Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/2B11C9546A4311F1A127FD0ECF1D38B0.roa
File: 2B11C9546A4311F1A127FD0ECF1D38B0.roa (raw, json)
Hash identifier: RcEyZxzlL5hBDQpBAOqJeuddiAM5oEesdW5RO7Yxcns=
Subject key identifier: 40:CD:01:8C:A1:50:21:19:6A:E6:A9:FA:54:B4:A2:67:53:03:97:63
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01D3B6
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/2B11C9546A4311F1A127FD0ECF1D38B0.roa
Signing time: Wed 17 Jun 2026 11:53:35 +0000
ROA not before: Wed 17 Jun 2026 11:53:30 +0000
ROA not after: Fri 24 Jul 2026 11:53:30 +0000
asID: 139923
IP address blocks: 154.217.240.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Thu 25 Jun 2026 14:14:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 119734 (0x1d3b6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jun 17 11:53:30 2026 GMT
Not After : Jul 24 11:53:30 2026 GMT
Subject: CN=6a328abe-6398
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:c1:6d:00:68:36:52:4a:3e:5a:cd:75:00:51:
d6:06:55:89:18:ee:8e:3c:99:3a:4d:ed:22:1a:e8:
eb:a1:c7:aa:9f:f1:b1:ed:1c:4f:e2:85:d6:07:ef:
25:9f:9d:68:94:d0:b6:96:47:ca:89:18:41:12:e5:
3e:af:af:13:de:39:cc:a9:57:5c:7a:92:8e:77:46:
76:84:ac:85:d3:ac:4b:f9:94:d6:6b:a3:9d:79:5d:
a2:04:71:26:c9:3a:2f:b4:55:19:82:db:71:b1:42:
c2:35:90:ea:48:9a:57:9f:96:05:13:2c:b1:5f:23:
7b:55:c8:5d:d7:b3:61:ea:9a:48:fe:95:d5:1e:28:
9d:ea:8c:c4:a2:c1:4b:53:9d:5f:66:b9:99:72:d2:
74:65:9c:78:05:ff:4e:7e:3e:1c:f2:8f:c0:88:6a:
82:46:54:21:83:22:23:b4:08:5e:14:bd:50:a9:0d:
13:0a:d4:c5:66:bc:45:10:cf:7c:96:36:41:25:cb:
47:e8:16:54:1f:a1:94:57:45:3f:ee:9e:24:99:1e:
a6:da:93:d7:88:c8:22:09:1a:1d:b5:87:df:75:2b:
b4:85:67:66:fa:00:c6:53:2c:b5:bf:3e:84:38:8d:
c8:3a:c0:03:f6:81:e5:a5:3d:21:8f:47:fa:0c:d7:
5a:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:CD:01:8C:A1:50:21:19:6A:E6:A9:FA:54:B4:A2:67:53:03:97:63
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/2B11C9546A4311F1A127FD0ECF1D38B0.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.217.240.0/21
Signature Algorithm: sha256WithRSAEncryption
c7:9a:9c:f4:e2:7c:6b:53:7b:d5:14:25:d7:46:cf:8e:1f:46:
fb:f7:2e:98:46:5f:dd:15:c1:20:43:e5:c5:8e:29:d0:b8:b9:
1f:9c:fd:36:36:50:19:13:ee:55:d3:65:04:31:29:0c:2e:b6:
00:32:43:c1:72:b9:64:f3:22:04:04:de:9f:39:b3:fb:eb:ee:
0a:3e:b5:1a:bc:6a:65:e1:6d:81:5a:83:d1:57:94:a2:88:c8:
2c:0b:79:0c:84:3c:8b:0f:14:29:7d:ba:7d:c8:a7:c5:c5:59:
0e:77:96:e5:3d:e3:72:74:ae:b8:af:99:ec:47:5f:19:56:0e:
1b:b4:e7:23:40:e3:2f:b6:05:dc:3d:8d:33:8b:75:4d:2c:ac:
c6:b4:4a:b9:ff:c5:63:a2:b8:5e:12:73:0b:d7:90:95:a6:d2:
07:84:f7:e2:e1:d3:b3:ed:6e:a4:f6:6d:87:22:c1:d1:62:57:
16:8c:f7:2b:49:06:4a:98:01:68:ce:65:b9:1b:fb:02:81:a2:
2f:d3:ee:5d:fd:e1:4f:bf:c1:36:cc:56:09:ad:87:35:a9:15:
cf:a6:ec:2c:2f:48:d4:36:ae:31:a2:7c:a0:b1:aa:69:e0:12:
e5:f6:ba:2a:ca:dc:f2:46:b2:bc:0f:58:69:46:82:d9:f4:d3:
e2:d0:aa:95
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAdO2MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjYwNjE3MTE1MzMwWhcNMjYwNzI0MTE1MzMwWjAYMRYw
FAYDVQQDEw02YTMyOGFiZS02Mzk4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA0sFtAGg2Uko+Ws11AFHWBlWJGO6OPJk6Te0iGujroceqn/Gx7RxP4oXW
B+8ln51olNC2lkfKiRhBEuU+r68T3jnMqVdcepKOd0Z2hKyF06xL+ZTWa6OdeV2i
BHEmyTovtFUZgttxsULCNZDqSJpXn5YFEyyxXyN7Vchd17Nh6ppI/pXVHiid6ozE
osFLU51fZrmZctJ0ZZx4Bf9Ofj4c8o/AiGqCRlQhgyIjtAheFL1QqQ0TCtTFZrxF
EM98ljZBJctH6BZUH6GUV0U/7p4kmR6m2pPXiMgiCRodtYffdSu0hWdm+gDGUyy1
vz6EOI3IOsAD9oHlpT0hj0f6DNda/QIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFEDN
AYyhUCEZauap+lS0omdTA5djMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8yQjExQzk1NDZBNDMxMUYxQTEyN0ZEMEVDRjFEMzhCMC5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDmtnwMA0GCSqGSIb3DQEB
CwUAA4IBAQDHmpz04nxrU3vVFCXXRs+OH0b79y6YRl/dFcEgQ+XFjinQuLkfnP02
NlAZE+5V02UEMSkMLrYAMkPBcrlk8yIEBN6fObP76+4KPrUavGpl4W2BWoPRV5Si
iMgsC3kMhDyLDxQpfbp9yKfFxVkOd5blPeNydK64r5nsR18ZVg4btOcjQOMvtgXc
PY0zi3VNLKzGtEq5/8VjorheEnML15CVptIHhPfi4dOz7W6k9m2HIsHRYlcWjPcr
SQZKmAFozmW5G/sCgaIv0+5d/eFPv8E2zFYJrYc1qRXPpuwsL0jUNq4xonygsapp
4BLl9roqytzyRrK8D1hpRoLZ9NPi0KqV
-----END CERTIFICATE-----
Generated at Tue Jun 23 21:53:01 2026 by rpki-client