Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/F2AAAA2C4EA411F1BC110918CF1D38B0.roa
File: F2AAAA2C4EA411F1BC110918CF1D38B0.roa (raw, json)
Hash identifier: zL3D78tDFe+//GIplE6JLr0TxFC1QLWC5pF+jRw2EM4=
Subject key identifier: 24:D6:C3:61:51:D2:08:E3:18:B6:CB:DC:B1:80:8A:6B:A9:F5:37:3C
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01CB5B
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/F2AAAA2C4EA411F1BC110918CF1D38B0.roa
Signing time: Wed 13 May 2026 08:22:58 +0000
ROA not before: Wed 13 May 2026 08:21:29 +0000
ROA not after: Wed 20 May 2026 08:21:29 +0000
asID: 137443
IP address blocks: 154.223.168.0/24 maxlen: 24
154.223.169.0/24 maxlen: 24
154.223.170.0/24 maxlen: 24
154.223.171.0/24 maxlen: 24
154.223.176.0/24 maxlen: 24
154.223.177.0/24 maxlen: 24
154.223.178.0/24 maxlen: 24
154.223.179.0/24 maxlen: 24
154.223.180.0/24 maxlen: 24
154.223.181.0/24 maxlen: 24
154.223.182.0/24 maxlen: 24
154.223.183.0/24 maxlen: 24
154.223.188.0/24 maxlen: 24
154.223.189.0/24 maxlen: 24
154.223.190.0/24 maxlen: 24
154.223.191.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 17 May 2026 00:07:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 117595 (0x1cb5b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: May 13 08:21:29 2026 GMT
Not After : May 20 08:21:29 2026 GMT
Subject: CN=6a0434e2-6bf5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:d4:55:07:1f:5f:73:da:41:63:99:53:81:00:
73:fa:a2:f4:ae:91:07:bb:b3:14:e1:0b:23:ba:fb:
4d:2b:dd:f4:ff:ae:3e:df:76:b9:06:f6:a6:38:97:
a9:3d:69:b5:f3:a6:08:c5:b0:34:9e:c8:59:f1:f4:
63:0f:52:2c:62:cc:bd:b8:23:84:f9:5a:5a:1c:98:
53:ea:84:ec:a2:a7:95:38:ef:54:bd:12:9e:ff:cb:
8d:c2:bc:e4:61:80:08:69:44:b8:50:0d:0d:de:42:
f9:ea:bc:50:e1:4d:fc:2f:d7:39:6c:e7:a6:4c:48:
41:ab:30:5c:0d:d1:9e:b3:73:fa:16:d7:94:b0:2e:
77:53:a9:b0:6c:8a:f6:53:6b:a3:03:13:ce:3f:d0:
de:58:22:46:26:d3:4e:56:45:c0:03:e9:ed:f0:79:
86:ba:d4:06:e9:2c:c3:e5:cf:bc:8f:f6:71:37:55:
42:3a:e2:9f:75:6f:6f:0d:61:63:f3:f6:6b:11:12:
f7:89:70:b7:71:f9:32:1b:a4:72:89:cd:90:ba:e7:
9f:eb:bb:70:7f:b8:ea:70:dd:7a:d7:09:9b:3d:c9:
8f:bd:7f:ea:91:51:81:b9:8e:7a:37:ee:90:73:7d:
92:a9:40:7a:ac:33:c9:96:9d:3d:48:59:a1:b3:bf:
63:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:D6:C3:61:51:D2:08:E3:18:B6:CB:DC:B1:80:8A:6B:A9:F5:37:3C
