Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/6B8BFBDE5BAD11F1A12857D9CE1D38B0.roa
File: 6B8BFBDE5BAD11F1A12857D9CE1D38B0.roa (raw, json)
Hash identifier: Bd6PAc2iJDsIiJwy9V93dqJRh79SZEdKLBTP/KjO3vo=
Subject key identifier: 3C:44:35:BF:34:A3:CB:4A:EB:50:AB:83:57:E7:0D:2D:FC:FF:15:7E
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01D0A5
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/6B8BFBDE5BAD11F1A12857D9CE1D38B0.roa
Signing time: Fri 29 May 2026 22:26:22 +0000
ROA not before: Fri 29 May 2026 22:26:16 +0000
ROA not after: Tue 07 Jul 2026 22:26:16 +0000
asID: 49505
IP address blocks: 154.211.17.0/24 maxlen: 24
154.211.18.0/24 maxlen: 24
154.211.19.0/24 maxlen: 24
154.212.28.0/24 maxlen: 24
154.212.29.0/24 maxlen: 24
154.212.30.0/24 maxlen: 24
154.212.31.0/24 maxlen: 24
154.213.0.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 13 Jun 2026 00:07:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 118949 (0x1d0a5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: May 29 22:26:16 2026 GMT
Not After : Jul 7 22:26:16 2026 GMT
Subject: CN=6a1a128e-e7c7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:2f:8f:6b:eb:97:c6:33:a3:92:1f:ff:82:1f:
70:61:e4:b4:f3:a2:1e:6b:14:8a:bc:be:52:e3:ba:
07:54:32:d2:3d:64:3b:41:ce:c9:5c:ab:ae:2d:d2:
dc:7b:0a:88:56:e0:d2:35:69:9b:c2:52:62:6f:e0:
90:37:0f:83:ce:8b:a1:93:a8:96:12:33:55:4f:8e:
cc:42:c8:9a:fd:78:9f:9f:2e:65:92:1a:67:e4:09:
db:64:61:00:9c:54:23:5b:73:52:83:12:3d:06:5e:
4c:cb:a1:a3:23:8c:fc:c2:61:50:45:59:5f:fd:0a:
02:d6:52:31:8f:e4:62:da:f9:4e:3c:a0:5a:77:2d:
1b:a8:14:68:6d:46:4d:d5:37:5b:e3:a8:bb:ad:52:
9e:0f:9c:4e:5e:77:97:ee:6b:f3:25:7e:15:91:9c:
f7:c9:2b:8a:6d:c4:75:3b:36:b0:cd:80:e7:2c:11:
53:68:54:4a:a0:c9:8d:af:7a:ec:23:ba:40:e4:11:
e4:26:38:8d:f8:22:6c:73:7f:a7:73:0a:56:98:12:
b2:df:ab:72:a0:b5:c2:ca:87:1b:91:68:4b:45:78:
75:60:7b:b7:20:69:fa:ff:35:f5:3c:c7:33:c0:a6:
31:8d:f6:8c:e6:8e:00:05:6e:d2:80:53:45:99:4e:
de:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:44:35:BF:34:A3:CB:4A:EB:50:AB:83:57:E7:0D:2D:FC:FF:15:7E
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/6B8BFBDE5BAD11F1A12857D9CE1D38B0.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.211.17.0-154.211.19.255
154.212.28.0/22
154.213.0.0/24
Signature Algorithm: sha256WithRSAEncryption
62:4c:e9:1c:71:3c:69:fd:28:0a:25:10:6a:88:6e:2c:96:5a:
03:d7:52:6b:04:e0:81:67:12:97:6b:8d:6c:6c:2e:f4:d1:39:
24:77:75:20:d3:09:5d:6c:32:e0:a4:06:59:01:7f:67:71:e5:
e3:32:ef:4c:ed:cc:eb:36:c6:71:ef:5b:e6:1d:c8:71:d7:c7:
22:cf:96:6e:4f:1a:d2:fb:12:40:cd:df:e7:a9:e9:7f:e1:33:
86:40:35:5b:cb:c4:53:99:39:65:4c:0b:d7:aa:f1:89:4c:52:
eb:6d:40:d7:6d:ca:38:92:9c:8e:53:ff:d1:39:95:b0:01:7a:
fa:6c:5d:f3:ec:bf:2e:a9:12:c8:06:a1:58:0d:e1:81:1f:42:
2b:8b:66:2b:47:83:98:30:0b:e2:51:30:89:4b:19:70:fa:0d:
a9:7a:06:86:bc:80:4a:f4:b0:e4:f2:80:0a:f9:b1:c3:02:6e:
cc:bb:03:e1:b0:b6:b6:88:33:25:df:15:3e:4e:40:72:43:be:
d4:fb:e7:2e:07:d7:ec:99:31:2c:0e:9d:53:31:3c:b6:74:cb:
1f:77:46:65:e2:87:a4:22:5c:f2:d1:c3:e0:25:0e:20:0c:9f:
71:74:ad:2d:93:0c:26:43:c9:63:30:8d:8e:c8:16:2e:78:c1:
03:64:43:79
-----BEGIN CERTIFICATE-----
MIIFmDCCBICgAwIBAgIDAdClMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjYwNTI5MjIyNjE2WhcNMjYwNzA3MjIyNjE2WjAYMRYw
FAYDVQQDEw02YTFhMTI4ZS1lN2M3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEApC+Pa+uXxjOjkh//gh9wYeS086IeaxSKvL5S47oHVDLSPWQ7Qc7JXKuu
LdLcewqIVuDSNWmbwlJib+CQNw+Dzouhk6iWEjNVT47MQsia/Xifny5lkhpn5Anb
ZGEAnFQjW3NSgxI9Bl5My6GjI4z8wmFQRVlf/QoC1lIxj+Ri2vlOPKBady0bqBRo
bUZN1Tdb46i7rVKeD5xOXneX7mvzJX4VkZz3ySuKbcR1OzawzYDnLBFTaFRKoMmN
r3rsI7pA5BHkJjiN+CJsc3+ncwpWmBKy36tyoLXCyocbkWhLRXh1YHu3IGn6/zX1
PMczwKYxjfaM5o4ABW7SgFNFmU7elwIDAQABo4ICuTCCArUwHQYDVR0OBBYEFDxE
Nb80o8tK61Crg1fnDS38/xV+MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC82QjhCRkJERTVCQUQxMUYxQTEyODU3RDlDRTFEMzhCMC5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBACa0xEDBAKa0xADBAKa
1BwDBACa1QAwDQYJKoZIhvcNAQELBQADggEBAGJM6RxxPGn9KAolEGqIbiyWWgPX
UmsE4IFnEpdrjWxsLvTROSR3dSDTCV1sMuCkBlkBf2dx5eMy70ztzOs2xnHvW+Yd
yHHXxyLPlm5PGtL7EkDN3+ep6X/hM4ZANVvLxFOZOWVMC9eq8YlMUuttQNdtyjiS
nI5T/9E5lbABevpsXfPsvy6pEsgGoVgN4YEfQiuLZitHg5gwC+JRMIlLGXD6Dal6
Boa8gEr0sOTygAr5scMCbsy7A+GwtraIMyXfFT5OQHJDvtT75y4H1+yZMSwOnVMx
PLZ0yx93RmXih6QiXPLRw+AlDiAMn3F0rS2TDCZDyWMwjY7IFi54wQNkQ3k=
-----END CERTIFICATE-----
Generated at Thu Jun 11 22:51:42 2026 by rpki-client