Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/07EA7422584011F1A0283411CF1D38B0.roa
File: 07EA7422584011F1A0283411CF1D38B0.roa (raw, json)
Hash identifier: E1bfI1wHVmWJC8yIxJPsAiLeXmiLwCk3CbaQYGU3tZg=
Subject key identifier: E0:D8:46:45:35:62:A3:4A:E7:98:CA:6C:3A:CE:44:0B:2A:61:51:BD
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01CF7A
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/07EA7422584011F1A0283411CF1D38B0.roa
Signing time: Mon 25 May 2026 13:45:46 +0000
ROA not before: Mon 25 May 2026 13:45:40 +0000
ROA not after: Wed 19 Aug 2026 13:45:40 +0000
asID: 54600
IP address blocks: 154.91.48.0/20 maxlen: 24
154.91.48.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 15 Jun 2026 00:07:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 118650 (0x1cf7a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: May 25 13:45:40 2026 GMT
Not After : Aug 19 13:45:40 2026 GMT
Subject: CN=6a14528a-cb0d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:bd:de:1c:4b:12:11:9f:58:4a:41:4c:b0:7a:
06:0b:80:33:3e:bb:ff:f4:7e:c8:dc:5f:e9:80:ea:
26:71:8c:84:73:be:a5:2e:7e:23:06:df:ec:6e:c1:
09:93:3f:b8:ef:df:cb:99:8d:e6:5b:28:41:d4:0a:
a0:95:0e:7e:75:18:ea:13:1b:a0:1f:89:5e:ea:48:
7c:b5:50:4a:5c:8a:50:79:f8:70:1c:07:c8:f6:72:
7a:27:67:03:65:8c:5e:72:06:8c:68:d9:21:19:0b:
4a:f0:97:2c:a5:2a:2e:e4:8f:5b:f2:63:35:1a:92:
2c:25:1f:6b:0e:f0:22:ec:5b:7e:2d:42:6b:49:4f:
0a:89:86:37:d4:61:61:7c:12:66:16:8a:c7:20:46:
d2:7f:ce:a6:1a:66:13:32:34:3f:07:f7:39:e6:f5:
b9:0e:1b:65:af:62:e3:f3:5b:ce:cd:82:a0:cc:b2:
3a:80:b3:56:e7:ab:7d:4c:a3:e9:71:f1:c1:ae:2c:
7a:a6:82:19:bf:5b:d3:d4:d9:0a:da:ea:ff:3e:70:
85:a6:bb:8f:54:e0:cc:67:14:db:e0:10:63:eb:63:
64:4e:f6:d4:42:62:17:5f:de:6d:1c:d5:4d:a1:3a:
24:ee:bb:cd:b5:fc:15:f0:a9:06:17:52:c7:9e:ca:
f0:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:D8:46:45:35:62:A3:4A:E7:98:CA:6C:3A:CE:44:0B:2A:61:51:BD
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/07EA7422584011F1A0283411CF1D38B0.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.91.48.0/20
Signature Algorithm: sha256WithRSAEncryption
80:3d:7b:fe:a7:6c:a1:ff:02:64:fc:c3:1e:bb:b5:ba:4d:a4:
2f:27:f0:5f:a8:d0:21:9b:32:50:1b:d1:c9:68:b3:b7:4a:8e:
2a:95:d5:f6:8b:33:52:44:14:19:15:17:d9:88:c2:43:98:93:
61:60:08:9f:86:da:8d:44:c1:38:ac:fd:10:0c:f8:c7:1e:c7:
2b:f3:f1:c0:3a:5a:83:6b:93:45:d4:ee:b9:45:a6:77:f5:4e:
fb:a1:08:48:3e:ab:14:cf:ca:b2:3e:bd:65:7c:25:53:65:1e:
ab:59:9b:93:45:63:91:c4:d2:ab:58:6a:84:f2:aa:ae:4c:5d:
c0:57:b0:12:24:b4:f1:0e:32:cb:d5:a7:47:e4:2c:3c:de:ee:
32:fd:52:e8:d5:93:81:35:67:44:31:eb:6d:55:22:17:11:f4:
78:ad:15:08:eb:e9:c5:d4:12:78:ce:f8:42:1f:83:c8:89:05:
07:30:01:07:11:a5:fb:f8:ac:7b:92:7b:d8:fa:d7:ab:cc:d5:
32:ed:ae:5b:8d:54:01:4a:2b:f0:8c:c2:2e:64:b8:50:d2:d7:
ed:12:a0:2f:8c:c1:60:3b:b6:e6:ea:12:75:78:43:ac:97:23:
1b:01:e5:08:5d:dc:b1:90:37:d2:8b:65:20:79:41:a9:9e:90:
8b:80:e8:6e
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAc96MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjYwNTI1MTM0NTQwWhcNMjYwODE5MTM0NTQwWjAYMRYw
FAYDVQQDEw02YTE0NTI4YS1jYjBkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAnb3eHEsSEZ9YSkFMsHoGC4AzPrv/9H7I3F/pgOomcYyEc76lLn4jBt/s
bsEJkz+479/LmY3mWyhB1AqglQ5+dRjqExugH4le6kh8tVBKXIpQefhwHAfI9nJ6
J2cDZYxecgaMaNkhGQtK8JcspSou5I9b8mM1GpIsJR9rDvAi7Ft+LUJrSU8KiYY3
1GFhfBJmForHIEbSf86mGmYTMjQ/B/c55vW5Dhtlr2Lj81vOzYKgzLI6gLNW56t9
TKPpcfHBrix6poIZv1vT1NkK2ur/PnCFpruPVODMZxTb4BBj62NkTvbUQmIXX95t
HNVNoTok7rvNtfwV8KkGF1LHnsrwfwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFODY
RkU1YqNK55jKbDrORAsqYVG9MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8wN0VBNzQyMjU4NDAxMUYxQTAyODM0MTFDRjFEMzhCMC5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEmlswMA0GCSqGSIb3DQEB
CwUAA4IBAQCAPXv+p2yh/wJk/MMeu7W6TaQvJ/BfqNAhmzJQG9HJaLO3So4qldX2
izNSRBQZFRfZiMJDmJNhYAifhtqNRME4rP0QDPjHHscr8/HAOlqDa5NF1O65RaZ3
9U77oQhIPqsUz8qyPr1lfCVTZR6rWZuTRWORxNKrWGqE8qquTF3AV7ASJLTxDjLL
1adH5Cw83u4y/VLo1ZOBNWdEMettVSIXEfR4rRUI6+nF1BJ4zvhCH4PIiQUHMAEH
EaX7+Kx7knvY+terzNUy7a5bjVQBSivwjMIuZLhQ0tftEqAvjMFgO7bm6hJ1eEOs
lyMbAeUIXdyxkDfSi2UgeUGpnpCLgOhu
-----END CERTIFICATE-----
Generated at Sat Jun 13 07:20:31 2026 by rpki-client