Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/4F097A666ACD11F1B8B0B8D6CE1D38B0.roa
File: 4F097A666ACD11F1B8B0B8D6CE1D38B0.roa (raw, json)
Hash identifier: DuQG96XTBS+RcWBUVWHhNHfhpDzYtGa83A6jZQT+lOs=
Subject key identifier: CF:9B:A8:2B:E1:54:31:23:EC:C2:89:7F:8A:8E:AB:31:A0:57:EC:78
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01D3E1
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/4F097A666ACD11F1B8B0B8D6CE1D38B0.roa
Signing time: Thu 18 Jun 2026 04:22:25 +0000
ROA not before: Thu 18 Jun 2026 04:22:21 +0000
ROA not after: Sat 19 Feb 2028 04:22:21 +0000
asID: 17561
IP address blocks: 154.196.236.0/24 maxlen: 24
154.220.138.0/24 maxlen: 24
154.220.140.0/24 maxlen: 24
154.220.146.0/24 maxlen: 24
154.220.149.0/24 maxlen: 24
154.220.157.0/24 maxlen: 24
154.220.162.0/24 maxlen: 24
154.220.173.0/24 maxlen: 24
154.220.180.0/24 maxlen: 24
154.220.182.0/24 maxlen: 24
154.220.190.0/24 maxlen: 24
154.220.232.0/24 maxlen: 24
154.220.233.0/24 maxlen: 24
154.220.234.0/24 maxlen: 24
154.220.235.0/24 maxlen: 24
154.220.236.0/24 maxlen: 24
154.220.237.0/24 maxlen: 24
154.220.238.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Thu 25 Jun 2026 14:14:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 119777 (0x1d3e1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jun 18 04:22:21 2026 GMT
Not After : Feb 19 04:22:21 2028 GMT
Subject: CN=6a337281-2ab5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:08:49:00:06:15:06:96:69:59:6b:2e:ed:21:
ef:32:b7:dc:ba:a2:bd:aa:70:59:ff:9d:7a:4d:33:
ab:34:fd:1a:0a:39:e8:96:31:95:1a:3f:21:d4:a9:
3a:fa:33:da:48:43:5f:b9:50:ca:11:bc:48:9c:e8:
6d:fa:1e:1b:8f:4b:fb:33:f8:cf:7f:d7:25:1c:78:
1b:5c:81:8e:2a:3b:cd:a6:53:3f:80:0c:4d:ca:88:
61:fe:e4:4b:6e:0c:16:c3:59:d3:46:8e:d7:d4:48:
65:51:1b:3c:06:24:1d:b0:96:df:15:e9:e1:30:3d:
4d:ca:53:86:50:a5:1d:9d:cc:38:fd:13:49:45:2c:
e0:b9:bc:d7:15:43:78:b1:94:be:4f:0b:e6:91:90:
f7:b2:71:69:47:c8:b6:60:18:6a:f9:ec:6d:68:fc:
30:a4:11:81:73:30:89:77:32:19:a8:a1:bf:8b:54:
f1:8a:c0:85:69:d8:51:57:32:0d:e3:ff:3c:7f:b9:
60:bf:b1:0b:af:37:d4:5e:6f:20:92:7f:17:fe:83:
0f:c3:a5:db:e9:8c:47:56:68:40:8e:e4:30:52:b8:
e4:4b:89:33:21:82:37:c8:c4:d1:89:20:ee:fd:20:
c1:37:aa:69:6c:f6:77:40:ee:26:6e:a5:d1:ab:6a:
0d:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:9B:A8:2B:E1:54:31:23:EC:C2:89:7F:8A:8E:AB:31:A0:57:EC:78
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/4F097A666ACD11F1B8B0B8D6CE1D38B0.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.196.236.0/24
