Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/8244212E5F6511F1BA4D00FBCE1D38B0.roa
File: 8244212E5F6511F1BA4D00FBCE1D38B0.roa (raw, json)
Hash identifier: EWw7PXr6uelDYoTck2aS1Eyu+06jPK9bfwxGCOhkjLU=
Subject key identifier: 25:F8:05:FF:13:62:A8:F6:20:CD:C8:C2:22:44:04:F5:3D:01:F6:59
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01D17B
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/8244212E5F6511F1BA4D00FBCE1D38B0.roa
Signing time: Wed 03 Jun 2026 16:01:41 +0000
ROA not before: Wed 03 Jun 2026 16:01:36 +0000
ROA not after: Fri 10 Jul 2026 16:01:36 +0000
asID: 17497
IP address blocks: 154.193.16.0/20 maxlen: 24
154.193.16.0/24 maxlen: 24
154.193.17.0/24 maxlen: 24
154.193.18.0/24 maxlen: 24
154.193.19.0/24 maxlen: 24
154.193.20.0/24 maxlen: 24
154.193.21.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 13 Jun 2026 00:07:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 119163 (0x1d17b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jun 3 16:01:36 2026 GMT
Not After : Jul 10 16:01:36 2026 GMT
Subject: CN=6a204fe5-7737
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:76:6b:f1:b5:53:36:58:18:af:b2:04:9d:b4:
6d:76:98:78:75:33:55:9e:b1:f7:f5:ce:09:7d:75:
f7:96:d9:0c:90:f4:36:c1:5c:e6:f4:4a:e6:61:b0:
ff:9c:6e:6a:9e:f2:ee:72:da:46:fb:78:0b:00:ae:
76:10:86:15:93:6f:04:7c:2a:07:f2:62:91:73:a1:
0f:70:5c:5b:91:9e:ae:7b:63:2f:ca:f9:d0:6f:80:
5e:f9:18:19:5a:e0:84:f8:92:03:b2:a8:c9:9c:2f:
ce:fa:ea:92:df:0a:93:82:99:a1:7c:b1:e4:e2:e7:
4b:45:aa:e0:9f:59:28:d8:02:40:a7:f1:0f:3d:91:
fa:c0:d4:d7:a2:2b:d9:3e:bc:e5:a9:48:6a:e5:ca:
ac:97:fd:8d:da:80:d2:a0:97:8d:24:f0:91:4a:1f:
6b:5d:05:04:a6:e8:e2:a6:87:f8:5d:fb:ff:a7:77:
93:5c:2b:ff:4e:39:05:5a:55:58:df:c6:04:b4:bc:
88:07:8f:3e:ca:1e:8f:fd:16:de:11:89:df:62:06:
9a:96:66:18:ec:44:92:1e:1a:ac:6f:ba:16:ee:99:
b6:55:00:a6:79:92:73:a7:cb:d6:db:1c:81:59:8a:
47:da:f0:71:95:22:61:99:03:b5:0b:3c:14:c3:57:
15:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:F8:05:FF:13:62:A8:F6:20:CD:C8:C2:22:44:04:F5:3D:01:F6:59
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/8244212E5F6511F1BA4D00FBCE1D38B0.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.193.16.0/20
Signature Algorithm: sha256WithRSAEncryption
8a:ad:ca:ff:18:09:2f:cd:bf:b8:f5:5f:56:2c:ce:05:96:8e:
e4:ba:cf:fa:7f:58:7d:e4:96:bc:6d:60:9b:0b:8d:7c:c7:1b:
05:fe:96:49:63:c7:a2:d3:66:e2:5f:b9:bb:a3:b4:a8:92:da:
f2:09:4f:f3:07:91:eb:46:be:89:42:df:f1:03:f6:fd:68:74:
ef:c6:42:27:5f:79:7d:4f:f1:ae:73:8f:60:32:5a:09:7a:b2:
d1:5d:83:49:be:75:cd:fa:5e:2b:a7:76:6b:cb:bc:05:68:c7:
65:44:15:b1:cf:79:56:3b:3a:8b:b0:90:67:2f:6e:b8:b6:43:
7d:8e:9e:ae:71:8d:48:71:56:1b:22:a4:d3:88:92:bd:f7:34:
91:9f:d5:0e:5d:fb:c5:f0:e7:d1:c0:5e:1e:2b:28:53:59:55:
a5:b5:18:cb:69:c2:ba:2b:84:c7:55:73:df:57:6f:8b:d3:14:
6d:bd:67:8e:db:95:de:3d:d9:e3:97:1f:a4:68:b3:a0:5c:73:
05:ff:cb:b3:ba:f2:34:5b:87:83:66:fe:cd:2f:65:e3:8d:c8:
29:37:4d:a2:29:03:5e:95:93:2a:c3:c5:af:2a:d3:84:b9:60:
67:0a:b2:fd:76:39:35:bb:96:a8:31:ba:cd:ee:51:a8:3c:48:
32:89:cd:de
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAdF7MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjYwNjAzMTYwMTM2WhcNMjYwNzEwMTYwMTM2WjAYMRYw
FAYDVQQDEw02YTIwNGZlNS03NzM3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAyHZr8bVTNlgYr7IEnbRtdph4dTNVnrH39c4JfXX3ltkMkPQ2wVzm9Erm
YbD/nG5qnvLuctpG+3gLAK52EIYVk28EfCoH8mKRc6EPcFxbkZ6ue2MvyvnQb4Be
+RgZWuCE+JIDsqjJnC/O+uqS3wqTgpmhfLHk4udLRargn1ko2AJAp/EPPZH6wNTX
oivZPrzlqUhq5cqsl/2N2oDSoJeNJPCRSh9rXQUEpujipof4Xfv/p3eTXCv/TjkF
WlVY38YEtLyIB48+yh6P/RbeEYnfYgaalmYY7ESSHhqsb7oW7pm2VQCmeZJzp8vW
2xyBWYpH2vBxlSJhmQO1CzwUw1cVtQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFCX4
Bf8TYqj2IM3IwiJEBPU9AfZZMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC84MjQ0MjEyRTVGNjUxMUYxQkE0RDAwRkJDRTFEMzhCMC5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEmsEQMA0GCSqGSIb3DQEB
CwUAA4IBAQCKrcr/GAkvzb+49V9WLM4Flo7kus/6f1h95Ja8bWCbC418xxsF/pZJ
Y8ei02biX7m7o7SoktryCU/zB5HrRr6JQt/xA/b9aHTvxkInX3l9T/Guc49gMloJ
erLRXYNJvnXN+l4rp3Zry7wFaMdlRBWxz3lWOzqLsJBnL264tkN9jp6ucY1IcVYb
IqTTiJK99zSRn9UOXfvF8OfRwF4eKyhTWVWltRjLacK6K4THVXPfV2+L0xRtvWeO
25XePdnjlx+kaLOgXHMF/8uzuvI0W4eDZv7NL2XjjcgpN02iKQNelZMqw8WvKtOE
uWBnCrL9djk1u5aoMbrN7lGoPEgyic3e
-----END CERTIFICATE-----
Generated at Thu Jun 11 11:55:37 2026 by rpki-client