Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/DB3E87AE4ED211F192D920AACE1D38B0.roa
File: DB3E87AE4ED211F192D920AACE1D38B0.roa (raw, json)
Hash identifier: F6RueIxuPlZd8k1Nc40kL84TNhZOtOsHMplFPeAdMCQ=
Subject key identifier: 03:33:46:4B:AE:35:B4:75:A1:88:F8:7B:9F:6B:85:EC:69:1C:E1:D1
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01CB6D
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/DB3E87AE4ED211F192D920AACE1D38B0.roa
Signing time: Wed 13 May 2026 13:51:36 +0000
ROA not before: Wed 13 May 2026 13:51:31 +0000
ROA not after: Wed 17 Jun 2026 13:51:31 +0000
asID: 22773
IP address blocks: 154.194.6.0/24 maxlen: 24
154.194.63.0/24 maxlen: 24
154.194.66.0/24 maxlen: 24
154.194.240.0/23 maxlen: 24
154.198.6.0/23 maxlen: 24
154.198.14.0/23 maxlen: 24
154.198.17.0/24 maxlen: 24
154.198.18.0/23 maxlen: 24
154.198.190.0/24 maxlen: 24
154.202.99.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 22 May 2026 08:26:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 117613 (0x1cb6d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: May 13 13:51:31 2026 GMT
Not After : Jun 17 13:51:31 2026 GMT
Subject: CN=6a0481e8-8283
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:aa:13:db:89:a3:21:0a:4f:8e:b4:20:c1:9e:
7e:ed:7b:45:ed:d9:6a:2f:20:de:ba:23:2c:59:b6:
1d:40:1f:b7:f7:58:a8:24:5d:9c:a7:72:de:82:e4:
83:87:18:9c:6d:f1:ba:e9:9f:7d:0b:b6:e9:bc:cb:
23:79:95:b7:e8:b9:b2:69:a4:ab:58:d7:6d:d2:d1:
41:9f:d3:b2:d2:87:33:16:84:e7:c8:e7:9e:ff:71:
26:e0:63:86:41:71:63:98:09:0c:19:4e:ae:ab:97:
78:b6:e9:44:8a:9f:a7:14:2e:0b:65:b4:4e:44:5e:
22:b7:a4:cb:45:1d:6a:65:9c:10:d4:02:16:18:9d:
0d:b3:96:62:d7:d8:86:fa:76:57:c8:c8:23:bb:92:
89:7f:59:d5:6c:9e:18:29:53:d5:4a:38:34:72:37:
9f:22:1b:22:06:ed:bb:97:f8:ec:0b:5f:1d:90:ff:
ad:b2:8c:1c:86:d7:11:81:8f:de:f2:86:61:87:7e:
47:14:bd:b1:67:ec:00:6b:63:59:8b:2c:02:25:df:
29:6f:bc:3a:97:dc:87:2a:7c:a4:3c:af:79:89:7d:
07:5d:b8:3d:ad:d8:de:f3:d6:65:6c:83:d1:46:b9:
e5:05:ce:f7:af:3c:c4:c2:e9:54:13:f9:dc:ef:55:
24:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:33:46:4B:AE:35:B4:75:A1:88:F8:7B:9F:6B:85:EC:69:1C:E1:D1
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/DB3E87AE4ED211F192D920AACE1D38B0.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.194.6.0/24
154.194.63.0/24
154.194.66.0/24
154.194.240.0/23
