5:00:7c:5f:6f:10:37:ef:9d:21:8e:
a2:1e:49:f1:c0:b9:3f:a6:a0:55:6a:3f:87:78:ce:fa:28:16:
ef:17:f3:69:94:5f:e4:48:c7:2a:51:a3:e1:34:07:e4:77:c9:
f6:84:ff:2a:3a:36:c6:bd:e2:d9:3d:17:3d:99:b3:7c:24:9a:
f1:7c:a3:1d:b8:ff:bc:0e:3e:62:5b:b7:b7:42:55:be:da:c9:
e5:00:35:7d:61:ae:4b:54:e9:02:70:42:7d:68:48:71:51:fb:
8d:46:fc:c3:ce:a5:94:7b:71:22:8d:ad:29:6c:1e:b9:60:20:
3c:bf:73:20:13:28:e7:cf:f7:06:b3:9c:ec:fa:06:bd:2e:12:
b0:67:d1:17:a4:bc:dc:6d:00:d6:c0:33:f3:15:84:32:18:b1:
ac:5a:e9:1c
-----BEGIN CERTIFICATE-----
MIIFnDCCBISgAwIBAgIDAcrYMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjYwNTExMDIxOTA5WhcNMjYwNTIxMDIxOTA5WjAYMRYw
FAYDVQQDEw02YTAxM2NhMS00NTExMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAwNMMrfxPhTwyS3vTFPChNRtKr8PelAUh+HJ1s+CtcqpE2XKeUScHMxrN
doEtwt4q9RQoFZaVycKnhJ8HL5J7uCdFn8uJCildPuEiK9ANnC8JpgijulV6eBvK
2xQICmDgmvzUAv6yw1gPw0uqws2HZckqO4NvaxS9rtsM8HmQjGT7ivJGk6k4jJ1Q
OYswKiNXsUFXfjY7oY5EpXf9i1MnNreAAAT346I3qt9hMevmP1CJY/Ivo5Msvqyl
HfTTmRwojHbl6grtC2bkJ/AFzQ/oSUNi9h0UoM7pDOBrsO/dHk6p1n+TYCMTrSbK
ODKGWFeVYa/Ko6XCw3Jy3RfJY6j76QIDAQABo4ICvTCCArkwHQYDVR0OBBYEFE22
SblwywtbQYndM9YJwO/HPeMtMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9DRDRBREY3QTRDREYxMUYxQURGMDlBQ0FDRTFEMzhCMC5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAmsS4AwQBmtOAAwQAmtno
AwQAmt6AAwQAmt6MMA0GCSqGSIb3DQEBCwUAA4IBAQAAEuTg4vdAZNfBGn7aENFt
K9UHPcN3icUbMtfqXJRGCNalJdBQoWQSVpJ5Z/KjA0gL+XoZcBrXoxogjyD7ovNZ
1HfGFUReQ+juZPAQQg18VLiXXeLP0tcHGZoD4oQqJfyO1QB8X28QN++dIY6iHknx
wLk/pqBVaj+HeM76KBbvF/NplF/kSMcqUaPhNAfkd8n2hP8qOjbGveLZPRc9mbN8
JJrxfKMduP+8Dj5iW7e3QlW+2snlADV9Ya5LVOkCcEJ9aEhxUfuNRvzDzqWUe3Ei
ja0pbB65YCA8v3MgEyjnz/cGs5zs+ga9LhKwZ9EXpLzcbQDWwDPzFYQyGLGsWukc
-----END CERTIFICATE-----
Generated at Tue May 12 21:39:16 2026 by rpki-client