Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/F703D4D8513611F195F02BB6CE1D38B0.roa
File: F703D4D8513611F195F02BB6CE1D38B0.roa (raw, json)
Hash identifier: i2AuVTU3EmQ0/TcRWTvoj0D6BiJsAtFKIMr2pL/VA1k=
Subject key identifier: B1:2E:04:66:94:E9:39:D1:7C:C4:52:C7:9B:8A:77:45:E6:3D:86:66
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01CBEF
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/F703D4D8513611F195F02BB6CE1D38B0.roa
Signing time: Sat 16 May 2026 14:53:14 +0000
ROA not before: Sat 16 May 2026 14:53:09 +0000
ROA not after: Mon 25 May 2026 14:53:09 +0000
asID: 153517
IP address blocks: 154.86.16.0/20 maxlen: 24
154.86.16.0/21 maxlen: 24
154.86.16.0/22 maxlen: 24
154.86.16.0/23 maxlen: 24
154.86.16.0/24 maxlen: 24
154.86.17.0/24 maxlen: 24
154.86.18.0/23 maxlen: 24
154.86.18.0/24 maxlen: 24
154.86.19.0/24 maxlen: 24
154.86.20.0/22 maxlen: 24
154.86.20.0/23 maxlen: 24
154.86.20.0/24 maxlen: 24
154.86.22.0/23 maxlen: 24
154.86.24.0/21 maxlen: 24
154.86.24.0/22 maxlen: 24
154.86.24.0/23 maxlen: 24
154.86.26.0/23 maxlen: 24
154.86.28.0/22 maxlen: 24
154.86.28.0/23 maxlen: 24
154.86.30.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 23 May 2026 00:07:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 117743 (0x1cbef)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: May 16 14:53:09 2026 GMT
Not After : May 25 14:53:09 2026 GMT
Subject: CN=6a0884da-8f33
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:40:fb:16:dd:fc:e2:27:ac:e6:be:f7:58:d3:
8f:48:61:8a:46:9c:3f:3c:02:50:1f:79:ee:8d:6e:
d1:44:ee:64:8c:7a:05:c9:d5:a3:2a:96:60:be:2d:
43:db:a8:2d:7f:4a:26:34:09:a8:3c:fe:0b:ea:ea:
a9:0b:6e:d9:33:6f:0a:19:81:2a:c0:c1:51:ab:26:
2d:60:2f:9d:6c:1e:9e:f9:f0:b4:c5:2c:1d:35:6c:
6b:b4:80:14:3d:eb:c1:04:69:1c:34:16:7d:90:16:
58:53:95:9c:f0:43:0d:80:8f:ac:8a:89:7b:e4:e6:
a0:a9:1a:d6:1b:fe:c6:75:cf:d2:e7:2a:84:af:a5:
ec:aa:15:08:74:9f:34:25:ec:88:6c:a7:ec:39:e2:
4a:be:aa:47:9e:f3:ee:e3:0d:4f:c0:b9:ce:99:12:
a7:0a:c5:ee:98:fa:81:dc:94:db:b3:22:0e:c5:6c:
1f:59:1a:c7:b1:c5:19:58:88:f8:35:1a:8b:ca:e6:
1a:3c:53:a3:4d:61:db:1d:26:ba:55:ce:06:6e:1d:
cd:4b:5d:a8:b6:11:77:66:78:4f:8b:ca:f3:ce:2d:
68:c5:64:64:ac:e1:ec:9c:5a:25:36:15:ac:6a:ee:
08:1d:47:1d:a2:c8:90:de:19:f8:76:d9:4a:b6:7b:
ce:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:2E:04:66:94:E9:39:D1:7C:C4:52:C7:9B:8A:77:45:E6:3D:86:66
