Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/426CC6C06C8D11F181981DF0CE1D38B0.roa
File: 426CC6C06C8D11F181981DF0CE1D38B0.roa (raw, json)
Hash identifier: BbSguu3ns5J+6t18zgE48G5mVqUx+bHziXC8ekPZqGw=
Subject key identifier: E6:7E:65:E0:3F:60:F1:CF:41:5D:57:C9:0B:82:FB:1A:DB:AF:E7:D8
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01D427
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/426CC6C06C8D11F181981DF0CE1D38B0.roa
Signing time: Sat 20 Jun 2026 09:48:59 +0000
ROA not before: Sat 20 Jun 2026 09:48:54 +0000
ROA not after: Mon 27 Jul 2026 09:48:54 +0000
asID: 55320
IP address blocks: 154.205.140.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Thu 25 Jun 2026 14:14:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 119847 (0x1d427)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jun 20 09:48:54 2026 GMT
Not After : Jul 27 09:48:54 2026 GMT
Subject: CN=6a36620b-7d58
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:e7:c6:f4:c0:11:5b:08:56:ff:45:e6:fe:58:
c5:79:8a:18:d7:6c:83:a8:8d:72:eb:06:92:10:d2:
a6:f1:32:ac:f0:f6:1f:e0:7c:78:f2:3b:ef:62:e9:
ee:2f:96:a3:18:3b:de:69:ee:38:e0:64:70:58:d7:
68:99:e3:5d:d8:90:61:c0:ed:7d:84:e6:d7:5e:12:
fb:94:ec:6d:0e:85:21:00:4c:d7:db:82:fc:38:e9:
ed:a8:45:45:8f:84:53:52:33:09:b1:a6:c3:95:35:
06:85:5b:8c:8d:d3:32:f3:b9:97:11:0e:2b:e9:5b:
25:43:1d:7b:67:70:0e:77:ee:7b:2f:d0:df:bb:b1:
f3:82:cf:6e:94:39:f0:66:3e:95:8d:a8:86:2e:7c:
ed:9c:67:a9:c2:1e:01:01:f4:5f:b9:27:20:82:0b:
2a:bb:9c:c2:5c:02:c9:d5:9e:44:a9:82:6f:9f:08:
75:fc:d8:30:17:2f:6a:38:0b:db:d3:48:ec:e9:fa:
80:de:8f:12:94:f8:83:02:57:dd:2c:e2:01:73:82:
88:8b:63:a1:52:0b:11:e3:b9:d6:5b:36:91:d0:f6:
70:a3:a4:0e:35:72:15:8e:7b:42:bb:74:53:aa:6e:
dd:82:75:bd:8e:5c:19:0a:86:2d:fe:dc:06:33:98:
8c:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:7E:65:E0:3F:60:F1:CF:41:5D:57:C9:0B:82:FB:1A:DB:AF:E7:D8
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/426CC6C06C8D11F181981DF0CE1D38B0.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.205.140.0/24
Signature Algorithm: sha256WithRSAEncryption
01:20:61:ed:1a:16:64:82:0a:79:fe:ee:c1:45:67:e0:2d:12:
8f:48:b4:9a:a9:47:eb:8d:a2:c2:85:05:4e:9d:d0:37:0a:f6:
a3:d8:1a:d2:c5:13:61:0d:25:53:67:7c:77:ca:75:c5:4b:a8:
80:b0:5f:7e:c5:90:34:bc:89:e0:7f:6e:a8:33:bc:9e:96:9a:
69:f4:34:78:a9:37:aa:ab:ef:a6:2f:82:24:9d:0d:c5:e3:1e:
33:b3:14:88:3e:92:69:6c:aa:b4:7b:80:20:fa:ca:c4:02:07:
12:ac:9a:0e:37:46:58:da:b5:8a:40:13:76:79:fc:1b:6b:6e:
6d:85:f9:26:88:b2:f5:05:27:76:bd:60:41:1d:d8:67:fb:9c:
1b:b9:f8:af:e4:cf:a4:c2:de:00:9b:70:56:81:10:a3:5b:21:
fb:5d:d1:d3:fd:56:8f:02:50:8d:c5:cf:16:08:6f:42:e3:9b:
84:95:ff:64:5c:c3:55:ee:35:57:28:c5:90:44:cf:85:9a:9e:
0e:05:09:78:20:89:81:08:11:df:20:27:c0:b8:f0:2d:c8:1d:
2f:3f:5c:6d:6a:7b:40:02:19:65:6a:66:a0:20:ee:a0:67:f3:
64:31:53:f6:97:a0:9c:d2:03:84:ea:fe:1a:8a:40:b0:c3:e7:
7f:49:a7:6a
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAdQnMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjYwNjIwMDk0ODU0WhcNMjYwNzI3MDk0ODU0WjAYMRYw
FAYDVQQDEw02YTM2NjIwYi03ZDU4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAlOfG9MARWwhW/0Xm/ljFeYoY12yDqI1y6waSENKm8TKs8PYf4Hx48jvv
YunuL5ajGDveae444GRwWNdomeNd2JBhwO19hObXXhL7lOxtDoUhAEzX24L8OOnt
qEVFj4RTUjMJsabDlTUGhVuMjdMy87mXEQ4r6VslQx17Z3AOd+57L9Dfu7Hzgs9u
lDnwZj6VjaiGLnztnGepwh4BAfRfuScgggsqu5zCXALJ1Z5EqYJvnwh1/NgwFy9q
OAvb00js6fqA3o8SlPiDAlfdLOIBc4KIi2OhUgsR47nWWzaR0PZwo6QONXIVjntC
u3RTqm7dgnW9jlwZCoYt/twGM5iMtwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFOZ+
ZeA/YPHPQV1XyQuC+xrbr+fYMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC80MjZDQzZDMDZDOEQxMUYxODE5ODFERjBDRTFEMzhCMC5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAms2MMA0GCSqGSIb3DQEB
CwUAA4IBAQABIGHtGhZkggp5/u7BRWfgLRKPSLSaqUfrjaLChQVOndA3Cvaj2BrS
xRNhDSVTZ3x3ynXFS6iAsF9+xZA0vIngf26oM7yelppp9DR4qTeqq++mL4IknQ3F
4x4zsxSIPpJpbKq0e4Ag+srEAgcSrJoON0ZY2rWKQBN2efwba25thfkmiLL1BSd2
vWBBHdhn+5wbufiv5M+kwt4Am3BWgRCjWyH7XdHT/VaPAlCNxc8WCG9C45uElf9k
XMNV7jVXKMWQRM+Fmp4OBQl4IImBCBHfICfAuPAtyB0vP1xtantAAhllamagIO6g
Z/NkMVP2l6Cc0gOE6v4aikCww+d/Sadq
-----END CERTIFICATE-----
Generated at Tue Jun 23 21:51:06 2026 by rpki-client