Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/9BF08278535011F19622B5FCCE1D38B0.roa
File: 9BF08278535011F19622B5FCCE1D38B0.roa (raw, json)
Hash identifier: DGoT9+v2MLYy2OhDOV11le5pRpSyvzqsPRVfSglHCCg=
Subject key identifier: 1B:51:02:FE:3A:16:57:DB:D2:A5:4F:7E:98:FC:7C:2B:75:5F:F2:D8
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01CC54
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/9BF08278535011F19622B5FCCE1D38B0.roa
Signing time: Tue 19 May 2026 07:01:51 +0000
ROA not before: Tue 19 May 2026 07:01:46 +0000
ROA not after: Sat 08 Aug 2026 07:01:46 +0000
asID: 149014
IP address blocks: 154.223.168.0/22 maxlen: 24
154.223.176.0/22 maxlen: 24
154.223.180.0/22 maxlen: 24
154.223.188.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 06 Jun 2026 08:36:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 117844 (0x1cc54)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: May 19 07:01:46 2026 GMT
Not After : Aug 8 07:01:46 2026 GMT
Subject: CN=6a0c0adf-f9b1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:6c:42:6b:cc:42:d3:38:20:c1:ee:47:e1:8f:
0c:f9:d5:a3:79:7b:dc:82:76:9c:b7:d8:1a:7a:cd:
41:36:93:9f:b9:c9:4e:aa:47:2f:9d:0d:8b:66:00:
44:48:71:32:77:af:8b:d0:03:73:fd:cf:9d:2a:7b:
1b:99:80:2d:44:f6:d8:18:74:f8:a7:e2:54:a4:ef:
08:f4:30:a2:09:8a:d6:42:70:14:36:a9:48:ed:12:
6b:eb:04:3d:2c:f0:81:9f:e8:e3:f2:b7:18:54:4e:
2b:80:75:06:61:86:40:94:0e:e9:ed:a9:1b:d9:d0:
31:e4:32:5a:13:55:7e:e3:34:e2:a3:e0:47:ac:24:
fc:47:19:5d:73:9b:12:f9:65:f6:1c:e4:c6:86:cb:
df:9c:6d:86:59:54:0d:55:30:c5:f7:26:14:87:5f:
5d:cc:fd:ef:1f:8e:de:8d:8d:b4:df:fa:6f:43:d9:
1d:ce:b8:01:5d:57:ba:ea:e1:67:80:e4:6d:4f:5d:
fd:dc:a9:81:b4:4c:0c:f2:86:0d:a3:9e:06:68:89:
c4:fb:9b:94:a0:dc:a1:46:2b:2e:2d:a5:74:58:ea:
82:bd:5e:9a:6f:36:ac:ac:a1:fb:07:b4:22:f3:56:
11:ac:0d:8d:b9:e2:38:aa:7d:ab:af:0b:71:ac:5c:
d1:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:51:02:FE:3A:16:57:DB:D2:A5:4F:7E:98:FC:7C:2B:75:5F:F2:D8
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/9BF08278535011F19622B5FCCE1D38B0.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.223.168.0/22
154.223.176.0/21
154.223.188.0/22
Signature Algorithm: sha256WithRSAEncryption
a2:1d:33:46:a8:9a:18:41:62:55:5b:0a:91:8d:33:8b:97:63:
70:e4:a0:cb:50:0a:4e:e7:8a:3f:7d:8a:62:35:3c:dc:26:77:
27:81:29:b7:39:a3:b8:02:aa:63:4a:87:60:69:b9:43:c7:3f:
c0:10:c7:e9:03:61:f6:f6:e1:0b:d0:7c:1c:94:31:36:76:11:
62:50:5c:9f:62:a4:d0:97:67:3c:61:17:40:90:2b:be:51:9f:
24:e1:6b:51:b7:8d:7f:96:1c:8b:69:45:b2:76:5f:6f:ae:6e:
e7:32:f3:ab:9e:37:2e:a8:1c:bc:c8:af:89:36:12:ef:ee:00:
31:15:e3:78:19:49:62:97:b3:7f:49:96:24:d0:1b:33:ec:fb:
e4:08:8b:cc:ff:10:91:ef:16:ab:f7:08:2a:cd:87:85:65:35:
a5:ec:5d:1f:7d:99:6e:16:a4:15:33:42:69:38:04:d9:7c:06:
2d:ee:fd:7c:98:75:b5:2f:07:47:8e:90:75:38:cf:a9:4d:e6:
d0:d5:35:b8:c1:4d:80:15:1b:a1:2b:a9:a3:be:29:13:2b:17:
09:5d:ea:19:2d:60:85:02:c0:1e:09:5f:56:85:3d:c0:68:ab:
07:50:35:96:a2:c5:f2:07:79:a0:e9:4c:d4:6d:10:d8:0b:03:
3f:df:0b:2b
-----BEGIN CERTIFICATE-----
MIIFkDCCBHigAwIBAgIDAcxUMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjYwNTE5MDcwMTQ2WhcNMjYwODA4MDcwMTQ2WjAYMRYw
FAYDVQQDEw02YTBjMGFkZi1mOWIxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAs2xCa8xC0zggwe5H4Y8M+dWjeXvcgnact9gaes1BNpOfuclOqkcvnQ2L
ZgBESHEyd6+L0ANz/c+dKnsbmYAtRPbYGHT4p+JUpO8I9DCiCYrWQnAUNqlI7RJr
6wQ9LPCBn+jj8rcYVE4rgHUGYYZAlA7p7akb2dAx5DJaE1V+4zTio+BHrCT8Rxld
c5sS+WX2HOTGhsvfnG2GWVQNVTDF9yYUh19dzP3vH47ejY203/pvQ9kdzrgBXVe6
6uFngORtT1393KmBtEwM8oYNo54GaInE+5uUoNyhRisuLaV0WOqCvV6abzasrKH7
B7Qi81YRrA2NueI4qn2rrwtxrFzRnwIDAQABo4ICsTCCAq0wHQYDVR0OBBYEFBtR
Av46Flfb0qVPfpj8fCt1X/LYMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC85QkYwODI3ODUzNTAxMUYxOTYyMkI1RkNDRTFEMzhCMC5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCmt+oAwQDmt+wAwQCmt+8
MA0GCSqGSIb3DQEBCwUAA4IBAQCiHTNGqJoYQWJVWwqRjTOLl2Nw5KDLUApO54o/
fYpiNTzcJncngSm3OaO4AqpjSodgablDxz/AEMfpA2H29uEL0HwclDE2dhFiUFyf
YqTQl2c8YRdAkCu+UZ8k4WtRt41/lhyLaUWydl9vrm7nMvOrnjcuqBy8yK+JNhLv
7gAxFeN4GUlil7N/SZYk0Bsz7PvkCIvM/xCR7xar9wgqzYeFZTWl7F0ffZluFqQV
M0JpOATZfAYt7v18mHW1LwdHjpB1OM+pTebQ1TW4wU2AFRuhK6mjvikTKxcJXeoZ
LWCFAsAeCV9WhT3AaKsHUDWWosXyB3mg6UzUbRDYCwM/3wsr
-----END CERTIFICATE-----
Generated at Thu Jun 4 16:09:01 2026 by rpki-client