Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/B071891C69A911F19F66F8DFCE1D38B0.roa
File: B071891C69A911F19F66F8DFCE1D38B0.roa (raw, json)
Hash identifier: WHgY9o9NKXTlS+VDUe1qdLbw0XdV9J2j0z5J3WzecXA=
Subject key identifier: 21:03:72:E5:FA:CC:4A:A5:ED:D5:D7:8D:5F:93:5E:5A:AE:42:FC:F3
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01D375
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/B071891C69A911F19F66F8DFCE1D38B0.roa
Signing time: Tue 16 Jun 2026 17:34:56 +0000
ROA not before: Tue 16 Jun 2026 17:34:51 +0000
ROA not after: Mon 13 Jul 2026 17:34:51 +0000
asID: 17497
IP address blocks: 154.90.138.0/23 maxlen: 24
154.90.138.0/24 maxlen: 24
154.90.139.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Thu 25 Jun 2026 14:14:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 119669 (0x1d375)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jun 16 17:34:51 2026 GMT
Not After : Jul 13 17:34:51 2026 GMT
Subject: CN=6a318940-d4d8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:0b:78:1d:f5:db:ed:ad:b1:b8:ae:8f:57:6a:
d0:38:7f:44:4e:51:9c:58:c4:69:d3:8c:d3:39:90:
e8:48:41:c4:c1:90:5e:f8:72:0b:26:0d:bf:ec:9b:
05:b3:ba:65:43:bb:86:02:fa:dd:3c:58:c9:48:9d:
18:58:72:36:c9:5d:52:79:53:05:c6:87:04:06:9a:
8d:b9:24:b9:76:4b:49:ce:95:ca:c9:75:27:d4:48:
33:ca:a0:52:91:7e:22:fd:4d:d1:53:0e:74:c6:3d:
ce:eb:d3:fa:92:f3:db:46:90:a1:a8:63:86:7c:ec:
a3:aa:5e:48:05:fa:2e:2f:03:77:e9:ee:87:a5:f5:
87:f7:b4:3c:79:ee:c9:0c:ef:19:a6:eb:16:8b:39:
88:49:bd:a7:e1:73:a0:de:53:8d:1e:a5:2f:ae:b1:
ce:95:8e:0f:8f:13:0c:18:48:2c:d8:d5:2c:5a:fc:
be:61:af:54:7e:3c:1c:2b:1d:c9:1d:01:d2:0b:60:
b2:86:79:d7:65:c9:78:11:ca:98:54:c8:ba:cd:39:
60:bc:18:e3:60:db:dc:c0:8c:26:f9:e5:30:d4:86:
93:88:b1:93:37:0e:ae:05:5d:94:dd:6f:fb:81:39:
a8:4f:12:88:60:fd:ec:bc:8c:65:c6:6c:de:20:3f:
b9:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:03:72:E5:FA:CC:4A:A5:ED:D5:D7:8D:5F:93:5E:5A:AE:42:FC:F3
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/B071891C69A911F19F66F8DFCE1D38B0.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.90.138.0/23
Signature Algorithm: sha256WithRSAEncryption
7d:55:12:c1:b2:d4:9b:df:0f:bb:0e:3a:7a:2e:2b:94:29:b3:
b9:b2:b6:28:08:f5:11:6e:7c:ef:13:ac:81:b9:f5:45:4e:41:
66:42:0d:45:d0:0f:47:c6:cc:ac:9b:9a:6d:e4:6a:1c:cc:20:
c8:58:f2:ac:99:57:db:05:0a:7b:e7:4d:b5:fe:bc:d1:21:a7:
63:8a:42:50:94:b0:74:56:30:4a:53:18:ed:a1:3e:63:69:01:
87:ba:2f:c5:2a:1c:f4:ab:c2:14:f1:f9:d3:01:47:bc:33:3f:
e5:ea:f9:b5:ed:a4:05:d8:ec:3c:87:1c:51:a0:b5:95:b3:71:
ee:8e:b3:b0:89:77:e4:a7:47:39:e9:6b:65:ee:cc:a1:79:75:
39:56:e7:18:32:bd:08:21:ad:69:95:3d:6d:02:26:bd:fc:74:
68:95:3c:ec:ab:7d:57:b8:52:2c:39:b4:e6:01:0b:d4:25:9d:
fa:12:46:94:4f:ad:3a:df:fe:20:60:41:42:84:ae:58:39:67:
c5:3f:04:46:e8:bb:be:47:74:89:75:3f:67:72:f2:61:31:82:
78:c5:51:1e:0d:2c:27:33:23:d8:69:31:08:80:20:2b:c6:20:
9f:43:d5:f4:47:3f:ec:fa:5c:05:50:dd:54:c2:7c:7b:56:9d:
f6:39:d2:e5
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAdN1MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjYwNjE2MTczNDUxWhcNMjYwNzEzMTczNDUxWjAYMRYw
FAYDVQQDEw02YTMxODk0MC1kNGQ4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEApwt4HfXb7a2xuK6PV2rQOH9ETlGcWMRp04zTOZDoSEHEwZBe+HILJg2/
7JsFs7plQ7uGAvrdPFjJSJ0YWHI2yV1SeVMFxocEBpqNuSS5dktJzpXKyXUn1Egz
yqBSkX4i/U3RUw50xj3O69P6kvPbRpChqGOGfOyjql5IBfouLwN36e6HpfWH97Q8
ee7JDO8ZpusWizmISb2n4XOg3lONHqUvrrHOlY4PjxMMGEgs2NUsWvy+Ya9Ufjwc
Kx3JHQHSC2CyhnnXZcl4EcqYVMi6zTlgvBjjYNvcwIwm+eUw1IaTiLGTNw6uBV2U
3W/7gTmoTxKIYP3svIxlxmzeID+5ywIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFCED
cuX6zEql7dXXjV+TXlquQvzzMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9CMDcxODkxQzY5QTkxMUYxOUY2NkY4REZDRTFEMzhCMC5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBmlqKMA0GCSqGSIb3DQEB
CwUAA4IBAQB9VRLBstSb3w+7Djp6LiuUKbO5srYoCPURbnzvE6yBufVFTkFmQg1F
0A9Hxsysm5pt5GoczCDIWPKsmVfbBQp75021/rzRIadjikJQlLB0VjBKUxjtoT5j
aQGHui/FKhz0q8IU8fnTAUe8Mz/l6vm17aQF2Ow8hxxRoLWVs3HujrOwiXfkp0c5
6Wtl7syheXU5VucYMr0IIa1plT1tAia9/HRolTzsq31XuFIsObTmAQvUJZ36EkaU
T6063/4gYEFChK5YOWfFPwRG6Lu+R3SJdT9ncvJhMYJ4xVEeDSwnMyPYaTEIgCAr
xiCfQ9X0Rz/s+lwFUN1Uwnx7Vp32OdLl
-----END CERTIFICATE-----
Generated at Tue Jun 23 21:52:06 2026 by rpki-client