Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/3BF89B0459A811F1AAB337A7CE1D38B0.roa
File: 3BF89B0459A811F1AAB337A7CE1D38B0.roa (raw, json)
Hash identifier: w9d7T7/kTfve64a+/WXxnWyZpPoiEIsjrV8cVMi0Ipo=
Subject key identifier: E1:FA:1F:6B:95:B1:73:BD:ED:7F:5B:D3:2E:CA:0B:F5:63:B4:44:43
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01CFF3
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/3BF89B0459A811F1AAB337A7CE1D38B0.roa
Signing time: Wed 27 May 2026 08:44:12 +0000
ROA not before: Wed 27 May 2026 08:44:08 +0000
ROA not after: Sat 04 Jul 2026 08:44:08 +0000
asID: 17497
IP address blocks: 154.203.32.0/19 maxlen: 24
154.203.32.0/20 maxlen: 24
154.203.32.0/21 maxlen: 24
154.203.32.0/22 maxlen: 24
154.203.32.0/23 maxlen: 24
154.203.32.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 13 Jun 2026 00:07:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 118771 (0x1cff3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: May 27 08:44:08 2026 GMT
Not After : Jul 4 08:44:08 2026 GMT
Subject: CN=6a16aedc-74a6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:c9:06:a0:2d:4b:22:09:f4:41:bf:63:08:6c:
72:46:18:92:6e:50:9a:e7:08:e6:6f:a6:7b:9b:d5:
84:cf:54:f2:78:fb:a1:12:94:31:17:9d:88:6f:e0:
00:a1:e3:58:8e:0a:6f:70:ff:90:1a:46:1c:db:a4:
90:95:45:15:f1:59:4e:ae:0c:de:66:4d:b4:6d:fb:
bb:ae:51:8d:e2:21:39:9b:40:a8:bc:66:f8:f2:ee:
33:f5:9c:16:07:79:7b:f2:93:d9:5e:17:33:0c:40:
af:7d:99:18:15:dc:4b:00:76:4c:38:c0:a3:6b:4d:
7d:b3:39:df:ea:fc:d9:09:44:ad:66:10:87:b3:e4:
25:74:22:92:62:0a:24:28:eb:cc:e8:bd:f7:ac:6e:
42:88:2c:ca:a0:cd:90:be:05:16:c8:4e:18:6f:f0:
30:1f:45:1c:ea:b9:6d:7a:b9:82:69:1b:55:db:ed:
01:d0:5f:fe:b6:29:0e:e7:66:36:0c:59:9a:e2:c7:
c9:a9:63:4a:24:47:60:fb:0b:c4:be:be:c1:1b:56:
9c:45:fb:9a:fa:0e:7b:d0:41:82:2c:85:20:6e:fe:
96:bc:47:59:39:e5:a3:7f:dc:55:04:b8:24:a5:4c:
d0:01:da:58:66:4f:ab:4f:77:a6:7f:3c:06:d9:e4:
f1:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:FA:1F:6B:95:B1:73:BD:ED:7F:5B:D3:2E:CA:0B:F5:63:B4:44:43
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/3BF89B0459A811F1AAB337A7CE1D38B0.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.203.32.0/19
Signature Algorithm: sha256WithRSAEncryption
38:11:19:98:df:f9:f6:41:4f:6e:0d:63:c1:ad:09:d7:7e:2d:
22:2f:9b:a1:91:da:ac:ae:f9:3d:fb:9e:5a:e2:c6:7a:2a:66:
90:a1:ed:bd:3b:e8:f3:dd:e2:87:c4:48:f1:24:b3:e9:57:91:
70:6a:8c:de:d4:f3:76:72:5f:8c:05:d2:0e:75:0d:28:5d:28:
e1:b9:91:ef:1f:e9:dd:05:e8:17:1d:f4:5e:3b:48:90:92:19:
b8:96:90:14:b4:bc:b9:2f:4c:cb:bf:06:47:3e:be:7d:4c:2d:
5e:f2:cb:f3:28:ce:60:60:80:25:04:ea:16:03:0a:ef:01:1b:
62:2a:9d:e0:ee:91:18:66:4b:79:a3:aa:7a:a9:b3:c2:8e:88:
4a:08:6f:19:76:2e:71:34:64:ff:63:4d:41:0e:6a:28:16:43:
b7:c6:d7:7f:ae:83:c4:03:75:f8:93:c0:16:e7:20:40:aa:2f:
80:ab:34:08:5e:cc:ab:f6:e1:4c:6e:3f:02:92:2c:bc:02:5b:
db:4d:25:93:21:2d:1e:96:23:1d:cd:eb:c5:3c:50:6d:45:62:
85:c0:91:ff:2d:63:dd:8e:5c:49:c7:85:d3:fa:6a:2a:2f:69:
28:ef:f9:68:3f:18:ef:84:31:b9:09:10:67:ce:50:a7:4c:cf:
12:e9:1e:bd
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAc/zMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjYwNTI3MDg0NDA4WhcNMjYwNzA0MDg0NDA4WjAYMRYw
FAYDVQQDEw02YTE2YWVkYy03NGE2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA0ckGoC1LIgn0Qb9jCGxyRhiSblCa5wjmb6Z7m9WEz1TyePuhEpQxF52I
b+AAoeNYjgpvcP+QGkYc26SQlUUV8VlOrgzeZk20bfu7rlGN4iE5m0CovGb48u4z
9ZwWB3l78pPZXhczDECvfZkYFdxLAHZMOMCja019sznf6vzZCUStZhCHs+QldCKS
YgokKOvM6L33rG5CiCzKoM2QvgUWyE4Yb/AwH0Uc6rltermCaRtV2+0B0F/+tikO
52Y2DFma4sfJqWNKJEdg+wvEvr7BG1acRfua+g570EGCLIUgbv6WvEdZOeWjf9xV
BLgkpUzQAdpYZk+rT3emfzwG2eTx/QIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFOH6
H2uVsXO97X9b0y7KC/VjtERDMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8zQkY4OUIwNDU5QTgxMUYxQUFCMzM3QTdDRTFEMzhCMC5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQFmssgMA0GCSqGSIb3DQEB
CwUAA4IBAQA4ERmY3/n2QU9uDWPBrQnXfi0iL5uhkdqsrvk9+55a4sZ6KmaQoe29
O+jz3eKHxEjxJLPpV5Fwaoze1PN2cl+MBdIOdQ0oXSjhuZHvH+ndBegXHfReO0iQ
khm4lpAUtLy5L0zLvwZHPr59TC1e8svzKM5gYIAlBOoWAwrvARtiKp3g7pEYZkt5
o6p6qbPCjohKCG8Zdi5xNGT/Y01BDmooFkO3xtd/roPEA3X4k8AW5yBAqi+AqzQI
Xsyr9uFMbj8Ckiy8AlvbTSWTIS0eliMdzevFPFBtRWKFwJH/LWPdjlxJx4XT+moq
L2ko7/loPxjvhDG5CRBnzlCnTM8S6R69
-----END CERTIFICATE-----
Generated at Thu Jun 11 11:56:38 2026 by rpki-client