Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/4BC59398551111F1A92B10AECE1D38B0.roa
File: 4BC59398551111F1A92B10AECE1D38B0.roa (raw, json)
Hash identifier: t+j+T7He9PaJyPxI8S2lGWh+Lpu3+QUa6yG1AULI0a4=
Subject key identifier: 96:B9:B3:E6:31:EA:78:B8:17:29:56:96:C0:70:39:56:7F:D2:D4:E2
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01CD58
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/4BC59398551111F1A92B10AECE1D38B0.roa
Signing time: Thu 21 May 2026 12:33:40 +0000
ROA not before: Thu 21 May 2026 12:33:36 +0000
ROA not after: Wed 19 Aug 2026 12:33:36 +0000
asID: 139923
IP address blocks: 154.91.48.0/20 maxlen: 24
154.91.176.0/20 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Thu 04 Jun 2026 00:07:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 118104 (0x1cd58)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: May 21 12:33:36 2026 GMT
Not After : Aug 19 12:33:36 2026 GMT
Subject: CN=6a0efba4-0ead
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:23:d9:66:0e:5a:14:74:12:18:aa:fd:0e:80:
b0:06:c1:b1:d7:99:48:ce:db:fe:df:94:a6:9f:79:
87:c3:8f:ff:51:79:1c:67:42:25:98:61:fa:64:eb:
b1:cb:dd:51:8f:80:22:c3:72:a8:73:5d:01:26:40:
42:98:2f:9c:27:2d:f9:1f:db:7a:f1:92:e4:a7:ec:
a5:6f:de:38:5f:8d:7f:e0:44:9d:48:46:c9:71:b6:
53:12:8a:f6:82:2b:05:30:b3:fd:ab:75:ab:5d:75:
20:3c:10:75:b8:a6:43:de:4c:39:77:6d:01:10:05:
af:68:f5:0e:f4:de:70:25:82:d3:1a:2e:d9:bf:60:
c3:1b:a3:0e:6f:93:65:4b:5e:4a:9d:98:d5:73:78:
4f:3c:65:df:06:fd:ab:4a:e0:8f:96:58:be:ac:8f:
13:4a:72:bb:9d:a3:3f:d4:e3:e9:07:89:72:d3:63:
4e:f3:45:6d:aa:fb:c6:9e:2d:b6:d7:a3:96:d0:9f:
70:55:68:14:de:4f:a4:fa:2c:bc:77:74:cf:36:51:
77:1b:6e:71:08:36:9c:8b:91:9e:6c:58:c6:5d:be:
00:5d:23:4a:23:84:b6:80:e4:1e:64:0e:70:1a:60:
d9:8e:93:9f:11:bd:f3:49:94:4f:bc:3b:d9:67:0d:
88:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:B9:B3:E6:31:EA:78:B8:17:29:56:96:C0:70:39:56:7F:D2:D4:E2
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/4BC59398551111F1A92B10AECE1D38B0.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.91.48.0/20
154.91.176.0/20
Signature Algorithm: sha256WithRSAEncryption
d4:4e:29:6c:85:35:7a:c3:2e:32:40:f4:83:d7:05:cb:cc:21:
e9:60:7d:e4:78:17:8f:25:98:b3:79:31:71:58:e6:2b:42:b6:
66:f7:23:e0:9b:51:90:53:da:b5:b3:cb:1a:20:47:2a:b4:4d:
4d:39:0e:e4:76:52:22:9a:84:c8:0c:e5:a3:69:ac:3f:c1:f7:
fe:27:4d:fb:36:00:94:d8:83:33:74:9c:87:bb:92:34:48:33:
54:c5:28:30:71:de:25:25:83:4c:83:e7:50:c4:54:d0:f7:33:
6d:de:ac:1f:35:fd:d3:c7:38:7c:cd:4e:96:40:52:ce:87:29:
d4:c2:c9:ef:7b:aa:b5:68:92:ec:5f:46:d5:5d:46:69:a7:fe:
9f:f4:74:49:9c:0d:33:ec:a0:69:f3:db:6f:55:04:eb:2c:ea:
b3:2f:1c:b9:cd:a7:5a:a2:c0:86:9a:c3:91:6a:bd:91:5e:5d:
87:13:4b:72:db:d3:ce:f1:52:52:da:7b:24:d2:5c:24:07:e1:
cc:eb:99:58:7d:f1:8f:16:64:ba:5c:6a:4a:ac:ef:72:04:85:
f1:63:53:2c:1a:ae:dc:2e:30:e9:00:66:db:66:c6:54:50:21:
6e:cf:f0:55:ad:d7:61:3b:82:ad:0e:cd:67:c8:29:0a:05:b9:
14:63:60:ae
-----BEGIN CERTIFICATE-----
MIIFijCCBHKgAwIBAgIDAc1YMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjYwNTIxMTIzMzM2WhcNMjYwODE5MTIzMzM2WjAYMRYw
FAYDVQQDEw02YTBlZmJhNC0wZWFkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEArCPZZg5aFHQSGKr9DoCwBsGx15lIztv+35Smn3mHw4//UXkcZ0IlmGH6
ZOuxy91Rj4Aiw3Koc10BJkBCmC+cJy35H9t68ZLkp+ylb944X41/4ESdSEbJcbZT
Eor2gisFMLP9q3WrXXUgPBB1uKZD3kw5d20BEAWvaPUO9N5wJYLTGi7Zv2DDG6MO
b5NlS15KnZjVc3hPPGXfBv2rSuCPlli+rI8TSnK7naM/1OPpB4ly02NO80VtqvvG
ni2216OW0J9wVWgU3k+k+iy8d3TPNlF3G25xCDaci5GebFjGXb4AXSNKI4S2gOQe
ZA5wGmDZjpOfEb3zSZRPvDvZZw2IrwIDAQABo4ICqzCCAqcwHQYDVR0OBBYEFJa5
s+Yx6ni4FylWlsBwOVZ/0tTiMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC80QkM1OTM5ODU1MTExMUYxQTkyQjEwQUVDRTFEMzhCMC5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQEmlswAwQEmluwMA0GCSqG
SIb3DQEBCwUAA4IBAQDUTilshTV6wy4yQPSD1wXLzCHpYH3keBePJZizeTFxWOYr
QrZm9yPgm1GQU9q1s8saIEcqtE1NOQ7kdlIimoTIDOWjaaw/wff+J037NgCU2IMz
dJyHu5I0SDNUxSgwcd4lJYNMg+dQxFTQ9zNt3qwfNf3Txzh8zU6WQFLOhynUwsnv
e6q1aJLsX0bVXUZpp/6f9HRJnA0z7KBp89tvVQTrLOqzLxy5zadaosCGmsORar2R
Xl2HE0ty29PO8VJS2nsk0lwkB+HM65lYffGPFmS6XGpKrO9yBIXxY1MsGq7cLjDp
AGbbZsZUUCFuz/BVrddhO4KtDs1nyCkKBbkUY2Cu
-----END CERTIFICATE-----
Generated at Tue Jun 2 21:30:56 2026 by rpki-client