154.198.6.0/23
154.198.14.0/23
154.198.17.0-154.198.19.255
154.198.190.0/24
154.202.99.0/24
Signature Algorithm: sha256WithRSAEncryption
24:fc:ca:22:64:d9:16:de:b6:82:b6:8d:66:b8:8e:73:8b:69:
dc:35:96:df:7d:31:31:79:3b:9d:53:ae:83:e4:a9:3d:86:0a:
00:bf:29:34:98:6d:f6:da:3a:76:10:bf:5e:a3:73:7c:58:ff:
bc:e9:b1:6e:44:40:13:d8:c5:a7:ff:19:f2:65:cc:d4:7b:cf:
c1:7a:4f:2f:fb:02:ac:94:b3:68:54:12:76:0d:23:bd:b1:31:
4b:1c:93:97:62:39:a0:22:71:80:e6:0f:21:c2:b4:f7:d3:35:
dc:7f:d9:5c:c7:ee:e9:d2:31:67:a0:dd:79:a9:dc:e3:40:53:
5d:fa:7a:37:e3:0e:6f:32:a8:68:8c:04:01:3c:43:5f:86:22:
a8:9b:73:df:df:71:ae:21:02:a4:da:df:29:58:21:cc:1f:f7:
98:87:fc:49:51:a7:34:64:97:12:83:b3:fe:b7:26:c0:7d:92:
9e:a8:6d:64:3b:0b:73:d5:4a:e9:07:6e:70:7e:82:5d:d4:ee:
03:ee:93:c5:50:fd:61:8c:43:d9:72:84:6c:b1:d9:66:cb:ed:
a5:13:c2:2c:0a:74:be:c6:39:e1:94:e3:8c:ff:ea:ad:ed:61:
d5:e9:6c:bd:ec:77:e3:82:8e:26:a1:d9:57:8e:a3:59:d8:dc:
a9:3e:96:b4
-----BEGIN CERTIFICATE-----
MIIFvDCCBKSgAwIBAgIDActtMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjYwNTEzMTM1MTMxWhcNMjYwNjE3MTM1MTMxWjAYMRYw
FAYDVQQDEw02YTA0ODFlOC04MjgzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAoaoT24mjIQpPjrQgwZ5+7XtF7dlqLyDeuiMsWbYdQB+391ioJF2cp3Le
guSDhxicbfG66Z99C7bpvMsjeZW36LmyaaSrWNdt0tFBn9Oy0oczFoTnyOee/3Em
4GOGQXFjmAkMGU6uq5d4tulEip+nFC4LZbRORF4it6TLRR1qZZwQ1AIWGJ0Ns5Zi
19iG+nZXyMgju5KJf1nVbJ4YKVPVSjg0cjefIhsiBu27l/jsC18dkP+tsowchtcR
gY/e8oZhh35HFL2xZ+wAa2NZiywCJd8pb7w6l9yHKnykPK95iX0HXbg9rdje89Zl
bIPRRrnlBc73rzzEwulUE/nc71Uk0wIDAQABo4IC3TCCAtkwHQYDVR0OBBYEFAMz
RkuuNbR1oYj4e59rhexpHOHRMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9EQjNFODdBRTRFRDIxMUYxOTJEOTIwQUFDRTFEMzhCMC5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMFcGCCsGAQUFBwEHAQH/BEgwRjBEBAIAATA+AwQAmsIGAwQAmsI/AwQAmsJC
AwQBmsLwAwQBmsYGAwQBmsYOMAwDBACaxhEDBAKaxhADBACaxr4DBACaymMwDQYJ
KoZIhvcNAQELBQADggEBACT8yiJk2RbetoK2jWa4jnOLadw1lt99MTF5O51TroPk
qT2GCgC/KTSYbfbaOnYQv16jc3xY/7zpsW5EQBPYxaf/GfJlzNR7z8F6Ty/7AqyU
s2hUEnYNI72xMUsck5diOaAicYDmDyHCtPfTNdx/2VzH7unSMWeg3Xmp3ONAU136
ejfjDm8yqGiMBAE8Q1+GIqibc9/fca4hAqTa3ylYIcwf95iH/ElRpzRklxKDs/63
JsB9kp6obWQ7C3PVSukHbnB+gl3U7gPuk8VQ/WGMQ9lyhGyx2WbL7aUTwiwKdL7G
OeGU44z/6q3tYdXpbL3sd+OCjiah2VeOo1nY3Kk+lrQ=
-----END CERTIFICATE-----
Generated at Wed May 20 21:18:54 2026 by rpki-client