Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/EC29F07C55FC11F1980444C8CE1D38B0.roa
File: EC29F07C55FC11F1980444C8CE1D38B0.roa (raw, json)
Hash identifier: KnxuVEZWjdvbIdAwKRcvg4/snEPKnJeVP3bK1onBGEo=
Subject key identifier: 50:81:C0:0F:8A:FA:16:F5:99:55:B8:88:D5:33:76:FD:8B:54:10:B2
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01CE34
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/EC29F07C55FC11F1980444C8CE1D38B0.roa
Signing time: Fri 22 May 2026 16:40:21 +0000
ROA not before: Fri 22 May 2026 16:40:16 +0000
ROA not after: Fri 26 Jun 2026 16:40:16 +0000
asID: 138915
IP address blocks: 154.206.64.0/24 maxlen: 24
154.206.65.0/24 maxlen: 24
154.206.66.0/24 maxlen: 24
154.206.68.0/23 maxlen: 24
154.206.68.0/24 maxlen: 24
154.206.69.0/24 maxlen: 24
154.206.70.0/23 maxlen: 24
154.206.70.0/24 maxlen: 24
154.206.71.0/24 maxlen: 24
154.206.96.0/23 maxlen: 24
154.206.98.0/23 maxlen: 24
154.206.100.0/23 maxlen: 24
154.206.102.0/23 maxlen: 24
154.206.104.0/23 maxlen: 24
154.206.106.0/24 maxlen: 24
154.206.107.0/24 maxlen: 24
154.206.108.0/23 maxlen: 24
154.206.110.0/23 maxlen: 24
154.206.112.0/23 maxlen: 24
154.206.114.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 06 Jun 2026 06:56:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 118324 (0x1ce34)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: May 22 16:40:16 2026 GMT
Not After : Jun 26 16:40:16 2026 GMT
Subject: CN=6a1086f5-4610
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:dc:49:db:1b:84:eb:17:c7:f1:10:b9:0c:27:
3f:9c:c3:7b:4f:b5:c9:e8:09:0d:72:62:0d:fc:0e:
3a:88:f4:eb:e8:ab:fc:99:62:32:84:51:3d:3f:e9:
31:80:19:42:fb:d0:b6:29:c2:33:fc:e8:83:ef:88:
b4:19:38:de:13:ca:b0:02:ec:6f:07:56:a5:70:69:
55:17:0e:29:fd:bf:aa:a6:78:f8:34:00:46:96:05:
0b:cf:15:37:2b:55:36:62:74:32:a6:97:83:a2:b7:
f1:83:85:03:99:03:07:8d:3f:14:ed:89:8c:29:7a:
64:87:c9:4d:10:5d:fb:68:bf:4e:99:7a:5e:ef:0c:
82:66:c9:5f:b5:94:66:62:66:69:23:3c:18:6b:bd:
96:10:dd:cc:95:99:6a:2f:9f:8e:10:15:79:7c:dd:
7e:cf:ad:89:ac:ae:8f:5d:6c:c5:ce:84:0a:04:66:
61:90:f3:85:c0:70:2a:9d:47:a5:a8:55:18:18:81:
aa:e8:c6:9c:4d:e1:f8:49:b1:ec:b8:61:2c:5d:f0:
a8:05:f5:10:89:c1:e5:ed:7e:55:ae:c9:56:8f:a5:
f7:b3:1d:4a:5f:aa:8d:44:ca:c7:de:f2:d8:3c:78:
93:63:b0:10:a8:bf:2d:f7:6a:2b:c1:97:44:6a:71:
b5:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:81:C0:0F:8A:FA:16:F5:99:55:B8:88:D5:33:76:FD:8B:54:10:B2
