Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/3A4EB8DA618F11F18A83A3ADCE1D38B0.roa
File: 3A4EB8DA618F11F18A83A3ADCE1D38B0.roa (raw, json)
Hash identifier: 1RMqXAYIRzdtHBbayOZzw4nK9YwDrJq4w8DZLiEdPyM=
Subject key identifier: 31:02:66:48:6A:E7:65:4B:A4:B9:AA:40:2B:C7:21:68:7F:CE:E7:74
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01D218
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/3A4EB8DA618F11F18A83A3ADCE1D38B0.roa
Signing time: Sat 06 Jun 2026 10:05:21 +0000
ROA not before: Sat 06 Jun 2026 10:05:17 +0000
ROA not after: Mon 27 Jul 2026 10:05:17 +0000
asID: 212238
IP address blocks: 154.208.66.0/24 maxlen: 24
154.222.9.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 15 Jun 2026 00:07:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 119320 (0x1d218)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jun 6 10:05:17 2026 GMT
Not After : Jul 27 10:05:17 2026 GMT
Subject: CN=6a23f0e1-6ac6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:3d:7c:9a:63:d1:4e:93:77:67:43:e4:4f:38:
4e:86:28:97:8c:4b:8a:24:53:6b:5d:e0:fa:9b:ea:
51:70:d0:64:e1:e6:74:bf:33:b7:6a:20:5d:72:c8:
c8:6a:60:22:32:3a:16:d0:ab:59:d9:63:c9:87:69:
fa:ea:69:e5:73:6a:50:10:ef:74:c7:0d:58:18:7a:
ec:c7:69:e6:59:78:3b:f8:6d:dd:9c:d1:45:ed:60:
9e:fa:68:8d:fd:79:ca:18:2a:1c:af:10:4a:bf:cb:
6c:6d:26:65:82:fd:b5:97:7e:3f:b3:bf:24:7f:d4:
be:e7:ef:34:ad:16:12:49:f9:1f:96:22:59:5b:ab:
5a:d9:8b:c4:14:59:33:02:eb:12:fa:27:94:33:2b:
0a:0a:3d:d3:42:90:95:93:dd:44:75:ee:0f:47:da:
ee:f0:64:ca:97:93:35:88:7e:d1:33:ef:b1:8e:92:
45:79:1e:47:4e:98:9e:7b:d5:cc:c8:78:17:5f:b0:
a6:e0:b2:54:de:99:90:fa:61:c2:3f:37:08:ce:07:
58:b3:1f:58:21:a3:fa:15:e1:90:27:26:cc:ba:71:
b8:6b:00:b4:e5:37:a8:86:c7:19:03:30:34:91:9e:
de:52:91:a2:c8:c9:64:a3:2b:c0:eb:ca:6d:a9:98:
7b:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:02:66:48:6A:E7:65:4B:A4:B9:AA:40:2B:C7:21:68:7F:CE:E7:74
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/3A4EB8DA618F11F18A83A3ADCE1D38B0.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.208.66.0/24
154.222.9.0/24
Signature Algorithm: sha256WithRSAEncryption
96:df:b0:f5:b2:0e:fc:f1:a7:9f:a4:75:24:3b:f5:46:35:6c:
b8:f1:d4:c6:cd:4c:b5:62:b1:17:4c:52:be:60:2c:cc:3a:a8:
56:e4:3e:b7:40:65:f3:4b:2f:54:9d:b1:27:2b:1c:b0:6a:ab:
85:a4:d9:54:ac:6f:1d:22:38:cc:92:8e:0e:15:81:a2:a7:37:
4d:9a:f7:50:39:7b:c0:3e:da:62:51:4e:6a:f3:4a:66:22:13:
d6:1d:3d:56:de:dd:16:e1:77:84:2c:14:cd:03:04:ab:7d:50:
1d:aa:3b:0c:52:6c:89:0c:05:c4:a2:09:23:f1:2d:50:ec:99:
9f:d9:bd:a5:20:49:c2:f9:23:44:ee:27:4a:c1:e2:fc:59:27:
5f:fd:83:ed:17:09:90:88:de:cc:7c:88:59:81:22:95:ba:ee:
83:85:7d:93:ed:90:0f:f2:18:c7:f8:d9:66:7e:18:bd:89:f0:
05:52:e5:17:4d:fe:da:11:f2:dd:49:2f:40:a1:a1:f9:fc:bc:
2a:97:76:5b:86:72:ff:28:7d:20:43:e3:e9:e2:7d:fb:41:40:
a5:f3:1a:54:0b:84:97:96:61:ff:b9:df:4a:19:52:71:9d:89:
b5:7c:63:29:8b:a2:ff:4e:ff:d9:8c:68:1d:22:1a:10:61:c3:
a9:20:25:5b
-----BEGIN CERTIFICATE-----
MIIFijCCBHKgAwIBAgIDAdIYMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjYwNjA2MTAwNTE3WhcNMjYwNzI3MTAwNTE3WjAYMRYw
FAYDVQQDEw02YTIzZjBlMS02YWM2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAxT18mmPRTpN3Z0PkTzhOhiiXjEuKJFNrXeD6m+pRcNBk4eZ0vzO3aiBd
csjIamAiMjoW0KtZ2WPJh2n66mnlc2pQEO90xw1YGHrsx2nmWXg7+G3dnNFF7WCe
+miN/XnKGCocrxBKv8tsbSZlgv21l34/s78kf9S+5+80rRYSSfkfliJZW6ta2YvE
FFkzAusS+ieUMysKCj3TQpCVk91Ede4PR9ru8GTKl5M1iH7RM++xjpJFeR5HTpie
e9XMyHgXX7Cm4LJU3pmQ+mHCPzcIzgdYsx9YIaP6FeGQJybMunG4awC05TeohscZ
AzA0kZ7eUpGiyMlkoyvA68ptqZh7MwIDAQABo4ICqzCCAqcwHQYDVR0OBBYEFDEC
Zkhq52VLpLmqQCvHIWh/zud0MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8zQTRFQjhEQTYxOEYxMUYxOEE4M0EzQURDRTFEMzhCMC5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAmtBCAwQAmt4JMA0GCSqG
SIb3DQEBCwUAA4IBAQCW37D1sg788aefpHUkO/VGNWy48dTGzUy1YrEXTFK+YCzM
OqhW5D63QGXzSy9UnbEnKxywaquFpNlUrG8dIjjMko4OFYGipzdNmvdQOXvAPtpi
UU5q80pmIhPWHT1W3t0W4XeELBTNAwSrfVAdqjsMUmyJDAXEogkj8S1Q7Jmf2b2l
IEnC+SNE7idKweL8WSdf/YPtFwmQiN7MfIhZgSKVuu6DhX2T7ZAP8hjH+Nlmfhi9
ifAFUuUXTf7aEfLdSS9AoaH5/Lwql3ZbhnL/KH0gQ+Pp4n37QUCl8xpUC4SXlmH/
ud9KGVJxnYm1fGMpi6L/Tv/ZjGgdIhoQYcOpICVb
-----END CERTIFICATE-----
Generated at Sat Jun 13 08:04:57 2026 by rpki-client