Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/7FCF2A1A542511F18CBE860DCF1D38B0.roa
File: 7FCF2A1A542511F18CBE860DCF1D38B0.roa (raw, json)
Hash identifier: BqwcrFi/KSqjJmjbw5eIoUK3LQjLGV6+AsPxdJ2yeG0=
Subject key identifier: C0:71:74:44:2A:B0:69:52:78:01:71:32:B6:AA:84:25:00:21:F3:80
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01CCAC
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/7FCF2A1A542511F18CBE860DCF1D38B0.roa
Signing time: Wed 20 May 2026 08:25:46 +0000
ROA not before: Wed 20 May 2026 08:25:42 +0000
ROA not after: Wed 19 Aug 2026 08:25:42 +0000
asID: 152849
IP address blocks: 154.91.48.0/20 maxlen: 24
154.91.176.0/20 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Thu 04 Jun 2026 00:07:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 117932 (0x1ccac)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: May 20 08:25:42 2026 GMT
Not After : Aug 19 08:25:42 2026 GMT
Subject: CN=6a0d700a-4a24
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:06:13:36:a6:25:13:30:45:1d:61:cd:b1:99:
bb:2d:be:d0:9f:10:28:f2:45:51:00:54:93:f7:10:
a8:5b:45:5f:31:a8:dc:29:a4:8b:4b:d2:b6:db:48:
0b:10:de:ba:2e:3d:bd:09:55:21:3e:b4:7f:0f:c2:
12:8e:72:e8:0e:97:f2:0d:bb:bb:9b:ef:00:5b:f2:
18:c0:2e:9a:e1:24:21:2c:f7:a3:35:d3:6e:1c:09:
ed:57:67:60:1b:72:4c:29:76:75:59:7b:92:b3:15:
ac:07:36:ba:09:c7:75:bb:ac:0f:d1:d7:5c:9c:de:
0b:09:c4:89:b8:4f:97:5a:97:89:e6:1e:29:97:7a:
14:41:0e:a3:da:83:f3:b5:53:37:ce:f5:e1:03:15:
3d:24:1e:ce:bb:d2:12:62:7c:a9:cb:d0:68:43:c2:
96:d3:e7:0c:2a:32:95:f7:73:81:40:b7:10:0a:69:
17:49:c5:e2:93:29:ca:0a:84:bc:06:b6:4a:52:14:
79:9e:7f:0e:76:77:2b:ca:79:0a:0e:59:e3:c2:bf:
31:b9:af:94:44:ac:b0:a3:d7:51:bd:74:e1:24:27:
20:41:33:60:f6:08:ed:be:56:cd:34:f1:5c:c2:30:
5f:22:82:57:c8:a5:68:f8:22:b4:dd:d2:b0:70:68:
f0:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:71:74:44:2A:B0:69:52:78:01:71:32:B6:AA:84:25:00:21:F3:80
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/7FCF2A1A542511F18CBE860DCF1D38B0.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.91.48.0/20
154.91.176.0/20
Signature Algorithm: sha256WithRSAEncryption
9c:61:39:1a:35:6f:1d:df:c1:bb:17:b4:fb:1a:17:b1:14:f3:
d3:28:7f:13:64:d6:4b:3c:a9:a4:7f:52:fb:ca:46:27:e4:fa:
01:76:c1:2f:f5:e2:b7:b3:ec:9e:c6:14:a4:eb:1f:b5:c1:a6:
27:4a:97:bb:31:11:d8:42:38:f7:b9:09:03:4a:ee:b2:f8:39:
f3:25:c5:88:78:a2:9d:fe:c8:c3:07:80:42:aa:71:32:a0:d8:
dc:b0:d5:bd:71:6c:97:cf:37:9e:36:81:c9:84:71:0b:0f:a1:
63:cc:4d:8f:60:26:2d:97:e4:95:f5:e9:08:36:b7:c1:f4:55:
31:31:41:ed:08:17:22:85:cb:77:3b:32:0f:fd:15:d9:7c:3a:
e5:0e:32:bf:9e:5f:da:98:de:f4:f6:d1:8b:e4:12:b5:5a:2a:
f0:a1:13:4d:a4:e5:6c:cc:f0:6a:7e:ee:b1:d6:e2:d5:b7:9a:
7f:28:51:aa:84:d0:e9:70:ff:a3:5e:06:4f:18:ee:a2:8f:6d:
9a:1a:08:10:eb:33:00:ff:e7:58:8e:30:54:d5:2f:0e:78:a9:
54:9a:4f:d2:58:d8:54:fa:a5:b9:76:7b:55:79:e3:44:43:c1:
3c:25:e9:a8:bb:37:bb:0d:65:7b:25:35:c8:bd:43:29:12:53:
c5:f9:ab:4e
-----BEGIN CERTIFICATE-----
MIIFijCCBHKgAwIBAgIDAcysMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjYwNTIwMDgyNTQyWhcNMjYwODE5MDgyNTQyWjAYMRYw
FAYDVQQDEw02YTBkNzAwYS00YTI0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA4QYTNqYlEzBFHWHNsZm7Lb7QnxAo8kVRAFST9xCoW0VfMajcKaSLS9K2
20gLEN66Lj29CVUhPrR/D8ISjnLoDpfyDbu7m+8AW/IYwC6a4SQhLPejNdNuHAnt
V2dgG3JMKXZ1WXuSsxWsBza6Ccd1u6wP0ddcnN4LCcSJuE+XWpeJ5h4pl3oUQQ6j
2oPztVM3zvXhAxU9JB7Ou9ISYnypy9BoQ8KW0+cMKjKV93OBQLcQCmkXScXikynK
CoS8BrZKUhR5nn8OdncrynkKDlnjwr8xua+URKywo9dRvXThJCcgQTNg9gjtvlbN
NPFcwjBfIoJXyKVo+CK03dKwcGjw7wIDAQABo4ICqzCCAqcwHQYDVR0OBBYEFMBx
dEQqsGlSeAFxMraqhCUAIfOAMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC83RkNGMkExQTU0MjUxMUYxOENCRTg2MERDRjFEMzhCMC5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQEmlswAwQEmluwMA0GCSqG
SIb3DQEBCwUAA4IBAQCcYTkaNW8d38G7F7T7GhexFPPTKH8TZNZLPKmkf1L7ykYn
5PoBdsEv9eK3s+yexhSk6x+1waYnSpe7MRHYQjj3uQkDSu6y+DnzJcWIeKKd/sjD
B4BCqnEyoNjcsNW9cWyXzzeeNoHJhHELD6FjzE2PYCYtl+SV9ekINrfB9FUxMUHt
CBcihct3OzIP/RXZfDrlDjK/nl/amN709tGL5BK1WirwoRNNpOVszPBqfu6x1uLV
t5p/KFGqhNDpcP+jXgZPGO6ij22aGggQ6zMA/+dYjjBU1S8OeKlUmk/SWNhU+qW5
dntVeeNEQ8E8Jemouze7DWV7JTXIvUMpElPF+atO
-----END CERTIFICATE-----
Generated at Tue Jun 2 21:35:58 2026 by rpki-client