Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/F22D48B84E8E11F1A8478215CF1D38B0.roa
File: F22D48B84E8E11F1A8478215CF1D38B0.roa (raw, json)
Hash identifier: KZyS/V4wbVt+a5C6JAOcCRpV2ZpYc6EE/UwYXe/wOys=
Subject key identifier: 3A:08:15:8A:5B:67:65:02:13:FC:FD:DF:85:05:91:B1:A8:09:7D:14
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01CB59
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/F22D48B84E8E11F1A8478215CF1D38B0.roa
Signing time: Wed 13 May 2026 05:45:28 +0000
ROA not before: Wed 13 May 2026 05:45:23 +0000
ROA not after: Tue 16 Jun 2026 05:45:23 +0000
asID: 22773
IP address blocks: 154.198.20.0/24 maxlen: 24
154.202.29.0/24 maxlen: 24
154.202.30.0/24 maxlen: 24
154.202.31.0/24 maxlen: 24
154.202.69.0/24 maxlen: 24
154.202.72.0/24 maxlen: 24
154.202.73.0/24 maxlen: 24
154.202.76.0/24 maxlen: 24
154.202.77.0/24 maxlen: 24
154.202.109.0/24 maxlen: 24
154.202.110.0/24 maxlen: 24
154.202.112.0/24 maxlen: 24
154.202.113.0/24 maxlen: 24
154.202.114.0/24 maxlen: 24
154.202.116.0/24 maxlen: 24
154.202.137.0/24 maxlen: 24
154.213.192.0/24 maxlen: 24
154.213.200.0/24 maxlen: 24
154.213.201.0/24 maxlen: 24
154.213.205.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 22 May 2026 08:26:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 117593 (0x1cb59)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: May 13 05:45:23 2026 GMT
Not After : Jun 16 05:45:23 2026 GMT
Subject: CN=6a040ff8-ff9a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:63:e2:40:88:a6:91:ac:bd:b7:f1:21:6d:78:
b5:cf:f7:b0:35:92:e2:27:14:98:06:b0:3d:70:5d:
48:f3:01:3f:bd:ed:fd:f1:89:84:21:37:4f:cd:8b:
48:d3:52:a7:e3:92:da:b2:cb:79:f5:00:a1:c2:e5:
7e:a1:f4:fb:3b:3c:d0:cd:08:a7:d8:b6:f0:d1:1a:
4f:54:61:da:6f:0f:1f:94:03:fb:38:f5:a7:86:c0:
fd:62:e3:32:d0:b1:73:a0:ef:12:76:60:2e:93:93:
b2:75:c9:be:97:35:d7:af:c0:36:38:bf:ad:72:18:
47:c5:26:3e:6c:90:27:a7:f7:af:04:a6:8e:b8:f6:
a6:12:7a:13:04:fe:be:bd:b7:b7:c8:ff:81:da:f7:
bf:09:a4:dd:0c:0a:a4:9b:7f:34:07:7e:59:c4:43:
16:d7:df:d4:ed:fb:4d:26:d5:13:01:ef:84:46:40:
f8:e4:e7:f0:b5:38:87:ec:6b:0e:81:e0:13:c9:b3:
e3:46:c2:b6:46:2c:c9:1e:03:52:d6:96:37:22:21:
a6:80:98:46:17:c9:c8:51:de:ee:aa:8d:bc:dd:f2:
17:bd:8e:97:6c:dd:77:99:48:14:f9:64:2f:89:d4:
3a:45:50:35:6b:bd:ab:11:c7:38:74:15:3d:43:f5:
c6:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:08:15:8A:5B:67:65:02:13:FC:FD:DF:85:05:91:B1:A8:09:7D:14
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/F22D48B84E8E11F1A8478215CF1D38B0.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.198.20.0/24
