Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/F231372E535811F1B61B71AFCE1D38B0.roa
File: F231372E535811F1B61B71AFCE1D38B0.roa (raw, json)
Hash identifier: Nm/o5jZix9DiI4mSuDAddJJiesnriUF3vZfZsPAe+Rg=
Subject key identifier: D7:85:87:52:21:32:A8:BB:A5:D8:07:6C:BA:A2:E1:90:81:78:06:84
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01CC64
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/F231372E535811F1B61B71AFCE1D38B0.roa
Signing time: Tue 19 May 2026 08:01:31 +0000
ROA not before: Tue 19 May 2026 08:01:27 +0000
ROA not after: Wed 19 Aug 2026 08:01:27 +0000
asID: 400619
IP address blocks: 154.210.16.0/20 maxlen: 24
154.213.64.0/20 maxlen: 24
154.222.224.0/20 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 08 Jun 2026 00:08:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 117860 (0x1cc64)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: May 19 08:01:27 2026 GMT
Not After : Aug 19 08:01:27 2026 GMT
Subject: CN=6a0c18db-833a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:7e:59:93:52:71:88:96:db:ce:7c:d7:4e:a3:
8b:cd:07:0a:15:4c:c9:0d:26:9e:02:00:af:21:12:
26:19:55:1c:4d:40:37:00:ff:57:1e:10:19:3a:a3:
4e:aa:40:43:d6:22:9c:fa:39:c9:f2:e1:20:61:b6:
05:48:bd:7f:13:d7:36:ab:bc:ac:3c:ae:00:a1:12:
17:65:69:b2:7f:34:2a:8b:2e:7d:a0:e2:e2:1c:28:
d8:fd:8c:1c:ae:b2:86:9e:0a:84:39:d7:ee:78:7a:
ae:a8:dd:ee:52:ee:9f:c6:c9:b9:75:74:40:58:04:
24:cf:fa:8a:91:e7:78:ef:f2:e9:84:73:0f:4e:e2:
27:30:04:58:47:e8:ab:46:b5:38:c8:11:d3:9b:66:
da:64:7c:30:a4:af:39:f4:7d:02:0b:7f:b7:35:06:
ea:ed:9a:ba:37:d0:ea:c7:5d:98:ca:30:35:64:28:
4e:2e:2c:f3:dd:d1:72:ce:64:e8:db:1c:5f:6f:2d:
b2:d8:30:d0:d6:2e:02:ec:5a:02:f8:22:e1:ff:61:
73:30:ec:b3:5b:86:33:02:6a:a1:83:3f:46:7e:31:
bf:c3:cf:89:44:cc:e1:4c:6c:15:95:71:bc:be:38:
ef:6e:e3:10:75:2d:59:4c:dc:ca:4a:48:ac:8d:8c:
fe:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:85:87:52:21:32:A8:BB:A5:D8:07:6C:BA:A2:E1:90:81:78:06:84
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/F231372E535811F1B61B71AFCE1D38B0.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.210.16.0/20
154.213.64.0/20
154.222.224.0/20
Signature Algorithm: sha256WithRSAEncryption
7b:74:84:e0:a5:14:1f:59:5b:5d:a7:a0:2d:17:25:f4:96:af:
38:ea:2f:be:5a:41:89:0e:b7:0b:69:be:28:d2:0e:db:cb:96:
1a:ba:ad:c4:22:8d:d7:e9:d4:ee:58:f3:28:32:3a:82:00:c1:
52:56:8b:9f:44:e9:d0:4e:00:68:0e:de:8e:0d:83:d8:c3:01:
7c:55:06:9a:de:6f:ea:0d:84:5a:d6:02:af:c3:1f:91:51:c3:
f3:d0:5d:fb:40:af:35:58:35:45:2f:dd:ff:6a:4e:cb:14:87:
62:c8:9b:0f:a7:7d:4b:31:bb:4f:c6:49:b1:b1:b9:05:65:c9:
bc:68:2c:71:22:cf:17:50:39:17:48:ce:20:36:4d:6f:9b:f1:
60:89:98:39:3e:b9:58:ae:e9:3d:04:8a:80:9e:07:54:1b:69:
16:4d:44:11:e5:3e:26:f3:6d:d8:41:e3:08:00:56:65:4b:06:
22:73:df:98:7c:19:ff:38:dd:d2:00:43:88:ee:8a:f4:84:ae:
3f:ff:a5:fa:bc:7e:1c:01:36:00:6f:5e:a3:14:bf:a3:c3:bc:
c3:55:a9:fe:10:cb:dd:b4:60:4d:ab:14:22:76:9b:7c:52:7b:
44:d7:11:2c:3f:59:22:1a:fe:1b:4a:98:e1:90:35:3b:9e:e0:
43:05:a9:0a
-----BEGIN CERTIFICATE-----
MIIFkDCCBHigAwIBAgIDAcxkMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjYwNTE5MDgwMTI3WhcNMjYwODE5MDgwMTI3WjAYMRYw
FAYDVQQDEw02YTBjMThkYi04MzNhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAp35Zk1JxiJbbznzXTqOLzQcKFUzJDSaeAgCvIRImGVUcTUA3AP9XHhAZ
OqNOqkBD1iKc+jnJ8uEgYbYFSL1/E9c2q7ysPK4AoRIXZWmyfzQqiy59oOLiHCjY
/YwcrrKGngqEOdfueHquqN3uUu6fxsm5dXRAWAQkz/qKked47/LphHMPTuInMARY
R+irRrU4yBHTm2baZHwwpK859H0CC3+3NQbq7Zq6N9Dqx12YyjA1ZChOLizz3dFy
zmTo2xxfby2y2DDQ1i4C7FoC+CLh/2FzMOyzW4YzAmqhgz9GfjG/w8+JRMzhTGwV
lXG8vjjvbuMQdS1ZTNzKSkisjYz+WQIDAQABo4ICsTCCAq0wHQYDVR0OBBYEFNeF
h1IhMqi7pdgHbLqi4ZCBeAaEMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9GMjMxMzcyRTUzNTgxMUYxQjYxQjcxQUZDRTFEMzhCMC5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQEmtIQAwQEmtVAAwQEmt7g
MA0GCSqGSIb3DQEBCwUAA4IBAQB7dITgpRQfWVtdp6AtFyX0lq846i++WkGJDrcL
ab4o0g7by5Yauq3EIo3X6dTuWPMoMjqCAMFSVoufROnQTgBoDt6ODYPYwwF8VQaa
3m/qDYRa1gKvwx+RUcPz0F37QK81WDVFL93/ak7LFIdiyJsPp31LMbtPxkmxsbkF
Zcm8aCxxIs8XUDkXSM4gNk1vm/FgiZg5PrlYruk9BIqAngdUG2kWTUQR5T4m823Y
QeMIAFZlSwYic9+YfBn/ON3SAEOI7or0hK4//6X6vH4cATYAb16jFL+jw7zDVan+
EMvdtGBNqxQidpt8UntE1xEsP1kiGv4bSpjhkDU7nuBDBakK
-----END CERTIFICATE-----
Generated at Sat Jun 6 12:06:11 2026 by rpki-client