Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/34AB97C6528B11F1B26E1CD1CE1D38B0.roa
File: 34AB97C6528B11F1B26E1CD1CE1D38B0.roa (raw, json)
Hash identifier: ijY+Ks5N0xy/HCRn6+QyV7yPipeRmH6neVzd+9Asgvw=
Subject key identifier: 0D:07:56:89:5B:45:8A:7E:51:85:AA:04:CC:AA:D0:B9:F3:22:62:B5
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01CC49
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/34AB97C6528B11F1B26E1CD1CE1D38B0.roa
Signing time: Mon 18 May 2026 07:28:46 +0000
ROA not before: Mon 18 May 2026 07:28:41 +0000
ROA not after: Sat 08 Aug 2026 07:28:41 +0000
asID: 149014
IP address blocks: 154.223.168.0/22 maxlen: 24
154.223.176.0/22 maxlen: 24
154.223.180.0/22 maxlen: 24
154.223.188.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 06 Jun 2026 08:36:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 117833 (0x1cc49)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: May 18 07:28:41 2026 GMT
Not After : Aug 8 07:28:41 2026 GMT
Subject: CN=6a0abfae-68d6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:8b:29:08:a5:0b:1a:09:76:18:39:cc:74:6b:
71:e5:4c:ea:4b:1d:a7:ee:1e:1d:62:9f:41:17:0b:
f7:d4:96:be:4c:72:e8:44:99:42:69:5c:45:fc:df:
92:3b:39:5c:61:90:2a:64:e1:36:aa:47:08:85:2f:
69:c4:41:ad:37:aa:d5:f7:a1:28:95:82:cc:c3:67:
99:8d:22:cf:c0:b4:43:51:82:dc:ec:45:88:c2:7a:
27:e4:01:49:08:94:9f:b2:42:fb:32:8f:28:0f:ac:
68:b9:ed:12:a8:ac:8e:0a:6b:ac:ae:fa:6c:9c:52:
87:80:ad:e7:54:24:0e:e9:63:61:04:22:cf:62:ca:
8b:37:f6:de:0a:39:a0:70:34:cc:7d:89:f4:f4:19:
55:c7:b7:1e:8a:ec:ea:c0:cf:fb:65:c1:6c:d3:29:
df:4d:1e:48:fc:d6:81:d3:a3:f2:d7:4e:c1:62:6b:
e9:8e:b8:75:40:0a:db:ba:45:a7:0b:95:91:fb:a6:
14:20:4d:d7:56:52:2e:e5:88:26:1d:23:63:94:20:
4e:33:24:9b:96:33:00:16:8c:de:e1:91:47:7d:49:
7d:bd:3c:87:b2:47:06:ac:29:b4:6c:ee:83:ea:be:
c0:ec:b5:c6:c9:a8:41:a3:0f:ca:38:ec:ca:8c:16:
c7:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:07:56:89:5B:45:8A:7E:51:85:AA:04:CC:AA:D0:B9:F3:22:62:B5
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/34AB97C6528B11F1B26E1CD1CE1D38B0.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.223.168.0/22
154.223.176.0/21
154.223.188.0/22
Signature Algorithm: sha256WithRSAEncryption
9a:87:80:db:28:75:16:a1:0a:80:16:1c:82:a3:41:06:1d:83:
4a:1c:91:a6:ba:3a:1e:c0:19:88:e1:b3:be:1f:2f:96:86:2a:
b7:9c:f9:b9:13:65:29:67:f9:32:c2:18:6f:78:c2:1c:11:b0:
03:92:16:0d:b0:83:0d:89:cd:88:02:44:7a:4f:b4:24:10:c4:
be:54:7c:6a:21:ad:48:82:db:6c:49:8c:0a:91:9e:8f:ab:f8:
03:69:58:f8:4f:31:dd:51:ff:50:b6:33:65:91:eb:d1:87:93:
09:00:e7:d6:97:10:12:a3:df:13:9c:36:d3:77:8b:1e:28:0c:
e9:eb:ca:3a:23:c6:c6:36:14:47:89:36:60:c1:e6:66:ef:af:
8c:7b:f9:b7:d3:ad:d3:b5:f4:e1:a4:c0:b9:64:32:11:fb:a9:
2a:80:ec:90:16:0c:9f:f6:7b:dd:43:2e:79:29:87:0c:fd:fd:
58:22:35:de:4c:74:c6:ea:80:ba:a6:7b:8f:8a:d1:85:ff:2b:
8e:a2:46:24:94:54:9a:51:9a:92:e5:2d:d0:69:45:55:6a:bf:
75:18:57:9f:2c:41:78:91:f2:af:8c:d0:e4:67:a2:d8:63:04:
7f:4b:85:91:91:b6:69:68:8c:1b:bc:a8:db:ff:30:c4:79:d1:
da:5b:48:db
-----BEGIN CERTIFICATE-----
MIIFkDCCBHigAwIBAgIDAcxJMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjYwNTE4MDcyODQxWhcNMjYwODA4MDcyODQxWjAYMRYw
FAYDVQQDEw02YTBhYmZhZS02OGQ2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAzospCKULGgl2GDnMdGtx5UzqSx2n7h4dYp9BFwv31Ja+THLoRJlCaVxF
/N+SOzlcYZAqZOE2qkcIhS9pxEGtN6rV96EolYLMw2eZjSLPwLRDUYLc7EWIwnon
5AFJCJSfskL7Mo8oD6xoue0SqKyOCmusrvpsnFKHgK3nVCQO6WNhBCLPYsqLN/be
CjmgcDTMfYn09BlVx7ceiuzqwM/7ZcFs0ynfTR5I/NaB06Py107BYmvpjrh1QArb
ukWnC5WR+6YUIE3XVlIu5YgmHSNjlCBOMySbljMAFoze4ZFHfUl9vTyHskcGrCm0
bO6D6r7A7LXGyahBow/KOOzKjBbHKQIDAQABo4ICsTCCAq0wHQYDVR0OBBYEFA0H
VolbRYp+UYWqBMyq0LnzImK1MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8zNEFCOTdDNjUyOEIxMUYxQjI2RTFDRDFDRTFEMzhCMC5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCmt+oAwQDmt+wAwQCmt+8
MA0GCSqGSIb3DQEBCwUAA4IBAQCah4DbKHUWoQqAFhyCo0EGHYNKHJGmujoewBmI
4bO+Hy+Whiq3nPm5E2UpZ/kywhhveMIcEbADkhYNsIMNic2IAkR6T7QkEMS+VHxq
Ia1IgttsSYwKkZ6Pq/gDaVj4TzHdUf9QtjNlkevRh5MJAOfWlxASo98TnDbTd4se
KAzp68o6I8bGNhRHiTZgweZm76+Me/m3063TtfThpMC5ZDIR+6kqgOyQFgyf9nvd
Qy55KYcM/f1YIjXeTHTG6oC6pnuPitGF/yuOokYklFSaUZqS5S3QaUVVar91GFef
LEF4kfKvjNDkZ6LYYwR/S4WRkbZpaIwbvKjb/zDEedHaW0jb
-----END CERTIFICATE-----
Generated at Thu Jun 4 16:09:02 2026 by rpki-client