Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/3217BD6A5B2711F196B02BBECE1D38B0.roa
File: 3217BD6A5B2711F196B02BBECE1D38B0.roa (raw, json)
Hash identifier: Zj0BIer4SJt6DFFfjdc+iGVyEMAzECayTeLpRIObeS8=
Subject key identifier: 13:A3:7D:9E:4B:6F:F8:E9:E5:3E:54:0A:95:B3:4C:92:EF:66:0A:D8
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01D033
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/3217BD6A5B2711F196B02BBECE1D38B0.roa
Signing time: Fri 29 May 2026 06:25:33 +0000
ROA not before: Fri 29 May 2026 06:25:28 +0000
ROA not after: Tue 07 Jul 2026 06:25:28 +0000
asID: 202656
IP address blocks: 154.203.230.0/24 maxlen: 24
154.203.231.0/24 maxlen: 24
154.203.250.0/24 maxlen: 24
154.203.251.0/24 maxlen: 24
154.210.237.0/24 maxlen: 24
154.218.30.0/24 maxlen: 24
154.219.16.0/24 maxlen: 24
154.219.64.0/24 maxlen: 24
154.219.65.0/24 maxlen: 24
154.219.66.0/24 maxlen: 24
154.219.67.0/24 maxlen: 24
154.219.68.0/24 maxlen: 24
154.219.69.0/24 maxlen: 24
154.219.70.0/24 maxlen: 24
154.219.76.0/24 maxlen: 24
154.219.77.0/24 maxlen: 24
154.219.78.0/24 maxlen: 24
154.219.80.0/24 maxlen: 24
154.219.81.0/24 maxlen: 24
154.219.82.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 06 Jun 2026 00:07:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 118835 (0x1d033)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: May 29 06:25:28 2026 GMT
Not After : Jul 7 06:25:28 2026 GMT
Subject: CN=6a19315d-f619
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:4b:98:f5:a4:a1:b0:9f:02:59:ec:25:c2:08:
33:2c:04:6c:e6:1e:0d:e0:24:44:6f:2a:36:d5:fe:
ae:88:30:af:8f:d5:a4:5d:90:6f:ac:fc:26:5d:ef:
06:d2:bf:e6:9a:4c:3b:29:13:42:44:56:8d:b4:8f:
6c:05:48:1d:93:fe:1c:17:5f:04:af:36:49:6c:a5:
a3:d3:8a:de:30:92:4a:13:c4:34:95:cd:30:3d:81:
d8:32:78:2e:02:94:9e:56:54:80:5e:83:86:f2:e7:
df:ed:dc:29:cf:50:7b:d1:e7:7f:75:04:cb:c5:17:
9f:58:81:87:0e:a5:86:dc:d7:09:38:22:2e:a0:c1:
3c:4a:3c:df:87:a0:d1:8e:9f:0c:46:3c:48:e3:ac:
a0:ae:48:e4:6b:8c:0e:93:7d:f6:2b:74:25:17:ab:
19:c9:de:cf:d2:f6:07:28:ab:25:9f:44:91:0b:8f:
85:66:42:83:af:ca:33:a2:30:7c:57:e4:6f:32:43:
df:ce:45:ef:34:c9:df:19:e1:4e:73:53:05:0a:1c:
5b:56:c6:2f:f3:bb:64:b7:99:5a:35:2a:7c:2b:f9:
ed:78:85:df:ab:c6:b4:46:cb:97:f1:46:a4:66:1d:
80:1a:b0:89:1c:9a:53:be:b1:a6:06:31:03:63:e6:
12:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
13:A3:7D:9E:4B:6F:F8:E9:E5:3E:54:0A:95:B3:4C:92:EF:66:0A:D8