154.220.138.0/24
154.220.140.0/24
154.220.146.0/24
154.220.149.0/24
154.220.157.0/24
154.220.162.0/24
154.220.173.0/24
154.220.180.0/24
154.220.182.0/24
154.220.190.0/24
154.220.232.0-154.220.238.255
Signature Algorithm: sha256WithRSAEncryption
b3:5c:24:85:bc:d4:0d:f0:fd:19:fe:fb:0d:76:5c:12:35:ce:
11:9d:ab:b8:b0:fc:1e:3d:3b:6e:1a:6a:e9:d7:9c:9d:af:76:
93:2e:e6:47:75:7d:a3:a8:01:97:e5:c2:8c:99:5e:10:c1:52:
29:d7:13:e8:54:fd:e5:6e:58:50:2d:45:da:c4:21:88:8a:73:
f4:5c:92:61:22:cd:94:82:b5:e5:fc:b7:e6:30:45:47:d8:c7:
44:79:82:16:a8:96:54:4f:ce:a3:79:a9:a6:c0:b8:81:87:39:
65:8e:5c:19:79:f3:53:26:c4:bb:4e:12:3f:8a:a2:ef:85:41:
3d:d6:dd:8c:d7:8b:98:97:28:95:f0:e6:13:bc:82:07:1f:37:
90:30:5f:0f:d6:3e:97:d7:15:34:80:46:90:9e:a5:7d:7d:45:
0f:d7:11:b9:fc:47:20:58:a1:32:bb:74:26:13:40:34:38:c0:
e3:3e:4c:db:7c:ed:6d:f8:e3:f0:d1:05:21:ff:40:93:df:5c:
83:6f:20:7a:42:41:77:d6:ff:ab:fb:56:c5:6b:c7:fe:5a:af:
f0:99:53:f2:c3:8a:79:2f:77:fc:14:ec:e4:45:96:14:07:cc:
7f:af:c1:b3:b7:92:86:eb:17:f5:ed:ee:bd:15:40:c4:ae:ea:
45:11:44:ee
-----BEGIN CERTIFICATE-----
MIIFzjCCBLagAwIBAgIDAdPhMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjYwNjE4MDQyMjIxWhcNMjgwMjE5MDQyMjIxWjAYMRYw
FAYDVQQDEw02YTMzNzI4MS0yYWI1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA0ghJAAYVBpZpWWsu7SHvMrfcuqK9qnBZ/516TTOrNP0aCjnoljGVGj8h
1Kk6+jPaSENfuVDKEbxInOht+h4bj0v7M/jPf9clHHgbXIGOKjvNplM/gAxNyohh
/uRLbgwWw1nTRo7X1EhlURs8BiQdsJbfFenhMD1NylOGUKUdncw4/RNJRSzgubzX
FUN4sZS+TwvmkZD3snFpR8i2YBhq+extaPwwpBGBczCJdzIZqKG/i1TxisCFadhR
VzIN4/88f7lgv7ELrzfUXm8gkn8X/oMPw6Xb6YxHVmhAjuQwUrjkS4kzIYI3yMTR
iSDu/SDBN6ppbPZ3QO4mbqXRq2oNIQIDAQABo4IC7zCCAuswHQYDVR0OBBYEFM+b
qCvhVDEj7MKJf4qOqzGgV+x4MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC80RjA5N0E2NjZBQ0QxMUYxQjhCMEI4RDZDRTFEMzhCMC5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMGkGCCsGAQUFBwEHAQH/BFowWDBWBAIAATBQAwQAmsTsAwQAmtyKAwQAmtyM
AwQAmtySAwQAmtyVAwQAmtydAwQAmtyiAwQAmtytAwQAmty0AwQAmty2AwQAmty+
MAwDBAOa3OgDBACa3O4wDQYJKoZIhvcNAQELBQADggEBALNcJIW81A3w/Rn++w12
XBI1zhGdq7iw/B49O24aaunXnJ2vdpMu5kd1faOoAZflwoyZXhDBUinXE+hU/eVu
WFAtRdrEIYiKc/RckmEizZSCteX8t+YwRUfYx0R5ghaollRPzqN5qabAuIGHOWWO
XBl581MmxLtOEj+Kou+FQT3W3YzXi5iXKJXw5hO8ggcfN5AwXw/WPpfXFTSARpCe
pX19RQ/XEbn8RyBYoTK7dCYTQDQ4wOM+TNt87W344/DRBSH/QJPfXINvIHpCQXfW
/6v7VsVrx/5ar/CZU/LDinkvd/wU7ORFlhQHzH+vwbO3kobrF/Xt7r0VQMSu6kUR
RO4=
-----END CERTIFICATE-----
Generated at Tue Jun 23 21:51:36 2026 by rpki-client