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/EC29F07C55FC11F1980444C8CE1D38B0.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.206.64.0-154.206.66.255
154.206.68.0/22
154.206.96.0-154.206.115.255
Signature Algorithm: sha256WithRSAEncryption
7e:c0:48:a2:42:b5:37:e0:49:16:38:e0:68:40:79:6a:18:ba:
88:99:bb:e3:8b:24:0f:48:c3:92:5b:7f:b8:ba:4b:8b:27:c5:
80:a5:6d:e1:5e:f1:83:2c:28:e7:62:e5:83:d7:f1:83:c3:4c:
f4:fe:71:30:a4:e4:9d:06:a7:1e:d5:c2:6f:39:aa:09:42:23:
44:70:95:fd:99:1e:68:9d:0e:81:99:d8:de:a7:e1:b5:d6:22:
7d:2a:d2:5b:67:ff:55:e5:48:1a:9e:d7:63:ba:d4:27:85:55:
7f:46:7e:30:5d:d8:7c:80:3e:63:00:22:03:85:67:db:64:ff:
d5:5b:b3:f0:17:53:18:73:d5:2d:0a:c5:f8:49:88:94:c5:1d:
a4:60:d1:ea:d1:29:f5:74:fa:72:b8:b3:fe:00:66:6a:44:fc:
30:ec:07:8a:bb:9e:5e:89:f7:56:eb:c5:09:89:5b:a6:81:25:
7d:39:e2:27:05:5b:59:22:2f:ac:6d:67:d1:78:04:35:49:a8:
4f:48:61:87:99:ff:e0:50:f7:2d:28:b8:57:41:49:7c:e9:27:
7f:4c:ae:72:d0:72:07:8d:ed:76:35:26:33:c3:29:d4:dd:19:
4f:73:00:c9:c4:15:e0:d3:cc:9b:2b:08:26:1e:89:75:b9:28:
d6:16:5b:8f
-----BEGIN CERTIFICATE-----
MIIFoDCCBIigAwIBAgIDAc40MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjYwNTIyMTY0MDE2WhcNMjYwNjI2MTY0MDE2WjAYMRYw
FAYDVQQDEw02YTEwODZmNS00NjEwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA59xJ2xuE6xfH8RC5DCc/nMN7T7XJ6AkNcmIN/A46iPTr6Kv8mWIyhFE9
P+kxgBlC+9C2KcIz/OiD74i0GTjeE8qwAuxvB1alcGlVFw4p/b+qpnj4NABGlgUL
zxU3K1U2YnQyppeDorfxg4UDmQMHjT8U7YmMKXpkh8lNEF37aL9OmXpe7wyCZslf
tZRmYmZpIzwYa72WEN3MlZlqL5+OEBV5fN1+z62JrK6PXWzFzoQKBGZhkPOFwHAq
nUelqFUYGIGq6MacTeH4SbHsuGEsXfCoBfUQicHl7X5VrslWj6X3sx1KX6qNRMrH
3vLYPHiTY7AQqL8t92orwZdEanG1FQIDAQABo4ICwTCCAr0wHQYDVR0OBBYEFFCB
wA+K+hb1mVW4iNUzdv2LVBCyMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9FQzI5RjA3QzU1RkMxMUYxOTgwNDQ0QzhDRTFEMzhCMC5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMDsGCCsGAQUFBwEHAQH/BCwwKjAoBAIAATAiMAwDBAaazkADBACazkIDBAKa
zkQwDAMEBZrOYAMEAprOcDANBgkqhkiG9w0BAQsFAAOCAQEAfsBIokK1N+BJFjjg
aEB5ahi6iJm744skD0jDklt/uLpLiyfFgKVt4V7xgywo52Llg9fxg8NM9P5xMKTk
nQanHtXCbzmqCUIjRHCV/ZkeaJ0OgZnY3qfhtdYifSrSW2f/VeVIGp7XY7rUJ4VV
f0Z+MF3YfIA+YwAiA4Vn22T/1Vuz8BdTGHPVLQrF+EmIlMUdpGDR6tEp9XT6criz
/gBmakT8MOwHirueXon3VuvFCYlbpoElfTniJwVbWSIvrG1n0XgENUmoT0hhh5n/
4FD3LSi4V0FJfOknf0yuctByB43tdjUmM8Mp1N0ZT3MAycQV4NPMmysIJh6Jdbko
1hZbjw==
-----END CERTIFICATE-----
Generated at Thu Jun 4 11:12:42 2026 by rpki-client