Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/85B2492455D511F19383FFDBCE1D38B0.roa
File: 85B2492455D511F19383FFDBCE1D38B0.roa (raw, json)
Hash identifier: jjJ4DDG45nJX9MdXWh9BhtsAUN3W1tKa9jzx/FJBL2o=
Subject key identifier: 80:BA:6D:F8:26:FB:E2:CA:84:22:CF:54:07:87:69:A5:36:82:48:17
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01CE04
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/85B2492455D511F19383FFDBCE1D38B0.roa
Signing time: Fri 22 May 2026 11:58:19 +0000
ROA not before: Fri 22 May 2026 11:58:14 +0000
ROA not after: Sat 27 Jun 2026 11:58:14 +0000
asID: 3320
IP address blocks: 154.208.66.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 05 Jun 2026 16:06:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 118276 (0x1ce04)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: May 22 11:58:14 2026 GMT
Not After : Jun 27 11:58:14 2026 GMT
Subject: CN=6a1044db-29b4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:d9:76:e4:c5:2e:51:70:a2:8c:6e:4c:0b:81:
6b:3f:1c:9a:99:dd:ea:0e:5a:4c:5d:7e:87:f3:87:
12:5a:9a:d8:cc:76:a0:9c:44:88:07:b6:53:d8:c6:
01:24:1c:4f:08:b3:b1:bf:e5:3d:80:e8:69:c7:39:
c0:6a:45:4f:be:5d:1c:ff:5f:e2:55:70:7b:ad:46:
1c:2c:fb:6a:91:8f:33:ed:6c:cf:ed:cc:53:f8:44:
55:b5:42:67:b6:0d:10:83:46:eb:91:0a:23:78:b5:
bd:4a:10:15:e9:52:41:6e:3c:0b:43:2d:6b:98:d8:
d5:61:78:a1:a8:d8:c5:b8:23:23:43:00:16:1c:76:
17:83:b0:29:d7:3a:98:14:fa:c9:e5:5d:19:27:c8:
0a:6c:43:c2:4c:b1:00:dd:b7:83:a1:71:15:fb:36:
36:53:e7:df:19:8c:a2:49:d8:b8:41:26:81:2f:48:
83:55:01:8a:e0:ba:1a:80:be:a1:f2:57:96:24:31:
e9:bb:ee:d8:15:a4:4d:d5:62:a4:4a:bd:96:34:bf:
cc:44:15:1f:1c:2e:3f:6a:49:26:7c:42:4f:c7:bd:
19:31:da:af:e8:7e:37:46:14:ea:87:1d:7f:ad:83:
01:7a:2f:80:9d:cd:b1:ac:bc:e1:a8:ad:07:02:b6:
67:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:BA:6D:F8:26:FB:E2:CA:84:22:CF:54:07:87:69:A5:36:82:48:17
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/85B2492455D511F19383FFDBCE1D38B0.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.208.66.0/24
Signature Algorithm: sha256WithRSAEncryption
29:1a:38:8c:7e:81:47:fd:66:96:71:80:60:95:d5:d1:f5:99:
4d:04:4b:cc:ae:5f:08:60:06:88:93:30:a2:6a:62:00:dd:ee:
da:a5:8d:fc:5e:ec:f4:f1:27:a6:9e:01:05:cd:ba:b1:7a:19:
22:e3:c4:b1:63:bb:32:92:8b:45:06:02:07:54:f1:6a:65:02:
92:5e:cd:4f:00:e2:cf:e5:de:38:6d:06:cf:27:2b:0a:17:d5:
40:f7:29:23:32:61:d5:68:2c:8b:6d:1e:7c:08:84:a7:d4:22:
56:39:53:cd:6a:11:d8:e2:9d:9d:94:f9:bd:54:32:22:5a:e1:
e2:f9:1c:e0:e3:88:c0:28:41:c7:72:67:84:c4:9b:f2:0c:51:
6a:1d:ba:c8:bc:fc:82:79:78:0a:d9:27:0d:7e:f9:99:81:cc:
22:ba:90:71:e6:c9:af:6e:92:80:a1:07:2c:fe:fe:66:09:a7:
d5:6c:9c:4d:3a:36:12:af:09:31:8a:a1:86:4c:0c:2d:b4:d7:
38:d7:e3:57:ef:b6:7a:ac:1b:bb:1d:5a:39:99:ad:f6:d8:b0:
1d:f4:20:3e:4b:d7:7a:7b:9c:3c:41:05:a8:16:4b:34:80:c0:
8e:91:65:98:70:68:fb:d5:27:a6:5a:02:80:72:d7:30:88:94:
b6:e4:b4:f1
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAc4EMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjYwNTIyMTE1ODE0WhcNMjYwNjI3MTE1ODE0WjAYMRYw
FAYDVQQDEw02YTEwNDRkYi0yOWI0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAtNl25MUuUXCijG5MC4FrPxyamd3qDlpMXX6H84cSWprYzHagnESIB7ZT
2MYBJBxPCLOxv+U9gOhpxznAakVPvl0c/1/iVXB7rUYcLPtqkY8z7WzP7cxT+ERV
tUJntg0Qg0brkQojeLW9ShAV6VJBbjwLQy1rmNjVYXihqNjFuCMjQwAWHHYXg7Ap
1zqYFPrJ5V0ZJ8gKbEPCTLEA3beDoXEV+zY2U+ffGYyiSdi4QSaBL0iDVQGK4Loa
gL6h8leWJDHpu+7YFaRN1WKkSr2WNL/MRBUfHC4/akkmfEJPx70ZMdqv6H43RhTq
hx1/rYMBei+Anc2xrLzhqK0HArZn+QIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFIC6
bfgm++LKhCLPVAeHaaU2gkgXMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC84NUIyNDkyNDU1RDUxMUYxOTM4M0ZGREJDRTFEMzhCMC5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmtBCMA0GCSqGSIb3DQEB
CwUAA4IBAQApGjiMfoFH/WaWcYBgldXR9ZlNBEvMrl8IYAaIkzCiamIA3e7apY38
Xuz08SemngEFzbqxehki48SxY7sykotFBgIHVPFqZQKSXs1PAOLP5d44bQbPJysK
F9VA9ykjMmHVaCyLbR58CISn1CJWOVPNahHY4p2dlPm9VDIiWuHi+Rzg44jAKEHH
cmeExJvyDFFqHbrIvPyCeXgK2ScNfvmZgcwiupBx5smvbpKAoQcs/v5mCafVbJxN
OjYSrwkxiqGGTAwttNc41+NX77Z6rBu7HVo5ma322LAd9CA+S9d6e5w8QQWoFks0
gMCOkWWYcGj71SemWgKActcwiJS25LTx
-----END CERTIFICATE-----
Generated at Thu Jun 4 03:14:32 2026 by rpki-client