154.202.29.0-154.202.31.255
154.202.69.0/24
154.202.72.0/23
154.202.76.0/23
154.202.109.0-154.202.110.255
154.202.112.0-154.202.114.255
154.202.116.0/24
154.202.137.0/24
154.213.192.0/24
154.213.200.0/23
154.213.205.0/24
Signature Algorithm: sha256WithRSAEncryption
a7:fd:6a:ac:de:c8:f6:fe:5c:ea:75:61:ee:91:a2:90:c8:ab:
aa:de:9f:70:b7:a7:f9:f2:27:b8:b8:32:ac:45:3a:a6:89:d8:
39:25:0c:d0:aa:5f:20:3d:5a:c1:e0:8e:d5:3f:5d:aa:a1:34:
f1:78:ef:af:b1:08:1f:6c:72:28:78:26:cc:de:49:df:d5:f9:
21:b3:3f:d8:61:e7:55:51:e5:e1:13:80:1c:e9:17:37:ee:dd:
fd:7b:57:db:f2:a3:13:5c:65:16:88:da:7a:64:df:48:eb:a2:
f2:24:b5:6d:68:84:63:6b:9c:a8:1f:dd:cb:9d:d7:e5:17:d6:
ae:70:ec:4c:aa:a8:8b:b7:bc:61:12:c5:21:34:c2:b9:ba:e8:
f1:e0:66:df:94:35:06:83:e5:a7:b5:95:39:ed:66:e9:1e:f0:
9f:88:72:9c:c1:c0:cc:7d:ec:97:e0:01:b9:07:38:de:cf:a5:
36:f5:ee:73:9a:6c:b6:c4:f8:ec:d0:d9:ce:29:63:53:c6:c2:
58:0e:1e:b4:1f:6b:39:bb:61:88:09:76:c4:a1:7d:3b:a3:9d:
36:83:9e:62:be:c8:39:af:14:2d:00:95:a8:16:67:34:26:ad:
a2:92:63:69:c2:ad:7d:54:f0:7f:e9:83:6e:d7:db:d4:f3:9f:
b0:8d:03:a0
-----BEGIN CERTIFICATE-----
MIIF3jCCBMagAwIBAgIDActZMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjYwNTEzMDU0NTIzWhcNMjYwNjE2MDU0NTIzWjAYMRYw
FAYDVQQDEw02YTA0MGZmOC1mZjlhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA32PiQIimkay9t/EhbXi1z/ewNZLiJxSYBrA9cF1I8wE/ve398YmEITdP
zYtI01Kn45Lasst59QChwuV+ofT7OzzQzQin2Lbw0RpPVGHabw8flAP7OPWnhsD9
YuMy0LFzoO8SdmAuk5Oydcm+lzXXr8A2OL+tchhHxSY+bJAnp/evBKaOuPamEnoT
BP6+vbe3yP+B2ve/CaTdDAqkm380B35ZxEMW19/U7ftNJtUTAe+ERkD45OfwtTiH
7GsOgeATybPjRsK2RizJHgNS1pY3IiGmgJhGF8nIUd7uqo283fIXvY6XbN13mUgU
+WQvidQ6RVA1a72rEcc4dBU9Q/XGFQIDAQABo4IC/zCCAvswHQYDVR0OBBYEFDoI
FYpbZ2UCE/z934UFkbGoCX0UMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9GMjJENDhCODRFOEUxMUYxQTg0NzgyMTVDRjFEMzhCMC5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMHkGCCsGAQUFBwEHAQH/BGowaDBmBAIAATBgAwQAmsYUMAwDBACayh0DBAWa
ygADBACaykUDBAGaykgDBAGaykwwDAMEAJrKbQMEAJrKbjAMAwQEmspwAwQAmspy
AwQAmsp0AwQAmsqJAwQAmtXAAwQBmtXIAwQAmtXNMA0GCSqGSIb3DQEBCwUAA4IB
AQCn/Wqs3sj2/lzqdWHukaKQyKuq3p9wt6f58ie4uDKsRTqmidg5JQzQql8gPVrB
4I7VP12qoTTxeO+vsQgfbHIoeCbM3knf1fkhsz/YYedVUeXhE4Ac6Rc37t39e1fb
8qMTXGUWiNp6ZN9I66LyJLVtaIRja5yoH93LndflF9aucOxMqqiLt7xhEsUhNMK5
uujx4GbflDUGg+WntZU57WbpHvCfiHKcwcDMfeyX4AG5Bzjez6U29e5zmmy2xPjs
0NnOKWNTxsJYDh60H2s5u2GICXbEoX07o502g55ivsg5rxQtAJWoFmc0Jq2ikmNp
wq19VPB/6YNu19vU85+wjQOg
-----END CERTIFICATE-----
Generated at Wed May 20 21:20:04 2026 by rpki-client