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/F2AAAA2C4EA411F1BC110918CF1D38B0.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.223.168.0/22
154.223.176.0/21
154.223.188.0/22
Signature Algorithm: sha256WithRSAEncryption
9a:31:b8:46:13:04:9f:a7:f7:cd:b0:e5:31:82:42:eb:42:b7:
74:05:f1:dc:cc:44:0c:40:fc:f0:f0:ca:37:dc:ee:78:12:87:
cd:b8:c2:1b:a1:12:69:57:5f:0b:7b:d2:54:68:4b:92:02:94:
de:db:00:7d:6d:fd:4f:e0:bd:30:aa:62:ca:1c:36:0e:bb:bc:
f1:fa:eb:4f:a3:3d:d5:ed:88:0a:62:f4:26:53:40:08:01:35:
cf:22:65:a4:c8:f9:62:37:54:5b:23:5c:69:47:9c:e2:25:fd:
b7:b8:60:07:81:1f:e2:64:36:10:ba:3b:34:3b:7f:3e:64:f9:
70:a5:48:68:bb:3f:d3:d1:fb:9b:80:b0:95:58:7c:f2:e0:07:
46:d2:26:4b:a9:7e:34:fb:13:83:e3:5c:25:63:a9:f1:0b:74:
0d:da:a0:fb:49:c1:ca:07:22:c1:bb:41:12:96:aa:c6:0e:44:
ee:1d:33:fa:0a:44:72:0a:40:43:97:a1:88:60:54:ba:23:3a:
e9:5a:dd:c7:1b:52:98:15:53:4a:58:ba:86:9c:29:45:10:18:
32:43:5f:c4:67:05:90:bb:67:5b:6c:4a:a0:81:a3:5a:4f:fc:
44:ab:8e:64:5c:01:4c:8a:52:6c:a7:48:3e:64:b5:1a:04:26:
2b:8a:11:ba
-----BEGIN CERTIFICATE-----
MIIFkDCCBHigAwIBAgIDActbMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjYwNTEzMDgyMTI5WhcNMjYwNTIwMDgyMTI5WjAYMRYw
FAYDVQQDEw02YTA0MzRlMi02YmY1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAuNRVBx9fc9pBY5lTgQBz+qL0rpEHu7MU4QsjuvtNK930/64+33a5Bvam
OJepPWm186YIxbA0nshZ8fRjD1IsYsy9uCOE+VpaHJhT6oTsoqeVOO9UvRKe/8uN
wrzkYYAIaUS4UA0N3kL56rxQ4U38L9c5bOemTEhBqzBcDdGes3P6FteUsC53U6mw
bIr2U2ujAxPOP9DeWCJGJtNOVkXAA+nt8HmGutQG6SzD5c+8j/ZxN1VCOuKfdW9v
DWFj8/ZrERL3iXC3cfkyG6Ryic2Quuef67twf7jqcN161wmbPcmPvX/qkVGBuY56
N+6Qc32SqUB6rDPJlp09SFmhs79jEwIDAQABo4ICsTCCAq0wHQYDVR0OBBYEFCTW
w2FR0gjjGLbL3LGAimup9Tc8MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9GMkFBQUEyQzRFQTQxMUYxQkMxMTA5MThDRjFEMzhCMC5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCmt+oAwQDmt+wAwQCmt+8
MA0GCSqGSIb3DQEBCwUAA4IBAQCaMbhGEwSfp/fNsOUxgkLrQrd0BfHczEQMQPzw
8Mo33O54EofNuMIboRJpV18Le9JUaEuSApTe2wB9bf1P4L0wqmLKHDYOu7zx+utP
oz3V7YgKYvQmU0AIATXPImWkyPliN1RbI1xpR5ziJf23uGAHgR/iZDYQujs0O38+
ZPlwpUhouz/T0fubgLCVWHzy4AdG0iZLqX40+xOD41wlY6nxC3QN2qD7ScHKByLB
u0ESlqrGDkTuHTP6CkRyCkBDl6GIYFS6IzrpWt3HG1KYFVNKWLqGnClFEBgyQ1/E
ZwWQu2dbbEqggaNaT/xEq45kXAFMilJsp0g+ZLUaBCYrihG6
-----END CERTIFICATE-----
Generated at Fri May 15 18:37:39 2026 by rpki-client