Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/1098A1EA554B11F18C6C4804CF1D38B0.roa
File: 1098A1EA554B11F18C6C4804CF1D38B0.roa (raw, json)
Hash identifier: 0R60mSYUiQ95TzCpo1c82hZ1s8PYb/BQEzppYR2DLsI=
Subject key identifier: 83:74:C7:47:72:6F:DD:1A:53:0B:33:4B:03:CE:60:61:94:C3:FD:3E
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01CDC3
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/1098A1EA554B11F18C6C4804CF1D38B0.roa
Signing time: Thu 21 May 2026 19:27:12 +0000
ROA not before: Thu 21 May 2026 19:27:07 +0000
ROA not after: Mon 21 May 2029 19:27:07 +0000
asID: 17561
IP address blocks: 154.194.228.0/24 maxlen: 24
154.194.229.0/24 maxlen: 24
154.194.230.0/24 maxlen: 24
154.194.231.0/24 maxlen: 24
154.217.224.0/24 maxlen: 24
154.217.225.0/24 maxlen: 24
154.217.226.0/24 maxlen: 24
154.217.227.0/24 maxlen: 24
154.217.228.0/24 maxlen: 24
154.217.229.0/24 maxlen: 24
154.217.230.0/24 maxlen: 24
154.217.231.0/24 maxlen: 24
154.222.88.0/24 maxlen: 24
154.222.89.0/24 maxlen: 24
154.222.90.0/24 maxlen: 24
154.222.91.0/24 maxlen: 24
154.222.92.0/24 maxlen: 24
154.222.93.0/24 maxlen: 24
154.222.94.0/24 maxlen: 24
154.222.95.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Thu 04 Jun 2026 00:07:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 118211 (0x1cdc3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: May 21 19:27:07 2026 GMT
Not After : May 21 19:27:07 2029 GMT
Subject: CN=6a0f5c90-47d2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:69:ea:89:1e:fb:61:0d:26:10:e0:a7:30:ab:
37:de:d4:a5:23:9c:73:8e:9b:8d:09:f4:b2:ee:56:
5a:78:35:55:d9:83:e3:e6:32:58:20:23:19:ab:b7:
3d:28:6c:7b:85:b5:a2:f1:df:7a:ff:70:65:a8:8e:
bf:94:fb:80:f7:3f:4f:82:ff:f9:64:15:8b:38:d3:
36:b7:fe:c7:e3:33:dd:eb:1f:e4:a0:86:6f:82:2b:
35:8a:d2:bb:0d:82:05:f9:dc:c7:b0:39:b6:79:78:
58:c7:42:ee:d9:92:bf:85:1f:85:31:0f:fc:29:f9:
21:9f:d2:06:c2:87:cc:d1:53:4f:a7:14:70:bb:1f:
f3:54:ab:36:c6:a0:5d:b4:44:c6:e6:a8:aa:8c:6f:
e0:f6:38:8b:64:58:ec:05:c2:56:b2:d3:db:8c:9d:
0b:c9:ca:a9:89:ad:a4:7b:b7:cd:f9:0f:00:af:71:
8c:2d:05:3e:9c:b1:b9:28:b8:c6:47:41:c4:71:9e:
fa:8c:ee:b6:8d:91:2c:7d:24:c0:2f:8b:68:31:4f:
61:4f:c1:bf:6e:f1:07:eb:3b:c1:6d:00:b6:f7:a2:
1b:75:1d:86:53:ab:a9:44:0c:a2:44:ed:a8:c7:3a:
b7:df:f3:04:90:95:0e:09:1f:33:fd:11:55:67:93:
6a:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:74:C7:47:72:6F:DD:1A:53:0B:33:4B:03:CE:60:61:94:C3:FD:3E
