Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/07FB198C584311F19D6750A3CE1D38B0.roa
File: 07FB198C584311F19D6750A3CE1D38B0.roa (raw, json)
Hash identifier: /xiEkr3a1WGfZrGrD5gB6I6GnFd+V1nULkyNwSSh8kY=
Subject key identifier: 95:40:19:C8:07:9A:5C:A9:53:BB:E7:B6:4D:17:95:01:59:F5:35:8B
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01CF89
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/07FB198C584311F19D6750A3CE1D38B0.roa
Signing time: Mon 25 May 2026 14:07:15 +0000
ROA not before: Mon 25 May 2026 14:07:10 +0000
ROA not after: Tue 30 Jun 2026 14:07:10 +0000
asID: 401783
IP address blocks: 154.193.2.0/24 maxlen: 24
154.193.35.0/24 maxlen: 24
154.196.179.0/24 maxlen: 24
154.196.180.0/24 maxlen: 24
154.199.4.0/24 maxlen: 24
154.200.26.0/24 maxlen: 24
154.200.43.0/24 maxlen: 24
154.200.51.0/24 maxlen: 24
154.200.52.0/24 maxlen: 24
154.200.129.0/24 maxlen: 24
154.200.131.0/24 maxlen: 24
154.200.140.0/24 maxlen: 24
154.200.142.0/24 maxlen: 24
154.200.157.0/24 maxlen: 24
154.200.158.0/24 maxlen: 24
154.200.159.0/24 maxlen: 24
154.200.160.0/24 maxlen: 24
154.200.161.0/24 maxlen: 24
154.200.162.0/24 maxlen: 24
154.200.191.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 05 Jun 2026 16:06:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 118665 (0x1cf89)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: May 25 14:07:10 2026 GMT
Not After : Jun 30 14:07:10 2026 GMT
Subject: CN=6a145793-80db
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:57:c1:ea:52:69:d8:58:c2:23:65:cc:03:81:
84:b0:f9:63:ed:6a:1f:50:42:b3:d6:c4:30:57:fe:
df:7c:9d:68:af:62:2a:33:44:3a:8b:96:12:51:a9:
c0:7f:a0:9f:ba:d3:cf:bf:ea:80:bf:83:cc:4d:df:
7a:b6:46:09:9b:b3:33:c3:16:ff:d2:b3:dc:1f:dd:
ac:b5:a4:23:10:47:24:14:b1:74:f0:fa:7b:d7:1c:
a7:2a:03:7b:a1:00:04:e5:26:6e:3a:27:11:12:b8:
17:96:09:c0:19:2f:c2:33:c4:6b:c1:77:3b:da:bd:
f9:9e:f4:b9:17:d2:8e:a1:f5:26:7a:a3:3d:75:67:
e4:e7:36:cc:cd:ef:1b:72:68:6d:4c:2c:99:c5:b5:
9e:a6:d2:d6:e6:45:2a:52:ee:e6:7a:90:b4:0d:b6:
f1:8a:3b:38:0b:61:04:f1:78:4e:a5:28:10:6a:58:
23:e0:db:dd:2e:69:c6:73:a5:61:01:d7:b9:0d:cf:
68:d5:6b:72:36:09:ba:46:a0:71:0e:7b:d5:3a:27:
3c:dc:db:ce:d5:4b:92:3d:5e:7d:91:1d:d6:ac:c6:
4b:d1:5c:a7:62:2b:7d:50:f7:e0:04:fa:35:b5:b3:
72:7c:b4:a1:51:a8:cd:90:b4:87:ae:f8:65:bd:40:
bb:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:40:19:C8:07:9A:5C:A9:53:BB:E7:B6:4D:17:95:01:59:F5:35:8B
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/07FB198C584311F19D6750A3CE1D38B0.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.193.2.0/24
