Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/9CF5454864B511F1B02D55D1CE1D38B0.roa
File: 9CF5454864B511F1B02D55D1CE1D38B0.roa (raw, json)
Hash identifier: nCaFHd2O578VFeAHnrFNIVzQXC1KlChap+kRV8shjUg=
Subject key identifier: 31:F6:AA:5D:EE:65:B0:C8:B6:D2:63:A1:22:F7:B4:9E:C1:CC:74:0E
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01D270
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/9CF5454864B511F1B02D55D1CE1D38B0.roa
Signing time: Wed 10 Jun 2026 10:17:41 +0000
ROA not before: Wed 10 Jun 2026 10:17:36 +0000
ROA not after: Thu 16 Jul 2026 10:17:36 +0000
asID: 22773
IP address blocks: 154.85.112.0/24 maxlen: 24
154.85.113.0/24 maxlen: 24
154.85.114.0/24 maxlen: 24
154.85.115.0/24 maxlen: 24
154.85.116.0/24 maxlen: 24
154.85.117.0/24 maxlen: 24
154.85.118.0/24 maxlen: 24
154.85.119.0/24 maxlen: 24
154.90.2.0/24 maxlen: 24
154.90.3.0/24 maxlen: 24
154.90.4.0/24 maxlen: 24
154.90.5.0/24 maxlen: 24
154.90.6.0/24 maxlen: 24
154.90.7.0/24 maxlen: 24
154.90.8.0/24 maxlen: 24
154.90.9.0/24 maxlen: 24
154.90.10.0/24 maxlen: 24
154.90.11.0/24 maxlen: 24
154.90.12.0/24 maxlen: 24
154.90.13.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 15 Jun 2026 00:07:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 119408 (0x1d270)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jun 10 10:17:36 2026 GMT
Not After : Jul 16 10:17:36 2026 GMT
Subject: CN=6a2939c5-185f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:56:88:ee:e1:8b:1c:a1:0a:00:ff:95:cc:52:
eb:cc:b2:cc:bc:92:77:b4:15:b0:17:9a:34:b7:51:
8b:fc:55:48:21:31:05:1d:af:1b:59:76:ac:74:2b:
6b:67:c8:c2:78:f1:09:5b:5d:a2:6e:a5:50:c1:80:
59:48:0d:23:c3:43:23:f8:06:94:3c:29:f9:0a:e7:
ab:5a:ea:18:03:f7:8c:ee:da:85:ad:f2:d9:12:81:
93:84:b1:70:43:0b:fa:ea:31:a2:d9:a2:0f:05:19:
b2:df:b1:be:92:63:4b:e5:93:6b:84:d7:3f:f4:eb:
e4:2c:59:bc:6e:ac:0c:a2:09:61:02:9a:00:2f:2d:
a2:ed:d5:79:af:bb:38:6a:87:cc:06:ac:2e:60:ac:
13:22:31:97:d2:d9:70:61:cc:c6:90:8f:5f:5c:be:
e3:64:45:dd:51:19:28:cf:59:20:e0:ad:2c:14:98:
19:fa:3d:a4:0e:38:3a:bf:5b:b5:49:87:af:92:6f:
c2:05:32:c4:db:6d:b7:57:43:ea:9b:17:39:65:a2:
81:b9:8e:ab:e3:4e:19:d3:96:c6:ad:90:46:d0:e4:
50:de:dc:2a:8d:2c:f7:ee:19:4c:6b:ad:04:7c:49:
49:45:65:c6:b8:db:ac:87:0d:2b:a4:7a:ac:21:0e:
ef:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:F6:AA:5D:EE:65:B0:C8:B6:D2:63:A1:22:F7:B4:9E:C1:CC:74:0E