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/F703D4D8513611F195F02BB6CE1D38B0.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.86.16.0/20
Signature Algorithm: sha256WithRSAEncryption
0f:a0:b9:e9:45:00:1c:c5:2b:f9:70:c2:ab:da:c8:d2:60:76:
3c:97:a4:8e:37:bb:14:24:45:6c:56:88:4f:a3:e0:89:fd:be:
50:36:9b:5a:9b:78:02:97:d6:3e:d5:7e:87:11:2a:76:26:c0:
e8:22:24:5a:64:7b:45:35:5c:05:56:a0:fa:7c:77:78:34:b5:
2f:dd:d9:82:ff:68:b8:0c:fd:dd:67:1e:cf:4b:65:c8:70:5e:
59:62:7a:66:13:ca:95:12:12:34:d8:4a:3f:40:7b:7e:3e:fc:
b7:63:6e:23:bd:cd:50:15:ba:47:a8:5e:9e:4e:ad:45:5e:b2:
d0:52:56:73:9a:02:01:f2:8e:d0:af:94:d9:a4:26:28:83:30:
7b:57:46:62:78:f8:6c:67:db:b8:42:e0:26:04:49:00:30:ba:
c3:34:0d:93:79:b8:1b:e0:df:78:2f:fe:dc:d6:65:28:f8:79:
dd:9a:32:76:4d:4e:ea:00:c3:a2:df:eb:b3:d6:17:ba:c9:3d:
64:b6:ec:8d:6f:38:76:92:6f:2f:42:b1:70:e9:e2:3c:a2:22:
42:2e:02:21:46:94:0f:ff:e5:4a:ce:62:80:14:c2:f8:7c:7c:
56:84:33:12:7e:ab:3b:5c:01:4c:c6:67:ed:26:74:00:e5:94:
f5:d1:ee:87
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAcvvMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjYwNTE2MTQ1MzA5WhcNMjYwNTI1MTQ1MzA5WjAYMRYw
FAYDVQQDEw02YTA4ODRkYS04ZjMzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAyUD7Ft384ies5r73WNOPSGGKRpw/PAJQH3nujW7RRO5kjHoFydWjKpZg
vi1D26gtf0omNAmoPP4L6uqpC27ZM28KGYEqwMFRqyYtYC+dbB6e+fC0xSwdNWxr
tIAUPevBBGkcNBZ9kBZYU5Wc8EMNgI+siol75OagqRrWG/7Gdc/S5yqEr6XsqhUI
dJ80JeyIbKfsOeJKvqpHnvPu4w1PwLnOmRKnCsXumPqB3JTbsyIOxWwfWRrHscUZ
WIj4NRqLyuYaPFOjTWHbHSa6Vc4Gbh3NS12othF3ZnhPi8rzzi1oxWRkrOHsnFol
NhWsau4IHUcdosiQ3hn4dtlKtnvOdQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFLEu
BGaU6TnRfMRSx5uKd0XmPYZmMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9GNzAzRDREODUxMzYxMUYxOTVGMDJCQjZDRTFEMzhCMC5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEmlYQMA0GCSqGSIb3DQEB
CwUAA4IBAQAPoLnpRQAcxSv5cMKr2sjSYHY8l6SON7sUJEVsVohPo+CJ/b5QNpta
m3gCl9Y+1X6HESp2JsDoIiRaZHtFNVwFVqD6fHd4NLUv3dmC/2i4DP3dZx7PS2XI
cF5ZYnpmE8qVEhI02Eo/QHt+Pvy3Y24jvc1QFbpHqF6eTq1FXrLQUlZzmgIB8o7Q
r5TZpCYogzB7V0ZiePhsZ9u4QuAmBEkAMLrDNA2Tebgb4N94L/7c1mUo+HndmjJ2
TU7qAMOi3+uz1he6yT1ktuyNbzh2km8vQrFw6eI8oiJCLgIhRpQP/+VKzmKAFML4
fHxWhDMSfqs7XAFMxmftJnQA5ZT10e6H
-----END CERTIFICATE-----
Generated at Thu May 21 12:32:55 2026 by rpki-client