154.193.35.0/24
154.196.179.0-154.196.180.255
154.199.4.0/24
154.200.26.0/24
154.200.43.0/24
154.200.51.0-154.200.52.255
154.200.129.0/24
154.200.131.0/24
154.200.140.0/24
154.200.142.0/24
154.200.157.0-154.200.162.255
154.200.191.0/24
Signature Algorithm: sha256WithRSAEncryption
04:84:20:72:c4:34:3c:59:86:c9:b5:ff:17:be:4d:59:bc:d4:
8a:3a:ee:97:e9:cb:f9:f0:2d:c4:64:32:5b:1d:16:3b:f3:eb:
c3:e0:46:5a:68:22:89:41:40:5a:a8:ab:72:97:bf:7c:91:bb:
a3:9d:44:54:6d:41:7a:e6:67:8c:73:61:f0:ba:57:e0:5c:6a:
b7:4c:37:ef:28:b2:bc:e9:b5:63:44:ed:b9:1f:19:f1:28:1f:
85:c1:db:21:fd:31:23:13:cc:6e:f5:b1:c2:41:0e:db:00:14:
ba:c3:1b:ca:ab:81:b7:2b:57:a2:aa:c2:8b:05:77:1c:24:84:
bb:3e:4d:cb:ed:92:20:a5:ab:da:1d:06:8f:ad:f5:b6:cf:99:
f2:26:39:f3:69:33:b0:81:61:38:ec:c0:6c:0b:ba:12:66:08:
d6:19:08:ac:2b:12:13:94:3d:e0:53:99:c4:8f:63:ca:b1:de:
f3:5e:d6:88:8f:89:46:03:3a:75:02:a6:3a:28:8a:1b:3f:a5:
35:30:a4:a1:bd:2c:df:9b:6a:c1:89:79:54:ae:b6:e1:33:9c:
c6:ec:1c:76:cb:41:1b:2c:6c:9b:03:cb:8e:7e:4c:34:45:f9:
f5:65:51:c8:f3:a6:e7:ea:f7:9d:a6:da:38:22:c5:dd:37:0e:
8f:1f:9e:87
-----BEGIN CERTIFICATE-----
MIIF5DCCBMygAwIBAgIDAc+JMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjYwNTI1MTQwNzEwWhcNMjYwNjMwMTQwNzEwWjAYMRYw
FAYDVQQDEw02YTE0NTc5My04MGRiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA7VfB6lJp2FjCI2XMA4GEsPlj7WofUEKz1sQwV/7ffJ1or2IqM0Q6i5YS
UanAf6CfutPPv+qAv4PMTd96tkYJm7Mzwxb/0rPcH92staQjEEckFLF08Pp71xyn
KgN7oQAE5SZuOicRErgXlgnAGS/CM8RrwXc72r35nvS5F9KOofUmeqM9dWfk5zbM
ze8bcmhtTCyZxbWeptLW5kUqUu7mepC0Dbbxijs4C2EE8XhOpSgQalgj4NvdLmnG
c6VhAde5Dc9o1WtyNgm6RqBxDnvVOic83NvO1UuSPV59kR3WrMZL0VynYit9UPfg
BPo1tbNyfLShUajNkLSHrvhlvUC7awIDAQABo4IDBTCCAwEwHQYDVR0OBBYEFJVA
GcgHmlypU7vntk0XlQFZ9TWLMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8wN0ZCMTk4QzU4NDMxMUYxOUQ2NzUwQTNDRTFEMzhCMC5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMH8GCCsGAQUFBwEHAQH/BHAwbjBsBAIAATBmAwQAmsECAwQAmsEjMAwDBACa
xLMDBACaxLQDBACaxwQDBACayBoDBACayCswDAMEAJrIMwMEAJrINAMEAJrIgQME
AJrIgwMEAJrIjAMEAJrIjjAMAwQAmsidAwQAmsiiAwQAmsi/MA0GCSqGSIb3DQEB
CwUAA4IBAQAEhCByxDQ8WYbJtf8Xvk1ZvNSKOu6X6cv58C3EZDJbHRY78+vD4EZa
aCKJQUBaqKtyl798kbujnURUbUF65meMc2HwulfgXGq3TDfvKLK86bVjRO25Hxnx
KB+Fwdsh/TEjE8xu9bHCQQ7bABS6wxvKq4G3K1eiqsKLBXccJIS7Pk3L7ZIgpava
HQaPrfW2z5nyJjnzaTOwgWE47MBsC7oSZgjWGQisKxITlD3gU5nEj2PKsd7zXtaI
j4lGAzp1AqY6KIobP6U1MKShvSzfm2rBiXlUrrbhM5zG7Bx2y0EbLGybA8uOfkw0
Rfn1ZVHI86bn6vedpto4IsXdNw6PH56H
-----END CERTIFICATE-----
Generated at Thu Jun 4 03:14:38 2026 by rpki-client