Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/FC425EC64CD911F19FEBDFA2CE1D38B0.roa
File: FC425EC64CD911F19FEBDFA2CE1D38B0.roa (raw, json)
Hash identifier: ZTTno1bbO/GHlOwiYvAeWNIBwl5to5ZxvAKgRAoXTag=
Subject key identifier: CE:FE:76:06:B7:15:1E:AB:AA:59:3B:25:C2:BD:61:0A:09:58:7D:FB
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01CAD2
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/FC425EC64CD911F19FEBDFA2CE1D38B0.roa
Signing time: Mon 11 May 2026 01:37:35 +0000
ROA not before: Mon 11 May 2026 01:37:30 +0000
ROA not after: Thu 21 May 2026 01:37:30 +0000
asID: 17497
IP address blocks: 154.196.184.0/21 maxlen: 24
154.211.128.0/19 maxlen: 24
154.217.232.0/23 maxlen: 24
154.222.128.0/22 maxlen: 24
154.222.140.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 15 May 2026 00:07:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 117458 (0x1cad2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: May 11 01:37:30 2026 GMT
Not After : May 21 01:37:30 2026 GMT
Subject: CN=6a0132df-3b0f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:50:c3:6d:70:4a:f6:3e:70:73:63:e9:3a:f9:
1b:21:0f:83:25:26:f9:78:8c:09:4d:51:7f:e4:ea:
b7:6b:7d:01:fe:13:32:ab:8b:2d:c4:d6:01:16:45:
c4:f4:0a:28:10:11:8c:9a:39:01:d0:d1:84:ab:fb:
e2:e3:4e:1e:47:8c:c7:30:f4:d8:51:6a:95:f3:66:
4f:17:16:68:4c:1c:50:c8:8f:dc:48:f9:dc:59:aa:
ee:29:2b:e3:81:71:b3:01:cb:2d:ad:90:85:e4:cc:
01:50:57:e1:b4:ce:6e:49:64:ae:4d:42:71:30:ed:
1c:94:f8:3c:c0:18:46:5d:d5:c9:15:e0:f0:16:8c:
69:80:87:92:fb:7c:94:9b:63:e6:ac:a5:95:5f:31:
d8:3c:66:2b:f6:7b:1f:5f:12:b6:ad:b3:00:c9:21:
d2:07:e5:46:91:9c:78:07:50:77:c6:38:3d:20:20:
1a:ec:14:c8:fa:12:63:f9:fa:19:7e:7e:e5:aa:5b:
fe:26:25:b0:81:a7:95:2d:66:c8:47:4f:e9:ad:ed:
3e:e0:e1:3a:b6:ce:8f:a6:fe:b5:e8:a8:ab:a4:c1:
e9:be:9f:e4:c0:53:0d:2f:99:a6:1c:e5:ed:b8:8c:
17:43:98:21:39:41:02:da:3c:97:f2:86:9a:fb:6d:
01:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:FE:76:06:B7:15:1E:AB:AA:59:3B:25:C2:BD:61:0A:09:58:7D:FB
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/FC425EC64CD911F19FEBDFA2CE1D38B0.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.196.184.0/21
154.211.128.0/19
154.217.232.0/23
154.222.128.0/22
154.222.140.0/22
Signature Algorithm: sha256WithRSAEncryption
2c:51:4e:a4:18:c1:97:36:93:41:b3:5e:1a:5a:f3:33:7d:7a:
53:c8:f1:a4:03:5c:1e:ba:90:4e:ee:74:97:bf:e3:40:32:2a:
db:fb:7c:fb:ba:2f:5b:d1:7c:43:e9:09:bd:79:fe:b9:81:39:
1d:5f:16:27:a9:c9:79:fb:b5:ae:60:f9:d0:bc:8f:b5:b3:fc:
51:70:ce:14:bf:63:49:99:1b:3f:b2:f4:9b:86:81:1d:a8:dc:
d4:10:87:ba:a2:29:01:d3:f5:23:2e:d7:7d:e8:29:ed:48:57:
f9:47:e8:b1:2e:9a:7a:11:4b:e1:43:1e:83:89:cf:47:58:53:
b5:ca:de:00:9f:3e:03:14:1b:f1:43:b3:8f:af:2e:6a:12:a7:
2e:1b:c0:1b:bd:29:b8:b0:32:8a:22:9f:03:b4:d9:d8:29:a1:
5e:bc:dc:6c:3e:f5:6f:12:c0:43:ed:a5:33:57:05:bf:cb:12:
74:b4:4a:88:89:8c:2b:a0:1f:94:0a:98:37:4a:e7:a0:8c:97:
dd:04:7c:55:9f:c8:83:79:04:20:87:79:b7:81:5e:43:4b:f3:
d7:fc:9e:63:13:da:79:9b:60:be:ba:d9:5d:d5:13:fa:53:b2:
ee:c3:3e:e1:9d:d0:5d:f9:96:26:cc:41:af:13:15:a5:be:eb:
88:c7:2e:f5
-----BEGIN CERTIFICATE-----
MIIFnDCCBISgAwIBAgIDAcrSMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjYwNTExMDEzNzMwWhcNMjYwNTIxMDEzNzMwWjAYMRYw
FAYDVQQDEw02YTAxMzJkZi0zYjBmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAtVDDbXBK9j5wc2PpOvkbIQ+DJSb5eIwJTVF/5Oq3a30B/hMyq4stxNYB
FkXE9AooEBGMmjkB0NGEq/vi404eR4zHMPTYUWqV82ZPFxZoTBxQyI/cSPncWaru
KSvjgXGzAcstrZCF5MwBUFfhtM5uSWSuTUJxMO0clPg8wBhGXdXJFeDwFoxpgIeS
+3yUm2PmrKWVXzHYPGYr9nsfXxK2rbMAySHSB+VGkZx4B1B3xjg9ICAa7BTI+hJj
+foZfn7lqlv+JiWwgaeVLWbIR0/pre0+4OE6ts6Ppv616KirpMHpvp/kwFMNL5mm
HOXtuIwXQ5ghOUEC2jyX8oaa+20BJwIDAQABo4ICvTCCArkwHQYDVR0OBBYEFM7+
dga3FR6rqlk7JcK9YQoJWH37MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9GQzQyNUVDNjRDRDkxMUYxOUZFQkRGQTJDRTFEMzhCMC5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQDmsS4AwQFmtOAAwQBmtno
AwQCmt6AAwQCmt6MMA0GCSqGSIb3DQEBCwUAA4IBAQAsUU6kGMGXNpNBs14aWvMz
fXpTyPGkA1weupBO7nSXv+NAMirb+3z7ui9b0XxD6Qm9ef65gTkdXxYnqcl5+7Wu
YPnQvI+1s/xRcM4Uv2NJmRs/svSbhoEdqNzUEIe6oikB0/UjLtd96CntSFf5R+ix
Lpp6EUvhQx6Dic9HWFO1yt4Anz4DFBvxQ7OPry5qEqcuG8AbvSm4sDKKIp8DtNnY
KaFevNxsPvVvEsBD7aUzVwW/yxJ0tEqIiYwroB+UCpg3SuegjJfdBHxVn8iDeQQg
h3m3gV5DS/PX/J5jE9p5m2C+utld1RP6U7Luwz7hndBd+ZYmzEGvExWlvuuIxy71
-----END CERTIFICATE-----
Generated at Wed May 13 04:02:33 2026 by rpki-client