Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/566B49F6543E11F1A0F233A4CE1D38B0.roa
File: 566B49F6543E11F1A0F233A4CE1D38B0.roa (raw, json)
Hash identifier: qocpNBptduItc45hZEahtivQKUiyZ99PFd/NJ9EVqds=
Subject key identifier: 41:D7:14:B8:A7:F2:B3:76:C1:FE:77:49:80:B6:D2:62:E9:36:1D:EA
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01CCC0
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/566B49F6543E11F1A0F233A4CE1D38B0.roa
Signing time: Wed 20 May 2026 11:23:34 +0000
ROA not before: Wed 20 May 2026 11:23:29 +0000
ROA not after: Sat 08 Aug 2026 11:23:29 +0000
asID: 149014
IP address blocks: 154.223.168.0/22 maxlen: 24
154.223.176.0/22 maxlen: 24
154.223.180.0/22 maxlen: 24
154.223.188.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 06 Jun 2026 08:36:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 117952 (0x1ccc0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: May 20 11:23:29 2026 GMT
Not After : Aug 8 11:23:29 2026 GMT
Subject: CN=6a0d99b6-2c13
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:4d:9c:96:ca:d9:f4:ca:c0:7d:4e:66:2a:1e:
7d:2a:28:bc:ac:c6:3b:2c:4e:ab:22:c1:d7:53:26:
0a:1f:ce:a9:40:5d:2a:f7:6e:65:22:5b:00:30:c9:
0d:b2:f4:ff:57:c8:ce:cb:19:f5:b5:cc:d8:a2:2e:
6c:32:fc:47:06:9b:6e:6d:24:42:96:92:d5:f1:4b:
3c:9b:6e:9d:8f:52:20:43:5a:2f:99:f7:c4:49:96:
f3:d6:62:03:f2:a8:e5:d3:5d:5b:22:28:1d:be:aa:
29:f8:59:7d:12:d1:13:8b:1f:3d:a7:57:18:f2:58:
a1:e7:f4:3f:a9:91:09:88:2d:9c:f9:88:eb:33:1f:
9a:47:0b:a3:48:c4:40:7c:e9:6f:b4:87:1e:41:63:
34:be:41:d6:ef:2e:75:30:dd:ed:27:a0:cf:65:cd:
6d:58:9f:50:3d:58:80:39:e3:88:0a:fc:26:92:e6:
60:40:3b:4f:cd:5c:b7:5f:92:ca:e7:66:12:f0:2d:
d8:37:15:73:94:f6:fd:42:9d:70:af:c5:65:43:0c:
84:43:aa:e7:1d:97:20:92:75:b2:32:63:fb:b2:a8:
b0:50:b6:31:88:7d:cc:72:1c:24:8f:db:17:e1:f7:
2f:49:ec:2f:0d:8f:14:ab:a8:9d:5c:8c:b6:b1:57:
ea:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:D7:14:B8:A7:F2:B3:76:C1:FE:77:49:80:B6:D2:62:E9:36:1D:EA
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/566B49F6543E11F1A0F233A4CE1D38B0.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.223.168.0/22
154.223.176.0/21
154.223.188.0/22
Signature Algorithm: sha256WithRSAEncryption
16:41:5f:eb:da:23:e0:9d:c7:f6:99:9e:3d:5e:4f:01:10:3e:
a6:c0:ab:42:8a:83:1a:b9:09:cb:b2:60:46:1f:35:60:d4:71:
3c:bf:f1:56:cf:89:33:39:05:33:c6:41:6b:cf:24:ec:d2:d5:
89:4c:47:fb:3c:05:c0:6f:74:9c:ee:b9:7e:db:39:4f:59:df:
fc:f5:88:5a:4b:ee:8d:aa:95:53:ee:24:54:c1:75:b4:87:98:
b5:5b:ae:8b:3e:b6:5f:c5:b8:55:28:93:ac:30:40:40:dd:f6:
ac:fe:e8:9f:8a:d7:94:83:fc:bb:06:7d:90:f2:b1:df:0a:16:
ca:81:6c:c9:6f:cf:c9:a8:6f:66:ec:d1:c0:0f:8a:3b:3a:bb:
cf:79:0a:e1:08:69:a1:51:c1:ca:a6:3d:91:f9:7c:82:52:5d:
dd:44:38:1e:fa:3d:33:c5:12:0a:e1:53:61:7e:02:ad:3e:a1:
1c:4b:cb:67:f3:c6:ff:b8:3d:3d:89:91:2a:cc:d4:d4:df:81:
6b:63:33:53:7e:c3:5b:d0:a4:9b:2d:ce:7f:28:ed:93:1a:56:
74:53:0e:8b:9e:53:ae:df:5e:4c:6e:a6:1f:d3:cd:24:5b:8e:
f0:08:27:f9:56:fe:d9:be:69:d6:c8:a4:fc:68:ec:bc:ab:6f:
1f:cc:60:e6
-----BEGIN CERTIFICATE-----
MIIFkDCCBHigAwIBAgIDAczAMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjYwNTIwMTEyMzI5WhcNMjYwODA4MTEyMzI5WjAYMRYw
FAYDVQQDEw02YTBkOTliNi0yYzEzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAok2clsrZ9MrAfU5mKh59Kii8rMY7LE6rIsHXUyYKH86pQF0q925lIlsA
MMkNsvT/V8jOyxn1tczYoi5sMvxHBptubSRClpLV8Us8m26dj1IgQ1ovmffESZbz
1mID8qjl011bIigdvqop+Fl9EtETix89p1cY8lih5/Q/qZEJiC2c+YjrMx+aRwuj
SMRAfOlvtIceQWM0vkHW7y51MN3tJ6DPZc1tWJ9QPViAOeOICvwmkuZgQDtPzVy3
X5LK52YS8C3YNxVzlPb9Qp1wr8VlQwyEQ6rnHZcgknWyMmP7sqiwULYxiH3Mchwk
j9sX4fcvSewvDY8Uq6idXIy2sVfq2wIDAQABo4ICsTCCAq0wHQYDVR0OBBYEFEHX
FLin8rN2wf53SYC20mLpNh3qMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC81NjZCNDlGNjU0M0UxMUYxQTBGMjMzQTRDRTFEMzhCMC5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCmt+oAwQDmt+wAwQCmt+8
MA0GCSqGSIb3DQEBCwUAA4IBAQAWQV/r2iPgncf2mZ49Xk8BED6mwKtCioMauQnL
smBGHzVg1HE8v/FWz4kzOQUzxkFrzyTs0tWJTEf7PAXAb3Sc7rl+2zlPWd/89Yha
S+6NqpVT7iRUwXW0h5i1W66LPrZfxbhVKJOsMEBA3fas/uifiteUg/y7Bn2Q8rHf
ChbKgWzJb8/JqG9m7NHAD4o7OrvPeQrhCGmhUcHKpj2R+XyCUl3dRDge+j0zxRIK
4VNhfgKtPqEcS8tn88b/uD09iZEqzNTU34FrYzNTfsNb0KSbLc5/KO2TGlZ0Uw6L
nlOu315MbqYf080kW47wCCf5Vv7ZvmnWyKT8aOy8q28fzGDm
-----END CERTIFICATE-----
Generated at Thu Jun 4 16:09:01 2026 by rpki-client