Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/A8FFE952535C11F1A1FCAEC6CE1D38B0.roa
File: A8FFE952535C11F1A1FCAEC6CE1D38B0.roa (raw, json)
Hash identifier: ybhIwg3+QGb/3lynLRzZ3KiVAHsJX2sFSDkjj8iChYA=
Subject key identifier: 89:8B:B0:CC:88:F4:00:E1:86:F6:5F:23:CE:8A:E1:B5:08:6C:00:0E
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01CC74
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/A8FFE952535C11F1A1FCAEC6CE1D38B0.roa
Signing time: Tue 19 May 2026 08:28:06 +0000
ROA not before: Tue 19 May 2026 08:28:02 +0000
ROA not after: Wed 19 Aug 2026 08:28:02 +0000
asID: 139923
IP address blocks: 154.91.48.0/20 maxlen: 24
154.91.176.0/20 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Thu 04 Jun 2026 00:07:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 117876 (0x1cc74)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: May 19 08:28:02 2026 GMT
Not After : Aug 19 08:28:02 2026 GMT
Subject: CN=6a0c1f16-1bbe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:aa:74:8c:df:a7:13:b3:8a:a7:8c:8c:57:91:
53:08:da:98:0d:bb:a4:09:23:30:7f:84:2d:1a:9d:
24:d6:ab:bc:07:83:7a:94:59:39:54:81:9f:fe:08:
40:56:10:19:7d:65:ee:f1:25:e2:e9:17:67:76:a5:
74:9c:15:13:f0:73:a2:09:8b:2b:a8:c9:81:b3:d9:
5f:23:48:4e:f4:13:19:41:55:55:f1:fe:eb:f5:e7:
12:fa:68:e9:97:db:9c:36:96:b8:15:cd:41:86:c8:
73:fa:96:c6:fc:96:74:07:d6:49:81:6a:49:ec:6f:
34:5e:90:37:4b:93:b9:fb:d6:45:48:88:8e:f7:18:
14:b8:0a:c3:65:e7:8c:f3:eb:68:c5:e6:f1:8a:bb:
a6:2f:00:73:77:80:78:19:59:cb:21:06:35:e0:51:
4d:b1:19:9c:30:02:0e:ad:d6:6f:11:35:a3:60:bf:
7d:6d:83:2b:b8:9f:cc:0f:2f:e3:7b:13:aa:8d:de:
99:92:6b:0c:6b:cf:0a:70:93:81:af:25:87:c8:eb:
63:d3:2e:c8:16:cb:16:13:e5:89:a8:d5:81:df:7d:
18:b6:1d:d0:e6:fa:c3:6f:52:e2:e5:88:3c:52:e6:
f3:a2:67:7e:5b:e5:d8:b2:17:85:df:07:e1:12:93:
dc:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:8B:B0:CC:88:F4:00:E1:86:F6:5F:23:CE:8A:E1:B5:08:6C:00:0E
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/A8FFE952535C11F1A1FCAEC6CE1D38B0.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.91.48.0/20
154.91.176.0/20
Signature Algorithm: sha256WithRSAEncryption
6e:03:9e:a5:70:8e:45:6a:a0:93:a6:8d:63:55:83:86:0b:bf:
b5:bc:ee:4b:a4:14:e4:85:f3:79:cf:e1:78:92:5b:09:ff:fb:
c8:f4:0b:5e:2c:06:27:71:ed:ac:63:7c:f5:6c:7f:a4:81:db:
69:c1:d0:d8:34:87:43:8b:9b:87:8d:8b:08:5e:99:30:6b:41:
54:a2:38:ff:ca:5d:a1:7f:05:cd:12:93:d0:96:ac:2a:91:0f:
7a:92:5f:e3:48:42:86:86:4c:34:1e:77:4a:a2:52:7c:2c:37:
8c:60:8a:42:58:4a:0d:2f:23:9c:7c:91:50:bd:e7:90:c9:ab:
c5:e8:af:38:66:a9:09:fa:c1:4a:94:20:da:08:da:e3:31:2f:
fb:bb:09:cf:99:7c:01:9d:80:4c:19:76:fb:ad:42:cf:75:45:
00:e8:ce:ec:1b:26:38:c4:b2:2b:50:e3:86:c4:67:27:5c:15:
d1:d7:33:fb:00:e9:c9:6c:4f:b9:05:fc:ba:f0:d0:5a:4f:8d:
d4:4f:25:be:12:55:fc:70:2f:67:a8:e4:51:54:1d:38:c9:d8:
91:0d:05:61:13:13:38:ab:85:af:1c:10:83:99:92:34:f9:0d:
ad:9e:8a:03:ea:8e:c6:06:cf:ea:10:f7:0d:bb:6e:e9:0d:75:
43:b8:01:ae
-----BEGIN CERTIFICATE-----
MIIFijCCBHKgAwIBAgIDAcx0MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjYwNTE5MDgyODAyWhcNMjYwODE5MDgyODAyWjAYMRYw
FAYDVQQDEw02YTBjMWYxNi0xYmJlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEApap0jN+nE7OKp4yMV5FTCNqYDbukCSMwf4QtGp0k1qu8B4N6lFk5VIGf
/ghAVhAZfWXu8SXi6RdndqV0nBUT8HOiCYsrqMmBs9lfI0hO9BMZQVVV8f7r9ecS
+mjpl9ucNpa4Fc1Bhshz+pbG/JZ0B9ZJgWpJ7G80XpA3S5O5+9ZFSIiO9xgUuArD
ZeeM8+toxebxirumLwBzd4B4GVnLIQY14FFNsRmcMAIOrdZvETWjYL99bYMruJ/M
Dy/jexOqjd6ZkmsMa88KcJOBryWHyOtj0y7IFssWE+WJqNWB330Yth3Q5vrDb1Li
5Yg8Uubzomd+W+XYsheF3wfhEpPc0QIDAQABo4ICqzCCAqcwHQYDVR0OBBYEFImL
sMyI9ADhhvZfI86K4bUIbAAOMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9BOEZGRTk1MjUzNUMxMUYxQTFGQ0FFQzZDRTFEMzhCMC5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQEmlswAwQEmluwMA0GCSqG
SIb3DQEBCwUAA4IBAQBuA56lcI5FaqCTpo1jVYOGC7+1vO5LpBTkhfN5z+F4klsJ
//vI9AteLAYnce2sY3z1bH+kgdtpwdDYNIdDi5uHjYsIXpkwa0FUojj/yl2hfwXN
EpPQlqwqkQ96kl/jSEKGhkw0HndKolJ8LDeMYIpCWEoNLyOcfJFQveeQyavF6K84
ZqkJ+sFKlCDaCNrjMS/7uwnPmXwBnYBMGXb7rULPdUUA6M7sGyY4xLIrUOOGxGcn
XBXR1zP7AOnJbE+5Bfy68NBaT43UTyW+ElX8cC9nqORRVB04ydiRDQVhExM4q4Wv
HBCDmZI0+Q2tnooD6o7GBs/qEPcNu27pDXVDuAGu
-----END CERTIFICATE-----
Generated at Tue Jun 2 21:35:48 2026 by rpki-client