Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/19DAAFA2535011F19DA260FACE1D38B0.roa
File: 19DAAFA2535011F19DA260FACE1D38B0.roa (raw, json)
Hash identifier: PFzfTxvdQWJRqlTa4LCV04cfD7Bm2KUEsJVSh+T/gFg=
Subject key identifier: 25:60:09:F5:4A:A7:AF:4F:89:3C:9B:E6:F3:37:34:CB:1A:56:DA:8B
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01CC52
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/19DAAFA2535011F19DA260FACE1D38B0.roa
Signing time: Tue 19 May 2026 06:58:22 +0000
ROA not before: Tue 19 May 2026 06:57:57 +0000
ROA not after: Sat 08 Aug 2026 06:57:57 +0000
asID: 137443
IP address blocks: 154.223.168.0/22 maxlen: 24
154.223.176.0/22 maxlen: 24
154.223.180.0/22 maxlen: 24
154.223.188.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 15 Jun 2026 00:07:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 117842 (0x1cc52)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: May 19 06:57:57 2026 GMT
Not After : Aug 8 06:57:57 2026 GMT
Subject: CN=6a0c0a0e-9032
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:d3:98:5c:b9:a8:ea:01:65:72:ac:83:e4:df:
0c:17:38:3d:71:4e:61:e3:c5:d2:04:3a:e8:65:50:
e9:bb:82:c7:9c:1a:23:98:2b:05:24:62:89:6a:ad:
5f:f9:e5:61:05:0d:e5:e0:d3:35:90:ba:88:02:3e:
3c:32:73:a1:b3:37:d8:7f:ed:70:a0:f5:1a:08:24:
47:6f:3e:31:09:ed:10:7e:63:ba:3c:eb:1b:94:f6:
51:8e:84:e8:85:c0:00:d7:3c:b4:95:fe:6c:85:bd:
2f:cb:e8:cc:e0:5d:ab:48:9d:00:cb:65:a8:a1:2b:
7d:10:07:bc:2f:7d:d7:c5:fc:ea:0c:91:14:ed:36:
c0:00:79:e2:be:5f:4a:f3:76:2f:c9:12:2a:e4:52:
5c:f5:f9:30:f1:f4:48:4f:0e:18:c4:38:34:ee:46:
41:c1:b9:bd:f4:75:c2:e9:e1:eb:14:c6:da:2f:ad:
c1:eb:a0:fe:ec:4f:41:58:64:34:a5:9b:5d:36:5a:
b2:57:18:b2:02:9a:bd:f9:b3:ce:1d:59:12:de:ef:
db:d4:b8:b2:4d:db:62:11:8a:b3:b7:c8:a1:cf:27:
50:b0:24:cf:6b:86:ab:d1:e5:a3:c3:a1:23:ff:fc:
31:18:17:e4:4f:25:09:d5:3a:d4:d2:b9:0b:0f:ee:
fc:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:60:09:F5:4A:A7:AF:4F:89:3C:9B:E6:F3:37:34:CB:1A:56:DA:8B
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/19DAAFA2535011F19DA260FACE1D38B0.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.223.168.0/22
154.223.176.0/21
154.223.188.0/22
Signature Algorithm: sha256WithRSAEncryption
78:d0:b2:6b:26:0f:9a:86:8d:d2:ac:92:60:e2:80:e3:9a:c7:
37:20:fc:38:a2:d0:10:01:31:cd:2a:5c:7b:9a:ec:11:5d:70:
2b:fb:69:84:3a:76:ce:77:33:e0:a5:e8:bb:95:5f:93:c2:34:
09:b5:52:1d:fe:07:41:39:f4:98:d9:ce:e0:69:8c:94:3b:d7:
0e:d9:36:a8:94:d5:ab:dd:b1:39:88:b5:d4:3f:17:2c:5c:f5:
d7:a1:8e:d3:ec:89:6f:e5:95:28:e8:66:a3:2d:f5:fe:d4:ae:
4e:59:2b:5e:68:40:6d:34:26:9a:71:9d:24:b7:1a:11:ba:68:
56:45:07:be:a2:da:c0:75:b9:d1:2d:96:ec:10:61:97:80:21:
af:f3:d9:1f:94:7e:c1:aa:86:8f:f1:21:0d:8d:ee:14:ae:95:
b5:2f:1d:71:fe:87:6f:e6:c8:d2:c5:9f:f9:53:4a:81:80:c3:
4a:70:0d:06:70:65:36:ff:de:62:c6:1f:91:32:49:78:56:c5:
60:11:ac:b3:41:84:02:96:a8:ac:ce:66:75:fd:de:49:6c:b9:
34:f2:d7:1c:bd:33:a0:a5:d3:a5:26:7e:4f:4a:86:31:f8:4f:
7c:ed:85:ad:c3:30:21:c7:a0:b2:77:c1:12:b8:fa:42:c8:02:
98:95:db:33
-----BEGIN CERTIFICATE-----
MIIFkDCCBHigAwIBAgIDAcxSMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjYwNTE5MDY1NzU3WhcNMjYwODA4MDY1NzU3WjAYMRYw
FAYDVQQDEw02YTBjMGEwZS05MDMyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAqtOYXLmo6gFlcqyD5N8MFzg9cU5h48XSBDroZVDpu4LHnBojmCsFJGKJ
aq1f+eVhBQ3l4NM1kLqIAj48MnOhszfYf+1woPUaCCRHbz4xCe0QfmO6POsblPZR
joTohcAA1zy0lf5shb0vy+jM4F2rSJ0Ay2WooSt9EAe8L33XxfzqDJEU7TbAAHni
vl9K83YvyRIq5FJc9fkw8fRITw4YxDg07kZBwbm99HXC6eHrFMbaL63B66D+7E9B
WGQ0pZtdNlqyVxiyApq9+bPOHVkS3u/b1LiyTdtiEYqzt8ihzydQsCTPa4ar0eWj
w6Ej//wxGBfkTyUJ1TrU0rkLD+78qQIDAQABo4ICsTCCAq0wHQYDVR0OBBYEFCVg
CfVKp69PiTyb5vM3NMsaVtqLMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8xOURBQUZBMjUzNTAxMUYxOURBMjYwRkFDRTFEMzhCMC5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCmt+oAwQDmt+wAwQCmt+8
MA0GCSqGSIb3DQEBCwUAA4IBAQB40LJrJg+aho3SrJJg4oDjmsc3IPw4otAQATHN
Klx7muwRXXAr+2mEOnbOdzPgpei7lV+TwjQJtVId/gdBOfSY2c7gaYyUO9cO2Tao
lNWr3bE5iLXUPxcsXPXXoY7T7Ilv5ZUo6GajLfX+1K5OWSteaEBtNCaacZ0ktxoR
umhWRQe+otrAdbnRLZbsEGGXgCGv89kflH7BqoaP8SENje4UrpW1Lx1x/odv5sjS
xZ/5U0qBgMNKcA0GcGU2/95ixh+RMkl4VsVgEayzQYQClqiszmZ1/d5JbLk08tcc
vTOgpdOlJn5PSoYx+E987YWtwzAhx6Cyd8ESuPpCyAKYldsz
-----END CERTIFICATE-----
Generated at Sat Jun 13 05:53:47 2026 by rpki-client