Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/3D996A6A5F6611F194270CFFCE1D38B0.roa
File: 3D996A6A5F6611F194270CFFCE1D38B0.roa (raw, json)
Hash identifier: doGRrfgNxAOD+fyIF5cuKMpoKaEdo9V3LxQzDwMmZoQ=
Subject key identifier: 1B:18:90:49:F7:A3:3C:98:85:BB:63:40:EF:B1:87:83:0C:7B:C5:76
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01D17D
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/3D996A6A5F6611F194270CFFCE1D38B0.roa
Signing time: Wed 03 Jun 2026 16:06:55 +0000
ROA not before: Wed 03 Jun 2026 16:06:51 +0000
ROA not after: Fri 10 Jul 2026 16:06:51 +0000
asID: 17497
IP address blocks: 154.90.174.0/23 maxlen: 24
154.90.174.0/24 maxlen: 24
154.90.175.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 13 Jun 2026 00:07:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 119165 (0x1d17d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jun 3 16:06:51 2026 GMT
Not After : Jul 10 16:06:51 2026 GMT
Subject: CN=6a20511f-ec96
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:0b:1b:c8:de:ff:1a:8e:c5:d7:65:c0:38:4a:
2c:2f:df:e7:a1:c0:02:51:15:8a:1d:b2:98:8a:77:
e8:df:96:e2:07:6b:a8:b8:e8:81:6b:90:9b:50:7b:
ef:6d:6d:a4:63:2a:b7:12:83:27:e0:3e:e7:ed:19:
23:79:16:c1:25:23:f7:76:79:24:7f:41:77:37:c8:
2e:0e:d6:bb:d4:d3:4f:50:e9:e9:f0:12:0f:bb:b1:
48:85:75:e6:76:b1:c1:05:16:19:58:34:b5:52:c8:
54:87:e4:6b:27:79:58:69:bb:20:56:b7:06:26:d3:
17:07:39:5b:85:9a:ea:2b:66:b2:ae:ec:0a:03:c1:
90:6e:a7:4a:1e:f4:cd:8c:4a:7f:e9:8b:21:d5:6c:
65:67:8b:1e:72:05:8f:b3:9f:30:23:cd:c0:b9:12:
a0:fa:b7:d1:ae:3d:54:a5:cf:dc:f0:79:e2:30:44:
b3:7f:63:1d:b3:23:3a:6e:6d:f6:5a:6b:cc:69:5f:
3d:58:fa:91:d6:86:e9:93:d4:93:39:cf:64:f1:a3:
ea:95:1d:19:61:e1:79:9d:ac:b2:6a:96:2f:61:60:
b3:53:6d:af:7b:67:99:10:73:ac:97:33:cb:99:ab:
50:22:7b:25:a8:ca:60:f7:7f:59:12:18:7a:d0:fd:
c4:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:18:90:49:F7:A3:3C:98:85:BB:63:40:EF:B1:87:83:0C:7B:C5:76
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/3D996A6A5F6611F194270CFFCE1D38B0.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.90.174.0/23
Signature Algorithm: sha256WithRSAEncryption
77:18:62:07:e1:5f:ca:86:c7:dd:dc:b7:b2:8e:f7:c2:8f:c1:
56:13:1e:3a:3a:ca:ae:7e:e4:d8:da:f9:53:ca:2d:f3:14:1c:
97:2a:a5:d0:44:4b:8a:b7:af:c1:f8:7f:de:94:54:32:69:66:
6c:fd:bb:d6:d1:e4:ba:c4:90:f1:66:e9:84:33:e3:20:b5:65:
63:95:17:9b:51:6b:ef:91:51:63:56:e4:97:b0:20:ad:ed:0a:
4c:47:ba:aa:60:89:7b:e9:99:9d:6b:0e:3d:b6:e5:bc:ea:bd:
0f:e1:64:46:fc:68:fb:01:fc:e7:8a:e1:75:6e:de:51:34:7c:
11:4f:73:7e:08:ef:23:3d:a7:9b:ee:b0:ca:6a:34:2d:9f:f7:
67:3a:fa:90:16:93:17:0c:08:1a:17:2f:f6:cf:e0:c1:c9:9c:
eb:c9:c9:5f:24:29:8f:6b:85:39:59:c8:23:4f:07:36:74:91:
0a:69:b7:32:8b:7b:fd:4f:f7:9c:e5:f0:77:18:5d:0a:48:9c:
d9:c0:38:50:46:ab:fb:6c:8f:88:bc:f1:95:11:31:77:f7:7b:
c8:bf:c9:3a:1a:92:c1:16:aa:66:dc:b4:36:d0:a5:ce:79:e7:
2b:69:1d:c9:f3:db:e4:07:80:a8:9b:71:58:0e:03:f2:22:1b:
05:83:f3:c2
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAdF9MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjYwNjAzMTYwNjUxWhcNMjYwNzEwMTYwNjUxWjAYMRYw
FAYDVQQDEw02YTIwNTExZi1lYzk2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAtwsbyN7/Go7F12XAOEosL9/nocACURWKHbKYinfo35biB2uouOiBa5Cb
UHvvbW2kYyq3EoMn4D7n7RkjeRbBJSP3dnkkf0F3N8guDta71NNPUOnp8BIPu7FI
hXXmdrHBBRYZWDS1UshUh+RrJ3lYabsgVrcGJtMXBzlbhZrqK2ayruwKA8GQbqdK
HvTNjEp/6Ysh1WxlZ4secgWPs58wI83AuRKg+rfRrj1Upc/c8HniMESzf2MdsyM6
bm32WmvMaV89WPqR1obpk9STOc9k8aPqlR0ZYeF5nayyapYvYWCzU22ve2eZEHOs
lzPLmatQInslqMpg939ZEhh60P3EDwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFBsY
kEn3ozyYhbtjQO+xh4MMe8V2MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8zRDk5NkE2QTVGNjYxMUYxOTQyNzBDRkZDRTFEMzhCMC5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBmlquMA0GCSqGSIb3DQEB
CwUAA4IBAQB3GGIH4V/Khsfd3LeyjvfCj8FWEx46OsqufuTY2vlTyi3zFByXKqXQ
REuKt6/B+H/elFQyaWZs/bvW0eS6xJDxZumEM+MgtWVjlRebUWvvkVFjVuSXsCCt
7QpMR7qqYIl76Zmdaw49tuW86r0P4WRG/Gj7AfzniuF1bt5RNHwRT3N+CO8jPaeb
7rDKajQtn/dnOvqQFpMXDAgaFy/2z+DByZzryclfJCmPa4U5WcgjTwc2dJEKabcy
i3v9T/ec5fB3GF0KSJzZwDhQRqv7bI+IvPGVETF393vIv8k6GpLBFqpm3LQ20KXO
eecraR3J89vkB4Com3FYDgPyIhsFg/PC
-----END CERTIFICATE-----
Generated at Thu Jun 11 11:57:02 2026 by rpki-client