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/1098A1EA554B11F18C6C4804CF1D38B0.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.194.228.0/22
154.217.224.0/21
154.222.88.0/21
Signature Algorithm: sha256WithRSAEncryption
98:be:9c:1e:21:0e:d5:07:bf:24:c6:50:69:b0:e0:08:85:42:
9e:c6:37:2f:60:2e:c2:81:c1:89:45:cf:8e:da:b0:e4:a7:4c:
b6:fa:40:8a:99:dc:42:bc:f7:ea:7a:b1:a5:75:ba:c1:01:23:
64:6d:75:36:4d:80:9d:4b:92:b2:b7:74:b5:a7:e3:e4:b7:0a:
6e:10:da:9a:d7:94:6e:32:d6:59:e3:d1:75:53:6b:02:20:4c:
23:92:4f:fd:b0:d9:b2:09:c0:9b:c0:52:de:77:af:dd:95:7f:
1f:1c:b7:c5:a5:82:32:b6:8b:ba:03:37:00:f7:3f:a9:a3:58:
19:fa:a1:7a:ff:bf:d6:f4:64:6a:d5:be:df:e5:f2:9c:77:62:
e9:87:33:d2:b9:5c:40:36:03:4f:3e:67:72:da:49:b0:5b:d6:
b4:39:dc:06:91:96:dc:21:c2:05:62:dc:21:eb:fd:03:1b:46:
d4:37:b4:ba:7c:59:a2:e4:31:77:3b:83:e8:46:b3:dd:bd:c9:
56:54:01:e2:89:eb:52:a5:16:98:52:2f:e6:d0:81:e0:f7:a6:
b6:66:ba:c1:18:5d:ef:d5:40:12:67:03:0b:77:f7:8e:a8:f2:
f4:e3:0c:4a:47:d6:4e:c0:4b:b0:6a:e1:5e:fe:63:6a:e1:a3:
24:a0:35:ce
-----BEGIN CERTIFICATE-----
MIIFkDCCBHigAwIBAgIDAc3DMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjYwNTIxMTkyNzA3WhcNMjkwNTIxMTkyNzA3WjAYMRYw
FAYDVQQDEw02YTBmNWM5MC00N2QyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAymnqiR77YQ0mEOCnMKs33tSlI5xzjpuNCfSy7lZaeDVV2YPj5jJYICMZ
q7c9KGx7hbWi8d96/3BlqI6/lPuA9z9Pgv/5ZBWLONM2t/7H4zPd6x/koIZvgis1
itK7DYIF+dzHsDm2eXhYx0Lu2ZK/hR+FMQ/8Kfkhn9IGwofM0VNPpxRwux/zVKs2
xqBdtETG5qiqjG/g9jiLZFjsBcJWstPbjJ0Lycqpia2ke7fN+Q8Ar3GMLQU+nLG5
KLjGR0HEcZ76jO62jZEsfSTAL4toMU9hT8G/bvEH6zvBbQC296IbdR2GU6upRAyi
RO2oxzq33/MEkJUOCR8z/RFVZ5Nq6wIDAQABo4ICsTCCAq0wHQYDVR0OBBYEFIN0
x0dyb90aUwszSwPOYGGUw/0+MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8xMDk4QTFFQTU1NEIxMUYxOEM2QzQ4MDRDRjFEMzhCMC5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCmsLkAwQDmtngAwQDmt5Y
MA0GCSqGSIb3DQEBCwUAA4IBAQCYvpweIQ7VB78kxlBpsOAIhUKexjcvYC7CgcGJ
Rc+O2rDkp0y2+kCKmdxCvPfqerGldbrBASNkbXU2TYCdS5Kyt3S1p+PktwpuENqa
15RuMtZZ49F1U2sCIEwjkk/9sNmyCcCbwFLed6/dlX8fHLfFpYIytou6AzcA9z+p
o1gZ+qF6/7/W9GRq1b7f5fKcd2LphzPSuVxANgNPPmdy2kmwW9a0OdwGkZbcIcIF
Ytwh6/0DG0bUN7S6fFmi5DF3O4PoRrPdvclWVAHiietSpRaYUi/m0IHg96a2ZrrB
GF3v1UASZwMLd/eOqPL04wxKR9ZOwEuwauFe/mNq4aMkoDXO
-----END CERTIFICATE-----
Generated at Tue Jun 2 21:43:08 2026 by rpki-client