Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/AF20F3FC576D11F18F25EB11CF1D38B0.roa
File: AF20F3FC576D11F18F25EB11CF1D38B0.roa (raw, json)
Hash identifier: tymJdgiXxazksdxc8O5qxPmUnDIwnu8B6EYzH7FkLFQ=
Subject key identifier: 93:5F:3E:32:B3:F0:CB:B5:D8:DA:CC:47:84:50:8C:08:73:78:2E:6B
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01CECB
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/AF20F3FC576D11F18F25EB11CF1D38B0.roa
Signing time: Sun 24 May 2026 12:40:03 +0000
ROA not before: Sun 24 May 2026 12:39:58 +0000
ROA not after: Mon 06 Jul 2026 12:39:58 +0000
asID: 20326
IP address blocks: 154.83.152.0/22 maxlen: 24
154.83.184.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Thu 04 Jun 2026 00:07:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 118475 (0x1cecb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: May 24 12:39:58 2026 GMT
Not After : Jul 6 12:39:58 2026 GMT
Subject: CN=6a12f1a3-7fac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:1a:0d:84:80:64:b0:30:b3:de:55:c2:43:f9:
3b:28:0f:28:87:20:3c:a2:6c:5e:15:08:bd:35:db:
c7:45:c8:1a:02:34:c0:62:36:07:5b:98:be:e4:8b:
34:81:78:9c:69:a8:01:8b:c5:7c:ea:a0:37:43:13:
6f:23:3c:8c:30:84:e2:43:a7:49:09:13:d6:c0:79:
74:f5:68:5e:5d:d6:3f:95:6c:d0:90:6b:15:20:34:
ed:99:bf:b5:82:ae:e1:3c:ec:33:33:f3:0c:e3:19:
ee:3b:f6:db:ee:62:ee:b6:e1:90:5b:bd:8e:25:c7:
04:7c:d5:2b:25:82:36:10:a1:31:14:18:08:52:07:
f0:8d:d6:3d:99:73:d4:7b:3b:6e:2c:e4:39:35:94:
15:74:2f:a3:62:3b:a4:45:86:e1:3a:bc:fb:b3:47:
88:e0:c4:19:0a:7b:1b:5c:60:f5:5f:3a:35:de:69:
bc:60:59:fa:69:35:f1:1f:f4:84:63:2a:21:71:79:
1b:44:4e:bb:99:cd:55:ee:70:a0:b6:42:33:89:aa:
78:3f:46:0b:05:e8:17:8e:6e:e2:f8:53:56:48:03:
ae:ed:ea:36:f9:4b:e6:dc:36:c7:c8:f5:56:5b:7c:
72:b1:47:b1:8e:a7:4a:6f:4c:f8:72:8c:f1:06:90:
58:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:5F:3E:32:B3:F0:CB:B5:D8:DA:CC:47:84:50:8C:08:73:78:2E:6B
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/AF20F3FC576D11F18F25EB11CF1D38B0.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.83.152.0/22
154.83.184.0/23
Signature Algorithm: sha256WithRSAEncryption
05:d1:a2:5a:36:24:a9:ab:bb:fb:ff:ba:ae:62:49:e4:e1:17:
7b:40:d0:ec:50:00:67:1f:d2:bd:b2:99:d4:a1:a8:25:e9:ad:
b7:94:2d:5e:55:4f:41:d2:1f:7b:80:b9:3e:51:ef:31:fa:80:
fe:1c:91:ce:8d:05:5a:53:23:00:54:a1:0b:bf:ea:70:00:5d:
fe:6a:c4:aa:85:c2:bc:0a:d6:89:47:fa:f0:0b:96:2d:3b:fb:
58:3d:27:44:af:ca:47:2c:0d:9d:58:09:ff:b6:6d:b5:c0:14:
70:2e:d1:6c:28:2b:38:99:64:48:21:ee:25:bf:23:25:11:3c:
50:ac:48:3b:83:81:2f:21:ca:38:5d:53:a8:5a:37:55:1d:68:
37:53:6a:1a:cd:e3:0d:2b:25:8c:0e:c1:d1:1e:0c:62:c1:3b:
60:0b:50:64:89:fe:1d:e8:f5:ea:16:a9:72:ad:4c:98:b7:58:
e9:e4:b8:35:e5:69:84:4f:97:4f:0c:15:96:8d:6d:9e:15:10:
b6:7d:9c:d7:5d:67:2f:a2:02:48:ce:ab:0c:3f:8a:7b:9e:cc:
a5:bf:3d:78:6e:9d:6f:9a:25:8c:87:de:5e:52:22:46:fa:f5:
19:43:ae:1d:61:38:a0:83:8c:0e:06:cc:90:69:4b:c2:cf:3e:
f5:7e:04:ff
-----BEGIN CERTIFICATE-----
MIIFijCCBHKgAwIBAgIDAc7LMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjYwNTI0MTIzOTU4WhcNMjYwNzA2MTIzOTU4WjAYMRYw
FAYDVQQDEw02YTEyZjFhMy03ZmFjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAwRoNhIBksDCz3lXCQ/k7KA8ohyA8omxeFQi9NdvHRcgaAjTAYjYHW5i+
5Is0gXicaagBi8V86qA3QxNvIzyMMITiQ6dJCRPWwHl09WheXdY/lWzQkGsVIDTt
mb+1gq7hPOwzM/MM4xnuO/bb7mLutuGQW72OJccEfNUrJYI2EKExFBgIUgfwjdY9
mXPUeztuLOQ5NZQVdC+jYjukRYbhOrz7s0eI4MQZCnsbXGD1Xzo13mm8YFn6aTXx
H/SEYyohcXkbRE67mc1V7nCgtkIziap4P0YLBegXjm7i+FNWSAOu7eo2+Uvm3DbH
yPVWW3xysUexjqdKb0z4cozxBpBYQQIDAQABo4ICqzCCAqcwHQYDVR0OBBYEFJNf
PjKz8Mu12NrMR4RQjAhzeC5rMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9BRjIwRjNGQzU3NkQxMUYxOEYyNUVCMTFDRjFEMzhCMC5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCmlOYAwQBmlO4MA0GCSqG
SIb3DQEBCwUAA4IBAQAF0aJaNiSpq7v7/7quYknk4Rd7QNDsUABnH9K9spnUoagl
6a23lC1eVU9B0h97gLk+Ue8x+oD+HJHOjQVaUyMAVKELv+pwAF3+asSqhcK8CtaJ
R/rwC5YtO/tYPSdEr8pHLA2dWAn/tm21wBRwLtFsKCs4mWRIIe4lvyMlETxQrEg7
g4EvIco4XVOoWjdVHWg3U2oazeMNKyWMDsHRHgxiwTtgC1Bkif4d6PXqFqlyrUyY
t1jp5Lg15WmET5dPDBWWjW2eFRC2fZzXXWcvogJIzqsMP4p7nsylvz14bp1vmiWM
h95eUiJG+vUZQ64dYTigg4wOBsyQaUvCzz71fgT/
-----END CERTIFICATE-----
Generated at Tue Jun 2 21:28:30 2026 by rpki-client