Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/991F0488574311F18AD0A719CF1D38B0.roa
File: 991F0488574311F18AD0A719CF1D38B0.roa (raw, json)
Hash identifier: gYXgcPFgArGnJ5lMXmOikic8C05Dp+8OCPbqW59Vv/Y=
Subject key identifier: 3C:3B:54:29:54:23:87:BC:DC:68:33:9B:0E:13:52:1F:0D:EA:67:5D
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01CEA9
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/991F0488574311F18AD0A719CF1D38B0.roa
Signing time: Sun 24 May 2026 07:38:47 +0000
ROA not before: Sun 24 May 2026 07:38:42 +0000
ROA not after: Tue 30 Jun 2026 07:38:42 +0000
asID: 395886
IP address blocks: 154.201.72.0/21 maxlen: 24
154.201.88.0/22 maxlen: 24
154.201.92.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 15 Jun 2026 00:07:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 118441 (0x1cea9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: May 24 07:38:42 2026 GMT
Not After : Jun 30 07:38:42 2026 GMT
Subject: CN=6a12ab07-9d06
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:7d:47:91:c9:61:e6:5e:3f:a4:c4:08:61:b8:
ee:5a:af:43:d3:ff:1a:3c:a6:f1:c2:7b:12:47:b1:
79:71:36:0e:c4:1a:ee:4a:c1:04:73:95:14:53:a9:
c8:b7:3d:28:f5:d6:e4:33:70:b6:5e:48:fa:fd:f9:
b1:78:fb:fd:6a:92:d6:04:a9:a8:32:14:b4:a4:1c:
53:de:e4:00:ad:11:ac:5b:83:97:f1:04:7a:99:d3:
97:88:99:dd:7f:eb:5d:34:54:02:60:07:ce:3f:4c:
a5:2a:08:dc:df:bf:be:2f:23:77:96:da:77:fe:c4:
e9:3b:f6:07:fc:45:b1:c7:4d:6e:5b:d8:e0:55:2a:
ef:73:b9:dc:8b:29:f3:f2:10:a2:dd:0c:5d:d2:3c:
13:45:be:bf:89:2f:03:df:27:18:62:37:02:30:25:
c6:98:cd:fa:b9:72:17:d0:81:cd:e9:de:15:d2:ba:
98:8c:54:52:ef:a6:66:bf:af:94:15:01:6a:bf:8b:
e6:c0:c5:aa:5a:0b:ca:64:3a:22:81:d5:96:f7:75:
42:57:5d:75:01:ee:2e:ea:87:00:ef:d0:ac:7b:2f:
a1:7f:21:0a:0b:a6:ba:f5:7a:6a:bb:2b:1e:7e:db:
15:94:18:2e:d9:f3:8d:08:2e:dd:c5:be:8e:1b:fd:
cb:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:3B:54:29:54:23:87:BC:DC:68:33:9B:0E:13:52:1F:0D:EA:67:5D
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/991F0488574311F18AD0A719CF1D38B0.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.201.72.0/21
154.201.88.0-154.201.93.255
Signature Algorithm: sha256WithRSAEncryption
7d:7a:81:bc:2e:ac:e3:65:ee:bd:fe:ac:54:64:87:80:fc:f5:
f3:35:e6:cb:88:02:34:6c:40:93:ef:2d:28:45:de:08:e2:5c:
7e:a9:e3:64:18:84:d6:0e:1c:ec:dc:2c:27:f7:ca:4c:d3:a1:
47:75:6d:c1:b3:3d:0d:2e:4f:15:3e:ae:8d:89:a3:8a:a8:d1:
c5:b4:d0:1f:9b:56:38:a6:0a:7f:8e:16:42:f8:41:a4:b2:b9:
4e:27:45:a4:9d:60:50:41:ac:fc:8a:4f:89:10:45:1b:4f:26:
37:85:ae:c2:51:4f:b9:b9:bd:7c:2a:68:6d:97:aa:00:20:02:
00:1c:58:a3:7c:43:31:fd:f8:15:17:23:c2:7d:ae:18:8b:8f:
2d:57:89:fc:7a:5a:1e:1e:b8:2e:9d:95:5f:60:7f:a8:42:bd:
6f:35:97:f2:5b:d7:24:e3:b8:e1:2a:62:e4:d2:43:4a:36:de:
c0:f1:2a:ba:7f:9c:01:1c:c5:4e:33:e8:dd:42:af:57:44:09:
40:b5:12:33:d2:2b:d0:50:5a:06:9a:6c:ef:53:c4:01:22:a9:
1a:25:36:7b:cc:f4:a6:73:f3:8b:5b:fa:c0:6a:3a:4e:84:93:
4f:ea:1f:1a:2e:e3:0f:ec:a8:9b:b8:88:a8:51:b1:52:ab:62:
06:e2:1a:c9
-----BEGIN CERTIFICATE-----
MIIFkjCCBHqgAwIBAgIDAc6pMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjYwNTI0MDczODQyWhcNMjYwNjMwMDczODQyWjAYMRYw
FAYDVQQDEw02YTEyYWIwNy05ZDA2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAxH1Hkclh5l4/pMQIYbjuWq9D0/8aPKbxwnsSR7F5cTYOxBruSsEEc5UU
U6nItz0o9dbkM3C2Xkj6/fmxePv9apLWBKmoMhS0pBxT3uQArRGsW4OX8QR6mdOX
iJndf+tdNFQCYAfOP0ylKgjc37++LyN3ltp3/sTpO/YH/EWxx01uW9jgVSrvc7nc
iynz8hCi3Qxd0jwTRb6/iS8D3ycYYjcCMCXGmM36uXIX0IHN6d4V0rqYjFRS76Zm
v6+UFQFqv4vmwMWqWgvKZDoigdWW93VCV111Ae4u6ocA79Csey+hfyEKC6a69Xpq
uyseftsVlBgu2fONCC7dxb6OG/3LswIDAQABo4ICszCCAq8wHQYDVR0OBBYEFDw7
VClUI4e83Ggzmw4TUh8N6mddMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC85OTFGMDQ4ODU3NDMxMUYxOEFEMEE3MTlDRjFEMzhCMC5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQDmslIMAwDBAOayVgDBAGa
yVwwDQYJKoZIhvcNAQELBQADggEBAH16gbwurONl7r3+rFRkh4D89fM15suIAjRs
QJPvLShF3gjiXH6p42QYhNYOHOzcLCf3ykzToUd1bcGzPQ0uTxU+ro2Jo4qo0cW0
0B+bVjimCn+OFkL4QaSyuU4nRaSdYFBBrPyKT4kQRRtPJjeFrsJRT7m5vXwqaG2X
qgAgAgAcWKN8QzH9+BUXI8J9rhiLjy1Xifx6Wh4euC6dlV9gf6hCvW81l/Jb1yTj
uOEqYuTSQ0o23sDxKrp/nAEcxU4z6N1Cr1dECUC1EjPSK9BQWgaabO9TxAEiqRol
NnvM9KZz84tb+sBqOk6Ek0/qHxou4w/sqJu4iKhRsVKrYgbiGsk=
-----END CERTIFICATE-----
Generated at Sat Jun 13 05:53:52 2026 by rpki-client