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/3217BD6A5B2711F196B02BBECE1D38B0.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.203.230.0/23
154.203.250.0/23
154.210.237.0/24
154.218.30.0/24
154.219.16.0/24
154.219.64.0-154.219.70.255
154.219.76.0-154.219.78.255
154.219.80.0-154.219.82.255
Signature Algorithm: sha256WithRSAEncryption
84:bc:72:78:c5:c4:c4:76:88:10:94:26:89:c9:27:19:f6:72:
70:96:29:37:45:92:14:2b:69:ac:e6:58:0f:b4:0c:4f:34:f6:
bf:84:c2:e3:60:fc:f6:03:1e:f9:a8:bc:cb:7e:00:fa:b6:cd:
69:9a:c3:5c:ce:13:52:a1:72:26:d7:cd:74:86:5b:bb:cb:86:
68:da:2c:13:7a:f8:ed:52:53:f0:f5:eb:d7:b5:ba:e4:55:5b:
64:b0:f2:75:b9:ac:c8:21:22:b4:6a:67:cb:d1:44:2c:c7:f7:
d5:ae:4f:d2:7e:d3:09:a8:4e:8e:9d:96:1b:f0:75:0f:c6:b8:
b5:48:df:e6:65:2a:fc:c4:85:6b:76:90:99:5b:0f:58:02:37:
9c:23:a1:05:76:9d:c1:e3:a1:75:d4:9c:bd:ca:73:48:68:d2:
54:bd:60:bb:fb:3b:79:fb:a3:2e:c1:e9:b3:79:9d:b4:b6:63:
9a:3c:78:01:4c:9d:ee:1a:73:2b:e2:53:63:90:8e:f7:72:4c:
66:c5:3b:39:3c:4b:5f:ce:29:55:ff:29:16:02:9b:12:3d:b3:
56:f3:58:4d:77:14:a0:01:85:39:fb:d0:d4:4a:d2:78:10:a1:
7a:fc:94:61:47:68:87:70:91:c5:47:8a:ec:e2:3f:62:cc:60:
c4:a4:14:51
-----BEGIN CERTIFICATE-----
MIIFxjCCBK6gAwIBAgIDAdAzMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjYwNTI5MDYyNTI4WhcNMjYwNzA3MDYyNTI4WjAYMRYw
FAYDVQQDEw02YTE5MzE1ZC1mNjE5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEApEuY9aShsJ8CWewlwggzLARs5h4N4CREbyo21f6uiDCvj9WkXZBvrPwm
Xe8G0r/mmkw7KRNCRFaNtI9sBUgdk/4cF18ErzZJbKWj04reMJJKE8Q0lc0wPYHY
MnguApSeVlSAXoOG8uff7dwpz1B70ed/dQTLxRefWIGHDqWG3NcJOCIuoME8Sjzf
h6DRjp8MRjxI46ygrkjka4wOk332K3QlF6sZyd7P0vYHKKsln0SRC4+FZkKDr8oz
ojB8V+RvMkPfzkXvNMnfGeFOc1MFChxbVsYv87tkt5laNSp8K/nteIXfq8a0RsuX
8UakZh2AGrCJHJpTvrGmBjEDY+YSfwIDAQABo4IC5zCCAuMwHQYDVR0OBBYEFBOj
fZ5Lb/jp5T5UCpWzTJLvZgrYMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8zMjE3QkQ2QTVCMjcxMUYxOTZCMDJCQkVDRTFEMzhCMC5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMGEGCCsGAQUFBwEHAQH/BFIwUDBOBAIAATBIAwQBmsvmAwQBmsv6AwQAmtLt
AwQAmtoeAwQAmtsQMAwDBAaa20ADBACa20YwDAMEAprbTAMEAJrbTjAMAwQEmttQ
AwQAmttSMA0GCSqGSIb3DQEBCwUAA4IBAQCEvHJ4xcTEdogQlCaJyScZ9nJwlik3
RZIUK2ms5lgPtAxPNPa/hMLjYPz2Ax75qLzLfgD6ts1pmsNczhNSoXIm1810hlu7
y4Zo2iwTevjtUlPw9evXtbrkVVtksPJ1uazIISK0amfL0UQsx/fVrk/SftMJqE6O
nZYb8HUPxri1SN/mZSr8xIVrdpCZWw9YAjecI6EFdp3B46F11Jy9ynNIaNJUvWC7
+zt5+6MuwemzeZ20tmOaPHgBTJ3uGnMr4lNjkI73ckxmxTs5PEtfzilV/ykWApsS
PbNW81hNdxSgAYU5+9DUStJ4EKF6/JRhR2iHcJHFR4rs4j9izGDEpBRR
-----END CERTIFICATE-----
Generated at Thu Jun 4 07:57:31 2026 by rpki-client