Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/A9E5972E578D11F1AE83C8D2CE1D38B0.roa
File: A9E5972E578D11F1AE83C8D2CE1D38B0.roa (raw, json)
Hash identifier: yVMxP5bXx1inftdfgyIQDALAXYP5BBx6+ANOMma5CdI=
Subject key identifier: 7B:E3:8D:42:9F:50:DA:47:F8:6B:98:27:6B:31:66:85:8B:CF:E2:29
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01CEF1
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/A9E5972E578D11F1AE83C8D2CE1D38B0.roa
Signing time: Sun 24 May 2026 16:28:58 +0000
ROA not before: Sun 24 May 2026 16:28:53 +0000
ROA not after: Wed 01 Jul 2026 16:28:53 +0000
asID: 139880
IP address blocks: 154.194.128.0/18 maxlen: 24
154.209.160.0/19 maxlen: 24
154.214.64.0/18 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 13 Jun 2026 15:58:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 118513 (0x1cef1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: May 24 16:28:53 2026 GMT
Not After : Jul 1 16:28:53 2026 GMT
Subject: CN=6a13274a-2f01
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:be:d5:ef:bd:d0:1f:b6:6d:b4:fa:b7:20:d3:
e0:ac:64:49:c7:7a:ca:09:5c:da:e1:58:3b:a1:fd:
60:14:20:51:68:50:35:6b:92:f6:43:9c:0b:ad:44:
ef:b6:09:e9:3e:5a:42:81:28:88:1d:7a:2b:fc:9d:
8b:26:43:42:b3:9c:51:2b:3d:95:ad:69:aa:00:af:
9e:4e:e1:57:db:cb:ab:5d:18:e2:ae:98:3e:23:2b:
3e:74:cb:48:01:b4:f4:15:ad:e0:d8:bf:17:60:07:
72:da:79:42:c9:7c:ac:f9:f8:65:d4:d5:e7:75:2a:
5f:06:8a:fd:b9:a1:c7:aa:ed:7e:2e:d4:2d:92:54:
1a:50:21:f2:63:49:d1:0a:da:87:62:ed:e3:17:b0:
4b:00:00:27:ba:74:34:dc:8b:3c:bd:ea:43:a8:e5:
e3:db:35:31:59:b7:8d:ec:e2:f9:7b:5b:3e:f8:5f:
26:09:42:96:96:20:16:49:9b:25:be:f1:78:10:6f:
28:f2:4f:51:fd:ac:71:0f:03:9e:71:ea:af:0c:f8:
93:0e:b6:0f:0f:16:13:21:96:5a:82:ce:25:20:35:
b9:8c:3c:1d:2e:df:9c:cc:a6:ac:73:e5:85:89:d4:
7b:80:82:0e:03:bc:94:67:8f:58:44:e1:73:c7:39:
17:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7B:E3:8D:42:9F:50:DA:47:F8:6B:98:27:6B:31:66:85:8B:CF:E2:29
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/A9E5972E578D11F1AE83C8D2CE1D38B0.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.194.128.0/18
154.209.160.0/19
154.214.64.0/18
Signature Algorithm: sha256WithRSAEncryption
2b:d5:af:43:7b:99:48:a8:20:62:a1:99:71:4c:93:ea:43:08:
8f:0c:c1:a5:07:d0:9b:dd:16:a7:8f:ee:48:11:4a:d2:e1:8f:
11:03:d2:ed:73:88:f8:65:02:8d:f0:3a:f5:6f:c1:69:71:fc:
d5:5f:2b:c2:31:b5:ad:f5:d9:08:45:53:3b:a7:27:c5:03:79:
de:f0:e1:0c:17:49:0c:b9:90:7e:cf:a3:ed:73:90:08:c5:88:
7c:15:54:83:e0:d9:73:a6:36:8d:b1:52:77:31:82:1f:35:2e:
ec:fd:08:c8:8a:ad:bf:d0:17:9e:6f:7e:9b:88:da:26:fe:e6:
ed:d6:10:fe:30:20:cc:a5:9b:2a:33:3b:a7:81:b0:06:85:08:
e2:dd:11:b8:ac:4a:4c:50:a2:37:6d:45:50:9a:33:f9:d6:79:
cd:5c:1a:96:77:a9:ef:d9:5e:a6:9e:dd:5d:cd:09:e8:8b:47:
34:66:fd:f7:d8:e8:0f:08:b8:1c:e9:0f:b2:cd:46:88:14:a1:
79:1a:d1:02:9e:bb:fd:d9:df:f5:0a:f8:1a:18:f5:8a:9a:59:
26:f6:98:a5:cf:8b:bb:fc:16:b0:ae:36:5b:d4:ea:2c:c6:e7:
58:05:c0:f1:f3:4c:1e:45:88:c0:11:a9:a8:04:00:64:4f:04:
9c:12:17:45
-----BEGIN CERTIFICATE-----
MIIFkDCCBHigAwIBAgIDAc7xMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjYwNTI0MTYyODUzWhcNMjYwNzAxMTYyODUzWjAYMRYw
FAYDVQQDEw02YTEzMjc0YS0yZjAxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA577V773QH7ZttPq3INPgrGRJx3rKCVza4Vg7of1gFCBRaFA1a5L2Q5wL
rUTvtgnpPlpCgSiIHXor/J2LJkNCs5xRKz2VrWmqAK+eTuFX28urXRjirpg+Iys+
dMtIAbT0Fa3g2L8XYAdy2nlCyXys+fhl1NXndSpfBor9uaHHqu1+LtQtklQaUCHy
Y0nRCtqHYu3jF7BLAAAnunQ03Is8vepDqOXj2zUxWbeN7OL5e1s++F8mCUKWliAW
SZslvvF4EG8o8k9R/axxDwOeceqvDPiTDrYPDxYTIZZags4lIDW5jDwdLt+czKas
c+WFidR7gIIOA7yUZ49YROFzxzkXZwIDAQABo4ICsTCCAq0wHQYDVR0OBBYEFHvj
jUKfUNpH+GuYJ2sxZoWLz+IpMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9BOUU1OTcyRTU3OEQxMUYxQUU4M0M4RDJDRTFEMzhCMC5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQGmsKAAwQFmtGgAwQGmtZA
MA0GCSqGSIb3DQEBCwUAA4IBAQAr1a9De5lIqCBioZlxTJPqQwiPDMGlB9Cb3Ran
j+5IEUrS4Y8RA9Ltc4j4ZQKN8Dr1b8FpcfzVXyvCMbWt9dkIRVM7pyfFA3ne8OEM
F0kMuZB+z6Ptc5AIxYh8FVSD4NlzpjaNsVJ3MYIfNS7s/QjIiq2/0Beeb36biNom
/ubt1hD+MCDMpZsqMzungbAGhQji3RG4rEpMUKI3bUVQmjP51nnNXBqWd6nv2V6m
nt1dzQnoi0c0Zv332OgPCLgc6Q+yzUaIFKF5GtECnrv92d/1CvgaGPWKmlkm9pil
z4u7/BawrjZb1OosxudYBcDx80weRYjAEamoBABkTwScEhdF
-----END CERTIFICATE-----
Generated at Fri Jun 12 02:23:47 2026 by rpki-client