Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/BA0EB942584011F1BEEF4915CF1D38B0.roa
File: BA0EB942584011F1BEEF4915CF1D38B0.roa (raw, json)
Hash identifier: tn+QQT6+tbCDpd6QqrY2Ynr4qtUuQhhp3u/V7TdEHMU=
Subject key identifier: 7D:AA:F6:93:42:8E:9A:65:F5:59:77:9A:92:6D:68:51:01:EA:CD:36
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01CF7D
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/BA0EB942584011F1BEEF4915CF1D38B0.roa
Signing time: Mon 25 May 2026 13:50:45 +0000
ROA not before: Mon 25 May 2026 13:50:41 +0000
ROA not after: Wed 19 Aug 2026 13:50:41 +0000
asID: 400619
IP address blocks: 154.91.48.0/20 maxlen: 24
154.91.176.0/20 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 08 Jun 2026 00:08:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 118653 (0x1cf7d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: May 25 13:50:41 2026 GMT
Not After : Aug 19 13:50:41 2026 GMT
Subject: CN=6a1453b5-9b27
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:b3:a3:1a:e4:8a:71:96:3d:7b:85:a7:78:20:
43:0d:1c:45:ef:b4:47:a0:f4:fe:42:0b:d7:c5:9f:
0e:6b:4d:64:57:3b:44:d8:3b:a7:09:49:58:0f:d5:
8b:3f:b2:6d:ca:b7:0e:93:83:02:8d:59:b0:42:e8:
90:b6:a9:92:3b:9b:b5:52:89:4e:8a:4f:05:06:3a:
61:ef:01:2f:1d:b0:5c:5c:70:be:74:ee:20:f1:b9:
0d:78:05:2b:f3:18:73:c2:b0:2e:13:eb:ff:35:94:
2a:d4:f2:83:e0:7f:01:e4:af:d5:6c:0b:aa:ff:f7:
3e:3f:58:2c:48:44:60:3f:dd:e2:f0:5a:46:3d:80:
f0:6d:ec:59:77:30:31:3f:0f:46:6d:1f:87:6b:4e:
bd:34:10:99:5c:0b:94:5b:6f:a6:c0:42:a1:fd:0e:
2d:e8:14:41:ba:aa:c0:68:bc:62:53:89:e7:c9:37:
90:2f:f9:fb:75:81:26:a4:75:cb:85:c2:2c:1a:f9:
5e:cc:8e:89:ee:39:08:b6:dd:73:86:e2:cb:f1:a8:
f4:8f:bf:3a:b2:d7:aa:8c:80:7e:da:e5:c0:7c:c2:
10:ae:a0:0f:48:88:38:dd:c7:29:b2:25:4d:e1:a7:
53:2e:c1:e3:61:f8:5d:4b:1f:69:4a:db:4f:cc:94:
be:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:AA:F6:93:42:8E:9A:65:F5:59:77:9A:92:6D:68:51:01:EA:CD:36
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/BA0EB942584011F1BEEF4915CF1D38B0.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.91.48.0/20
154.91.176.0/20
Signature Algorithm: sha256WithRSAEncryption
21:67:91:c1:17:03:f6:f7:a9:d2:c3:55:42:42:23:fa:fc:db:
57:bb:3a:5c:5f:71:c8:69:81:42:4f:ad:85:c8:48:bf:6f:f0:
43:56:2b:c3:b8:f5:fa:a0:5c:4e:75:97:28:e2:89:43:da:88:
51:8f:15:05:39:33:27:bd:16:45:be:8a:e7:23:5c:52:24:5c:
cc:7a:53:e9:ba:1f:c1:c3:6f:63:f5:7e:76:13:fc:75:bd:70:
6c:b4:9a:f6:01:3b:51:59:72:70:bc:3a:7b:d7:6d:e7:c4:ae:
57:e0:26:1f:ed:1e:5a:84:1c:c3:e9:f2:58:c7:49:58:95:cf:
c8:0d:80:8f:77:d8:cc:78:2e:4c:de:b7:26:1f:43:45:6b:3c:
0f:b1:a4:64:05:65:1c:53:33:84:c1:c6:80:f6:f9:77:33:ac:
b9:1a:33:08:77:20:19:2a:90:38:c9:e3:7b:20:4c:d5:5d:0f:
0b:ef:e1:2f:6f:61:9e:29:40:0c:eb:2c:1e:fd:99:fe:8a:9c:
2e:35:23:e5:03:41:0e:96:fd:55:f4:e3:89:bf:b0:e2:60:aa:
bd:e0:c8:5f:e3:9b:db:f9:ed:8d:51:76:57:19:39:6a:6e:aa:
83:bd:be:f6:1b:6f:ff:a3:0a:30:79:7c:cc:e2:b4:07:21:c4:
c0:b4:40:53
-----BEGIN CERTIFICATE-----
MIIFijCCBHKgAwIBAgIDAc99MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjYwNTI1MTM1MDQxWhcNMjYwODE5MTM1MDQxWjAYMRYw
FAYDVQQDEw02YTE0NTNiNS05YjI3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAnLOjGuSKcZY9e4WneCBDDRxF77RHoPT+QgvXxZ8Oa01kVztE2DunCUlY
D9WLP7JtyrcOk4MCjVmwQuiQtqmSO5u1UolOik8FBjph7wEvHbBcXHC+dO4g8bkN
eAUr8xhzwrAuE+v/NZQq1PKD4H8B5K/VbAuq//c+P1gsSERgP93i8FpGPYDwbexZ
dzAxPw9GbR+Ha069NBCZXAuUW2+mwEKh/Q4t6BRBuqrAaLxiU4nnyTeQL/n7dYEm
pHXLhcIsGvlezI6J7jkItt1zhuLL8aj0j786steqjIB+2uXAfMIQrqAPSIg43ccp
siVN4adTLsHjYfhdSx9pSttPzJS+bwIDAQABo4ICqzCCAqcwHQYDVR0OBBYEFH2q
9pNCjppl9Vl3mpJtaFEB6s02MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9CQTBFQjk0MjU4NDAxMUYxQkVFRjQ5MTVDRjFEMzhCMC5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQEmlswAwQEmluwMA0GCSqG
SIb3DQEBCwUAA4IBAQAhZ5HBFwP296nSw1VCQiP6/NtXuzpcX3HIaYFCT62FyEi/
b/BDVivDuPX6oFxOdZco4olD2ohRjxUFOTMnvRZFvornI1xSJFzMelPpuh/Bw29j
9X52E/x1vXBstJr2ATtRWXJwvDp7123nxK5X4CYf7R5ahBzD6fJYx0lYlc/IDYCP
d9jMeC5M3rcmH0NFazwPsaRkBWUcUzOEwcaA9vl3M6y5GjMIdyAZKpA4yeN7IEzV
XQ8L7+Evb2GeKUAM6ywe/Zn+ipwuNSPlA0EOlv1V9OOJv7DiYKq94Mhf45vb+e2N
UXZXGTlqbqqDvb72G2//owoweXzM4rQHIcTAtEBT
-----END CERTIFICATE-----
Generated at Sat Jun 6 10:48:32 2026 by rpki-client