Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/B2D7C66E6A2E11F18BB7E512CF1D38B0.roa
File: B2D7C66E6A2E11F18BB7E512CF1D38B0.roa (raw, json)
Hash identifier: 32PbI+Erx7DGTRcmx2PRRnC9dYYlhfHZ7jEVouAZn80=
Subject key identifier: 4F:FC:43:4B:86:37:70:D2:3C:40:32:68:79:B5:95:3B:34:BF:D6:A9
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01D3A0
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/B2D7C66E6A2E11F18BB7E512CF1D38B0.roa
Signing time: Wed 17 Jun 2026 09:27:03 +0000
ROA not before: Wed 17 Jun 2026 09:26:58 +0000
ROA not after: Sun 19 Jul 2026 09:26:58 +0000
asID: 6079
IP address blocks: 154.221.192.0/18 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Thu 25 Jun 2026 14:14:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 119712 (0x1d3a0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jun 17 09:26:58 2026 GMT
Not After : Jul 19 09:26:58 2026 GMT
Subject: CN=6a326867-a370
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:20:5a:00:d8:94:7b:d3:92:a2:59:ea:b6:86:
1e:82:43:e7:d2:e3:74:bb:4b:67:e0:41:35:f1:31:
19:55:3c:d5:e2:e7:70:ef:75:00:89:d6:96:73:14:
ab:12:5f:6c:7a:9c:62:c8:7a:f7:7f:2d:f2:72:91:
e8:7d:12:7b:5e:f3:9a:0c:50:95:bf:6b:1e:c5:a8:
d4:cf:61:4f:40:0a:85:ed:46:7f:dd:71:15:68:aa:
84:d3:88:6d:f5:94:17:1f:49:f7:e0:70:95:4f:0d:
fa:65:12:6f:06:dc:fd:b5:11:f3:55:81:09:59:39:
e9:f8:af:f6:92:1b:98:d8:3c:c7:21:b0:e8:43:b1:
1d:bb:64:20:68:a2:cc:32:07:d4:47:a9:72:e8:5c:
50:34:e1:b1:b1:ff:ac:27:1a:f5:a4:3b:00:df:90:
1f:0a:37:96:00:31:da:e5:8c:93:9b:0b:5e:a8:7e:
a2:9f:7f:80:e1:e6:dc:88:ef:df:59:07:29:18:ed:
2f:86:5a:3e:91:b0:ef:2e:28:83:7f:4f:07:c5:cd:
51:f8:c7:8d:c8:ef:31:ff:f2:f1:cb:e5:da:55:7b:
44:2b:6d:cf:e1:ea:71:aa:e8:5e:ee:1d:05:16:0d:
1d:94:e3:41:e6:ff:b4:96:e4:8b:9a:89:72:0d:b6:
75:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:FC:43:4B:86:37:70:D2:3C:40:32:68:79:B5:95:3B:34:BF:D6:A9
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/B2D7C66E6A2E11F18BB7E512CF1D38B0.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.221.192.0/18
Signature Algorithm: sha256WithRSAEncryption
8e:b3:af:7e:bc:ae:42:27:ab:e2:40:47:95:a2:ef:c4:01:56:
97:e8:0b:0a:18:78:c4:91:7c:74:0c:6e:49:ba:5b:65:7f:8d:
2f:35:d7:cb:99:73:c1:5c:2c:5c:1e:15:47:53:0c:ea:b1:a3:
8c:50:2d:52:9c:a1:3a:39:95:bc:5a:9f:7a:77:73:10:56:ac:
28:e6:3c:55:94:17:f8:0e:4d:83:f3:7e:5d:2d:f5:6d:84:4f:
fc:b8:68:99:dd:31:ca:8a:54:49:7a:ff:55:1f:4a:83:16:25:
d5:10:93:bd:61:00:bc:6a:e1:e4:00:75:5c:a6:e6:44:36:0c:
92:69:f5:00:8f:23:54:f6:c8:db:d9:13:fc:3c:47:60:ff:3d:
54:c8:a6:79:9f:ce:38:57:9f:93:d3:6a:4e:e2:f0:36:47:65:
dc:86:8b:8c:8f:da:10:65:3f:91:7d:c3:b7:ac:dc:79:38:c0:
d0:9e:73:5e:48:7c:c0:25:c8:da:2e:12:cd:15:1c:54:2b:72:
1d:77:d5:a1:35:78:6e:7f:ee:da:ac:6c:7b:15:4f:11:eb:c3:
4a:6a:87:7f:59:17:1e:b0:b1:d4:11:22:a3:ba:b1:fa:f1:d2:
cf:06:d2:06:69:b8:6e:41:f2:38:b7:60:94:54:8a:d9:f8:fb:
c9:e7:ff:e6
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAdOgMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjYwNjE3MDkyNjU4WhcNMjYwNzE5MDkyNjU4WjAYMRYw
FAYDVQQDEw02YTMyNjg2Ny1hMzcwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAtiBaANiUe9OSolnqtoYegkPn0uN0u0tn4EE18TEZVTzV4udw73UAidaW
cxSrEl9sepxiyHr3fy3ycpHofRJ7XvOaDFCVv2sexajUz2FPQAqF7UZ/3XEVaKqE
04ht9ZQXH0n34HCVTw36ZRJvBtz9tRHzVYEJWTnp+K/2khuY2DzHIbDoQ7Edu2Qg
aKLMMgfUR6ly6FxQNOGxsf+sJxr1pDsA35AfCjeWADHa5YyTmwteqH6in3+A4ebc
iO/fWQcpGO0vhlo+kbDvLiiDf08Hxc1R+MeNyO8x//Lxy+XaVXtEK23P4epxquhe
7h0FFg0dlONB5v+0luSLmolyDbZ1PQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFE/8
Q0uGN3DSPEAyaHm1lTs0v9apMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9CMkQ3QzY2RTZBMkUxMUYxOEJCN0U1MTJDRjFEMzhCMC5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQGmt3AMA0GCSqGSIb3DQEB
CwUAA4IBAQCOs69+vK5CJ6viQEeVou/EAVaX6AsKGHjEkXx0DG5Jultlf40vNdfL
mXPBXCxcHhVHUwzqsaOMUC1SnKE6OZW8Wp96d3MQVqwo5jxVlBf4Dk2D835dLfVt
hE/8uGiZ3THKilRJev9VH0qDFiXVEJO9YQC8auHkAHVcpuZENgySafUAjyNU9sjb
2RP8PEdg/z1UyKZ5n844V5+T02pO4vA2R2XchouMj9oQZT+RfcO3rNx5OMDQnnNe
SHzAJcjaLhLNFRxUK3Idd9WhNXhuf+7arGx7FU8R68NKaod/WRcesLHUESKjurH6
8dLPBtIGabhuQfI4t2CUVIrZ+PvJ5//m
-----END CERTIFICATE-----
Generated at Tue Jun 23 21:53:44 2026 by rpki-client