Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/14FBE884551711F1A3DB02CFCE1D38B0.roa
File: 14FBE884551711F1A3DB02CFCE1D38B0.roa (raw, json)
Hash identifier: MEOBapS8PxnQYr2wBg1MPm37tz3c+rBSOeKdOZ+hM/8=
Subject key identifier: CC:FD:8D:C9:02:5B:73:D9:9E:65:1A:8D:D8:5C:6B:DC:BA:48:9B:76
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01CD6C
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/14FBE884551711F1A3DB02CFCE1D38B0.roa
Signing time: Thu 21 May 2026 13:15:05 +0000
ROA not before: Thu 21 May 2026 13:15:01 +0000
ROA not after: Wed 19 Aug 2026 13:15:01 +0000
asID: 137951
IP address blocks: 154.221.8.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Thu 04 Jun 2026 00:07:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 118124 (0x1cd6c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: May 21 13:15:01 2026 GMT
Not After : Aug 19 13:15:01 2026 GMT
Subject: CN=6a0f0559-86de
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:fb:cc:b8:3f:46:e0:d9:6e:71:c0:bf:2c:13:
7b:d1:22:80:ae:3f:bf:6a:15:03:42:36:9f:7f:86:
8e:c0:08:0e:6a:c5:fd:30:9f:a9:0f:35:51:aa:9d:
70:de:e3:b3:e1:93:23:4f:de:75:69:3c:c4:ff:43:
5a:aa:46:fb:32:15:0b:b4:9d:b6:2b:e1:b2:b1:c4:
eb:b4:26:3b:59:20:cf:29:bf:2c:22:ab:37:89:e7:
a5:ff:f7:1a:93:7b:6b:f3:04:46:7f:26:81:3d:f3:
30:60:b6:48:6d:dd:f8:37:64:df:d7:fd:94:ce:29:
fe:80:7c:b7:90:1f:34:f5:81:c4:05:55:d0:c5:41:
2d:f5:27:f6:45:6d:65:21:de:c9:5f:1b:10:b5:58:
fb:1c:38:8a:72:df:07:0d:72:d6:75:c0:0e:53:c6:
ec:9e:e3:a9:cd:97:7d:86:cf:aa:f2:d1:e4:75:25:
5c:15:7b:8e:31:4b:9f:92:e9:06:f0:b9:ba:f4:2e:
d2:81:e1:50:68:2a:d3:94:3f:f2:a4:24:48:f7:5a:
2c:81:0b:8d:e5:17:3a:42:63:24:f4:68:94:ca:21:
12:f6:19:c9:6a:e2:0b:a2:f2:66:82:7e:c1:a4:12:
b0:0a:73:ba:bc:c0:9f:be:c8:02:25:bc:6d:73:d4:
a4:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:FD:8D:C9:02:5B:73:D9:9E:65:1A:8D:D8:5C:6B:DC:BA:48:9B:76
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/14FBE884551711F1A3DB02CFCE1D38B0.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.221.8.0/21
Signature Algorithm: sha256WithRSAEncryption
ae:c9:5b:34:05:53:29:cf:13:76:a9:e2:2f:44:c4:9b:a9:e8:
26:1d:5f:b2:5a:32:e2:74:92:8b:7b:3d:fa:fa:c0:ab:12:91:
a7:53:2f:ca:e7:2b:fc:70:a3:85:5e:b0:79:94:77:71:7a:1d:
a6:ef:7a:02:e3:78:f4:55:8e:f2:ae:12:e7:39:1a:a2:40:51:
73:8d:f4:d7:ba:55:22:13:00:75:d0:7e:12:b9:9a:1c:cd:b1:
0f:fe:43:c0:9d:7c:ed:05:3a:bc:74:db:01:10:a3:c6:d5:eb:
46:8d:ed:f4:9b:2b:c0:73:33:03:61:25:5c:53:a7:fd:cf:ea:
e5:30:de:b4:de:e5:7d:71:f0:b3:48:2e:97:d2:85:6c:2f:b9:
41:27:cd:b4:9b:7b:6e:5f:a0:7b:85:35:6b:8c:53:46:23:a5:
bf:fa:cd:62:be:c4:9c:ad:1b:47:50:7c:bc:82:fa:13:0a:fe:
66:d9:71:11:c7:be:00:52:5f:dd:e6:fc:ef:38:02:12:f8:aa:
1a:23:f0:73:a8:a7:80:1e:5c:08:01:b8:60:43:59:00:67:da:
70:84:3c:ac:7f:fa:a7:59:12:fe:db:ac:48:ba:f7:a4:af:85:
c9:0a:40:33:b9:89:0b:f3:82:a7:8c:16:f2:1b:27:12:c0:6e:
4b:82:07:ec
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAc1sMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjYwNTIxMTMxNTAxWhcNMjYwODE5MTMxNTAxWjAYMRYw
FAYDVQQDEw02YTBmMDU1OS04NmRlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAy/vMuD9G4NluccC/LBN70SKArj+/ahUDQjaff4aOwAgOasX9MJ+pDzVR
qp1w3uOz4ZMjT951aTzE/0Naqkb7MhULtJ22K+GyscTrtCY7WSDPKb8sIqs3ieel
//cak3tr8wRGfyaBPfMwYLZIbd34N2Tf1/2Uzin+gHy3kB809YHEBVXQxUEt9Sf2
RW1lId7JXxsQtVj7HDiKct8HDXLWdcAOU8bsnuOpzZd9hs+q8tHkdSVcFXuOMUuf
kukG8Lm69C7SgeFQaCrTlD/ypCRI91osgQuN5Rc6QmMk9GiUyiES9hnJauILovJm
gn7BpBKwCnO6vMCfvsgCJbxtc9SkQQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFMz9
jckCW3PZnmUajdhca9y6SJt2MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8xNEZCRTg4NDU1MTcxMUYxQTNEQjAyQ0ZDRTFEMzhCMC5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDmt0IMA0GCSqGSIb3DQEB
CwUAA4IBAQCuyVs0BVMpzxN2qeIvRMSbqegmHV+yWjLidJKLez36+sCrEpGnUy/K
5yv8cKOFXrB5lHdxeh2m73oC43j0VY7yrhLnORqiQFFzjfTXulUiEwB10H4SuZoc
zbEP/kPAnXztBTq8dNsBEKPG1etGje30myvAczMDYSVcU6f9z+rlMN603uV9cfCz
SC6X0oVsL7lBJ820m3tuX6B7hTVrjFNGI6W/+s1ivsScrRtHUHy8gvoTCv5m2XER
x74AUl/d5vzvOAIS+KoaI/BzqKeAHlwIAbhgQ1kAZ9pwhDysf/qnWRL+26xIuvek
r4XJCkAzuYkL84KnjBbyGycSwG5Lggfs
-----END CERTIFICATE-----
Generated at Tue Jun 2 21:35:56 2026 by rpki-client