Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/20C7CEB6584211F1B5E5761DCF1D38B0.roa
File: 20C7CEB6584211F1B5E5761DCF1D38B0.roa (raw, json)
Hash identifier: J0bIvIPKuhwYh8HEbCWVeFXlG2RMae87Ysk2X+FHXkY=
Subject key identifier: 8D:84:22:26:D7:7C:C1:2F:84:12:A6:CA:12:85:47:FB:0C:80:C2:6A
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01CF85
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/20C7CEB6584211F1B5E5761DCF1D38B0.roa
Signing time: Mon 25 May 2026 14:00:47 +0000
ROA not before: Mon 25 May 2026 14:00:42 +0000
ROA not after: Wed 19 Aug 2026 14:00:42 +0000
asID: 152849
IP address blocks: 154.91.48.0/20 maxlen: 24
154.91.176.0/20 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Thu 04 Jun 2026 00:07:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 118661 (0x1cf85)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: May 25 14:00:42 2026 GMT
Not After : Aug 19 14:00:42 2026 GMT
Subject: CN=6a14560f-428c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:a4:31:3d:3b:a1:e4:f2:3a:91:98:ac:8c:0e:
06:66:5d:0c:92:6a:c9:ae:db:13:81:08:b2:a9:e7:
43:63:d3:4c:b0:b8:be:5c:94:bc:78:42:89:d2:82:
7b:d6:5d:0f:a5:82:71:c3:18:22:e0:3b:25:c9:4d:
59:64:4c:f8:70:04:ce:ba:a6:4a:aa:6d:fb:7a:49:
ca:3d:22:46:87:08:a4:ab:91:4d:dd:b3:39:df:b1:
d1:b3:ca:bc:26:2b:ba:a5:27:ee:fe:2f:10:1c:60:
38:1e:11:10:3e:27:3c:52:28:b4:c9:77:6d:99:5c:
56:a7:03:f6:74:e5:0a:90:db:b3:65:0b:97:26:b9:
80:c4:56:d4:8c:09:2e:27:c9:21:1b:19:75:15:52:
50:c4:48:e2:c1:c4:59:6a:07:b7:c6:34:ab:f4:ff:
4d:75:e4:eb:01:36:4d:a1:ac:5a:3b:85:a9:c6:e7:
6f:12:27:f1:97:43:1c:38:37:cf:ed:c9:46:94:5b:
af:f5:fd:4f:a8:d8:83:37:d6:d6:23:54:7e:b2:60:
8f:bf:6c:77:ba:95:bf:e3:12:f5:7f:0a:60:61:70:
23:e8:72:96:7c:52:47:7a:f6:2b:fc:87:cd:52:c4:
68:21:32:4d:d2:07:0e:ad:e0:33:18:19:d9:f9:3f:
02:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:84:22:26:D7:7C:C1:2F:84:12:A6:CA:12:85:47:FB:0C:80:C2:6A
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/20C7CEB6584211F1B5E5761DCF1D38B0.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.91.48.0/20
154.91.176.0/20
Signature Algorithm: sha256WithRSAEncryption
22:ab:8c:32:bc:35:e9:9a:f0:ac:68:18:95:86:e0:73:26:58:
fc:51:38:dd:f3:61:cb:28:9d:15:34:25:c4:a0:09:e4:b2:5e:
50:f8:24:ae:de:36:7f:02:8e:ab:3e:40:d7:44:e2:f5:5f:3f:
58:45:ef:5e:41:86:a9:9d:91:7a:a2:d8:0f:44:18:95:4d:37:
63:ea:a1:56:23:fb:de:a9:08:a7:ca:6e:59:62:85:91:7e:7e:
9b:61:0f:e7:dd:e9:e4:70:1d:a3:0d:a8:27:ed:04:9f:72:1e:
fd:99:f1:d8:20:b9:16:9c:e0:45:83:3e:fb:06:f1:b2:1b:f3:
77:b9:96:2e:77:9e:e8:64:f0:b2:13:fd:0d:de:f8:8a:73:33:
07:d0:aa:53:30:b5:52:45:b7:a0:b8:14:de:eb:3a:ea:f4:54:
29:ae:ee:f7:24:1c:3c:b4:83:a9:02:6c:ab:6b:ed:0d:4b:cd:
c8:e1:24:41:cd:46:51:13:cc:11:76:a7:68:ee:a5:13:1c:5a:
8d:94:4b:fd:d5:ea:a1:6c:bf:cd:c2:7e:ce:bf:7a:55:d1:e7:
13:90:84:7b:6f:9e:8c:6c:8a:d7:49:d6:13:79:bc:45:0f:cc:
68:5d:06:56:69:da:0a:f5:d0:2e:f8:bc:a0:b7:51:e5:fe:da:
e0:87:0b:b3
-----BEGIN CERTIFICATE-----
MIIFijCCBHKgAwIBAgIDAc+FMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjYwNTI1MTQwMDQyWhcNMjYwODE5MTQwMDQyWjAYMRYw
FAYDVQQDEw02YTE0NTYwZi00MjhjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAn6QxPTuh5PI6kZisjA4GZl0MkmrJrtsTgQiyqedDY9NMsLi+XJS8eEKJ
0oJ71l0PpYJxwxgi4DslyU1ZZEz4cATOuqZKqm37eknKPSJGhwikq5FN3bM537HR
s8q8Jiu6pSfu/i8QHGA4HhEQPic8Uii0yXdtmVxWpwP2dOUKkNuzZQuXJrmAxFbU
jAkuJ8khGxl1FVJQxEjiwcRZage3xjSr9P9NdeTrATZNoaxaO4WpxudvEifxl0Mc
ODfP7clGlFuv9f1PqNiDN9bWI1R+smCPv2x3upW/4xL1fwpgYXAj6HKWfFJHevYr
/IfNUsRoITJN0gcOreAzGBnZ+T8CBwIDAQABo4ICqzCCAqcwHQYDVR0OBBYEFI2E
IibXfMEvhBKmyhKFR/sMgMJqMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8yMEM3Q0VCNjU4NDIxMUYxQjVFNTc2MURDRjFEMzhCMC5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQEmlswAwQEmluwMA0GCSqG
SIb3DQEBCwUAA4IBAQAiq4wyvDXpmvCsaBiVhuBzJlj8UTjd82HLKJ0VNCXEoAnk
sl5Q+CSu3jZ/Ao6rPkDXROL1Xz9YRe9eQYapnZF6otgPRBiVTTdj6qFWI/veqQin
ym5ZYoWRfn6bYQ/n3enkcB2jDagn7QSfch79mfHYILkWnOBFgz77BvGyG/N3uZYu
d57oZPCyE/0N3viKczMH0KpTMLVSRbeguBTe6zrq9FQpru73JBw8tIOpAmyra+0N
S83I4SRBzUZRE8wRdqdo7qUTHFqNlEv91eqhbL/Nwn7Ov3pV0ecTkIR7b56MbIrX
SdYTebxFD8xoXQZWadoK9dAu+Lygt1Hl/trghwuz
-----END CERTIFICATE-----
Generated at Tue Jun 2 21:28:41 2026 by rpki-client