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/9CF5454864B511F1B02D55D1CE1D38B0.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.85.112.0/21
154.90.2.0-154.90.13.255
Signature Algorithm: sha256WithRSAEncryption
cb:cd:fa:2b:dd:32:76:c0:53:b2:98:3d:30:6c:ec:cf:ae:df:
dc:cb:18:48:28:3f:96:18:3a:51:83:16:04:8d:33:82:6d:ff:
eb:3e:95:3b:f8:fd:bc:5d:88:2a:d1:b7:99:21:ba:e6:ce:94:
8d:34:78:1d:46:f6:20:f8:f7:de:8f:be:b3:01:5a:9d:3b:e8:
f1:42:70:18:81:70:d6:58:6d:b8:4c:bb:0d:3d:8b:f5:14:40:
28:a4:80:0a:d8:4f:8a:12:88:18:bd:25:1f:12:ce:51:a1:59:
81:9c:14:70:b7:44:e2:f4:45:e0:ba:fb:8c:78:4a:91:fe:f8:
d6:e9:60:ec:8a:2e:99:56:77:45:04:14:ed:8d:76:5c:02:a6:
5c:de:ca:b2:05:96:81:8a:32:8f:c6:b1:ed:4e:7a:f4:ba:55:
9a:a6:51:50:f2:c0:2e:cb:dc:51:6e:94:5e:8e:33:37:12:7f:
a4:4b:c3:43:f1:d6:be:b0:39:2b:cf:b9:79:9f:0f:bc:08:4f:
3e:18:be:fd:60:a1:0b:c5:58:51:22:84:01:e5:48:a6:90:a7:
c9:a5:cf:8e:b1:10:e8:71:33:42:c4:19:a2:31:3d:f9:a8:74:
4a:65:2c:b0:54:6a:a3:42:97:fd:14:20:fd:f5:08:4e:d2:40:
f0:65:23:23
-----BEGIN CERTIFICATE-----
MIIFkjCCBHqgAwIBAgIDAdJwMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjYwNjEwMTAxNzM2WhcNMjYwNzE2MTAxNzM2WjAYMRYw
FAYDVQQDEw02YTI5MzljNS0xODVmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA1VaI7uGLHKEKAP+VzFLrzLLMvJJ3tBWwF5o0t1GL/FVIITEFHa8bWXas
dCtrZ8jCePEJW12ibqVQwYBZSA0jw0Mj+AaUPCn5CuerWuoYA/eM7tqFrfLZEoGT
hLFwQwv66jGi2aIPBRmy37G+kmNL5ZNrhNc/9OvkLFm8bqwMoglhApoALy2i7dV5
r7s4aofMBqwuYKwTIjGX0tlwYczGkI9fXL7jZEXdURkoz1kg4K0sFJgZ+j2kDjg6
v1u1SYevkm/CBTLE2223V0Pqmxc5ZaKBuY6r404Z05bGrZBG0ORQ3twqjSz37hlM
a60EfElJRWXGuNushw0rpHqsIQ7vVQIDAQABo4ICszCCAq8wHQYDVR0OBBYEFDH2
ql3uZbDIttJjoSL3tJ7BzHQOMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC85Q0Y1NDU0ODY0QjUxMUYxQjAyRDU1RDFDRTFEMzhCMC5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQDmlVwMAwDBAGaWgIDBAGa
WgwwDQYJKoZIhvcNAQELBQADggEBAMvN+ivdMnbAU7KYPTBs7M+u39zLGEgoP5YY
OlGDFgSNM4Jt/+s+lTv4/bxdiCrRt5khuubOlI00eB1G9iD4996PvrMBWp076PFC
cBiBcNZYbbhMuw09i/UUQCikgArYT4oSiBi9JR8SzlGhWYGcFHC3ROL0ReC6+4x4
SpH++NbpYOyKLplWd0UEFO2NdlwCplzeyrIFloGKMo/Gse1OevS6VZqmUVDywC7L
3FFulF6OMzcSf6RLw0Px1r6wOSvPuXmfD7wITz4Yvv1goQvFWFEihAHlSKaQp8ml
z46xEOhxM0LEGaIxPfmodEplLLBUaqNCl/0UIP31CE7SQPBlIyM=
-----END CERTIFICATE-----
Generated at Sat Jun 13 05:45:18 2026 by rpki-client