Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/B33087B655DB11F1A736E3FFCE1D38B0.roa
File: B33087B655DB11F1A736E3FFCE1D38B0.roa (raw, json)
Hash identifier: +WdFb4jVDCdWvmNC741lAtuPJbaHGkyTXpYf2HcjHVI=
Subject key identifier: 9F:D7:9D:F4:6C:BE:91:ED:E9:F1:E1:CE:D9:76:81:22:FC:B6:B6:D0
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01CE0A
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/B33087B655DB11F1A736E3FFCE1D38B0.roa
Signing time: Fri 22 May 2026 12:42:32 +0000
ROA not before: Fri 22 May 2026 12:42:28 +0000
ROA not after: Sat 08 Aug 2026 12:42:28 +0000
asID: 150706
IP address blocks: 154.223.168.0/22 maxlen: 24
154.223.176.0/22 maxlen: 24
154.223.180.0/22 maxlen: 24
154.223.188.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 06 Jun 2026 08:36:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 118282 (0x1ce0a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: May 22 12:42:28 2026 GMT
Not After : Aug 8 12:42:28 2026 GMT
Subject: CN=6a104f38-5798
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:d9:87:e2:19:3a:b3:69:ec:19:91:53:63:7f:
60:ab:88:05:2b:6f:8a:9c:90:11:73:77:c5:8c:6b:
04:12:dc:03:dc:a4:b6:5a:9a:f0:04:d9:ec:d1:77:
20:30:08:7e:47:3f:ac:3d:70:10:b7:b3:a7:0f:09:
6e:e1:01:10:6a:41:a6:57:ca:77:84:8f:63:e1:b0:
74:e8:49:22:a9:84:53:0b:9d:8f:cc:3a:86:25:99:
f7:25:d2:c2:8e:4c:da:b5:06:0a:5a:36:93:23:f7:
a7:ea:aa:68:ad:30:58:2b:d3:3d:4f:ed:1d:ac:3e:
c0:90:99:eb:6d:1b:28:23:f0:e5:80:c5:fc:c9:08:
9e:e0:66:14:44:90:8a:1a:22:3d:4e:be:90:43:94:
f2:0e:d7:d1:f5:55:34:a1:ce:80:0e:f6:f4:72:13:
a0:b1:53:67:ae:94:99:db:22:6a:8a:21:3a:af:79:
2a:17:58:b6:7d:50:61:f5:b1:45:70:6f:d9:78:3d:
a8:24:37:b2:80:cd:a7:89:73:c5:2b:49:d7:18:49:
77:00:02:f1:00:e7:0c:9e:fb:bc:1d:ad:14:04:4e:
3b:17:3f:d4:f7:af:69:30:2c:fe:d4:01:b9:a5:15:
fb:72:27:29:3d:eb:73:d3:17:3e:3c:ce:c7:0a:96:
18:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:D7:9D:F4:6C:BE:91:ED:E9:F1:E1:CE:D9:76:81:22:FC:B6:B6:D0
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/B33087B655DB11F1A736E3FFCE1D38B0.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.223.168.0/22
154.223.176.0/21
154.223.188.0/22
Signature Algorithm: sha256WithRSAEncryption
55:eb:b8:01:ae:95:0a:32:aa:3c:95:44:ad:75:cf:58:b5:e0:
4f:61:6b:59:1e:a2:10:e6:55:04:9f:e4:e4:a3:27:a0:38:7b:
e8:e1:f4:f5:9b:69:75:9e:d7:6d:bb:ec:31:cb:4e:6d:e3:52:
b4:5b:84:22:5d:9c:cd:6d:e0:44:06:a0:28:ef:6b:f5:f6:84:
9d:a2:f4:50:41:96:df:c1:c7:ac:d8:2f:4e:a1:22:71:ad:59:
57:1e:ce:6e:6a:cb:18:b0:52:6e:3c:c1:79:00:06:40:2b:68:
8a:63:c4:cf:9f:5c:96:bb:61:a3:d0:66:8b:a4:4f:14:26:18:
c5:85:6b:3d:be:df:25:fa:24:86:22:b5:fa:bc:34:17:cc:b9:
03:8a:fe:82:22:f2:4c:41:c6:af:c7:c2:34:fd:17:92:45:c7:
60:8a:ea:f3:46:5b:bf:0f:80:df:ac:45:72:6b:3e:18:22:a4:
d8:9b:57:ea:7c:f0:7a:35:67:16:42:ea:5d:b5:d4:5d:90:80:
97:bc:3c:cd:8b:16:c1:0d:46:7c:93:17:50:a6:a1:ca:a8:7b:
5e:1c:5e:4b:8b:c4:b8:5e:ab:26:98:99:ed:ff:65:41:46:f7:
11:e5:8f:b1:bf:ae:63:9c:3a:9b:53:3f:af:cc:cd:29:17:f4:
8e:5a:22:75
-----BEGIN CERTIFICATE-----
MIIFkDCCBHigAwIBAgIDAc4KMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjYwNTIyMTI0MjI4WhcNMjYwODA4MTI0MjI4WjAYMRYw
FAYDVQQDEw02YTEwNGYzOC01Nzk4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAqdmH4hk6s2nsGZFTY39gq4gFK2+KnJARc3fFjGsEEtwD3KS2WprwBNns
0XcgMAh+Rz+sPXAQt7OnDwlu4QEQakGmV8p3hI9j4bB06EkiqYRTC52PzDqGJZn3
JdLCjkzatQYKWjaTI/en6qporTBYK9M9T+0drD7AkJnrbRsoI/DlgMX8yQie4GYU
RJCKGiI9Tr6QQ5TyDtfR9VU0oc6ADvb0chOgsVNnrpSZ2yJqiiE6r3kqF1i2fVBh
9bFFcG/ZeD2oJDeygM2niXPFK0nXGEl3AALxAOcMnvu8Ha0UBE47Fz/U969pMCz+
1AG5pRX7cicpPetz0xc+PM7HCpYYlwIDAQABo4ICsTCCAq0wHQYDVR0OBBYEFJ/X
nfRsvpHt6fHhztl2gSL8trbQMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9CMzMwODdCNjU1REIxMUYxQTczNkUzRkZDRTFEMzhCMC5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCmt+oAwQDmt+wAwQCmt+8
MA0GCSqGSIb3DQEBCwUAA4IBAQBV67gBrpUKMqo8lUStdc9YteBPYWtZHqIQ5lUE
n+TkoyegOHvo4fT1m2l1ntdtu+wxy05t41K0W4QiXZzNbeBEBqAo72v19oSdovRQ
QZbfwces2C9OoSJxrVlXHs5uassYsFJuPMF5AAZAK2iKY8TPn1yWu2Gj0GaLpE8U
JhjFhWs9vt8l+iSGIrX6vDQXzLkDiv6CIvJMQcavx8I0/ReSRcdgiurzRlu/D4Df
rEVyaz4YIqTYm1fqfPB6NWcWQupdtdRdkICXvDzNixbBDUZ8kxdQpqHKqHteHF5L
i8S4XqsmmJnt/2VBRvcR5Y+xv65jnDqbUz+vzM0pF/SOWiJ1
-----END CERTIFICATE-----
Generated at Thu Jun 4 16:08:52 2026 by rpki-client