Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/CEBEA318542411F193903E09CF1D38B0.roa
File: CEBEA318542411F193903E09CF1D38B0.roa (raw, json)
Hash identifier: 97sCrVw9+tIScPhgAoS8j6294cGuXQ1HMyZTKxEgaR8=
Subject key identifier: 86:B6:28:DB:80:D0:6B:DC:F3:EE:EF:71:42:81:C9:F1:23:B3:67:2F
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01CCAA
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/CEBEA318542411F193903E09CF1D38B0.roa
Signing time: Wed 20 May 2026 08:20:49 +0000
ROA not before: Wed 20 May 2026 08:20:44 +0000
ROA not after: Wed 19 Aug 2026 08:20:44 +0000
asID: 55020
IP address blocks: 154.91.48.0/20 maxlen: 24
154.91.176.0/20 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 15 Jun 2026 00:07:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 117930 (0x1ccaa)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: May 20 08:20:44 2026 GMT
Not After : Aug 19 08:20:44 2026 GMT
Subject: CN=6a0d6ee1-8c05
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:e8:39:c7:fc:e1:83:6b:6e:51:f8:65:85:79:
1e:b0:0c:7f:8d:86:87:7f:8e:a7:16:5d:44:f6:86:
74:21:9a:b3:c2:76:63:6d:2a:2d:25:65:85:ba:1e:
93:76:93:ce:82:f1:7b:bb:3c:c0:28:44:0b:4e:a4:
83:95:c5:0c:cb:6b:d6:97:62:f6:9e:bf:67:e2:ce:
eb:87:b7:ca:11:84:15:b2:b1:2b:da:ad:7a:74:91:
44:db:02:d2:ea:77:1b:e9:a9:e1:47:a6:9b:56:5d:
04:8c:33:bb:c0:d7:22:bb:78:a3:4c:7f:f4:f1:9c:
5b:50:88:d7:e8:2c:30:55:30:63:8c:99:14:44:2f:
c9:97:5f:f7:22:dd:a6:af:91:0f:16:d2:3e:47:ef:
88:86:5d:63:13:60:29:49:65:4c:b7:86:6b:96:d2:
11:87:58:d1:9f:78:96:da:4b:6d:63:e6:44:f2:c2:
8b:03:1a:0b:29:f8:4f:b4:b4:f8:32:d0:1b:27:b8:
21:55:13:28:b7:b2:32:5d:6e:49:a6:4f:c0:c6:c6:
93:a9:1d:d3:97:80:e2:89:a1:df:37:a5:66:02:f3:
df:06:61:45:a9:0a:e0:52:b9:4e:b7:e3:5c:38:7c:
22:19:96:34:2f:60:1c:5e:a1:11:77:35:3d:ab:0d:
4f:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:B6:28:DB:80:D0:6B:DC:F3:EE:EF:71:42:81:C9:F1:23:B3:67:2F
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/CEBEA318542411F193903E09CF1D38B0.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.91.48.0/20
154.91.176.0/20
Signature Algorithm: sha256WithRSAEncryption
69:c5:a8:03:04:6d:4d:55:e3:9a:af:15:54:3d:d4:f9:28:f7:
32:43:0d:68:06:ee:64:dd:59:66:d5:6d:1b:d4:3b:f5:1c:13:
17:20:86:3a:90:47:25:5d:53:ad:63:89:b2:2c:0e:b2:e4:f6:
ad:2b:a6:aa:f6:53:ad:f2:08:ec:0d:f2:e7:1b:d8:72:f8:e0:
16:02:27:9f:a7:42:1b:63:6f:6d:ba:10:71:bc:5d:40:ae:4e:
3d:c2:a0:d3:e0:a7:6b:ab:17:d6:73:80:0f:ad:c0:b1:47:df:
37:f1:35:67:13:c7:03:66:cf:38:5d:3a:e9:8f:4f:39:a3:d5:
be:c7:4d:96:1a:ed:1a:a8:21:a5:0e:2d:2c:58:b9:e8:fd:0f:
a4:fe:68:70:95:c6:66:b0:67:34:e8:d9:af:12:25:e5:1c:5c:
3e:4b:5f:e5:c6:28:1b:c4:25:b2:a5:dd:36:07:68:4f:46:70:
50:cc:42:22:af:36:67:39:90:7f:97:b2:bd:59:ef:50:e4:93:
2d:9a:ce:e0:4a:0f:d9:7a:b8:84:c4:22:86:eb:ea:02:4d:fa:
82:27:fe:1d:92:bb:7c:ad:c0:39:0d:e4:15:7b:ce:ff:3a:bf:
53:1f:1c:59:30:cb:a8:9f:6b:1d:cc:52:1c:a0:b0:cb:31:2a:
d9:e2:30:08
-----BEGIN CERTIFICATE-----
MIIFijCCBHKgAwIBAgIDAcyqMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjYwNTIwMDgyMDQ0WhcNMjYwODE5MDgyMDQ0WjAYMRYw
FAYDVQQDEw02YTBkNmVlMS04YzA1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAzeg5x/zhg2tuUfhlhXkesAx/jYaHf46nFl1E9oZ0IZqzwnZjbSotJWWF
uh6TdpPOgvF7uzzAKEQLTqSDlcUMy2vWl2L2nr9n4s7rh7fKEYQVsrEr2q16dJFE
2wLS6ncb6anhR6abVl0EjDO7wNciu3ijTH/08ZxbUIjX6CwwVTBjjJkURC/Jl1/3
It2mr5EPFtI+R++Ihl1jE2ApSWVMt4ZrltIRh1jRn3iW2kttY+ZE8sKLAxoLKfhP
tLT4MtAbJ7ghVRMot7IyXW5Jpk/AxsaTqR3Tl4DiiaHfN6VmAvPfBmFFqQrgUrlO
t+NcOHwiGZY0L2AcXqERdzU9qw1P9QIDAQABo4ICqzCCAqcwHQYDVR0OBBYEFIa2
KNuA0Gvc8+7vcUKByfEjs2cvMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9DRUJFQTMxODU0MjQxMUYxOTM5MDNFMDlDRjFEMzhCMC5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQEmlswAwQEmluwMA0GCSqG
SIb3DQEBCwUAA4IBAQBpxagDBG1NVeOarxVUPdT5KPcyQw1oBu5k3Vlm1W0b1Dv1
HBMXIIY6kEclXVOtY4myLA6y5PatK6aq9lOt8gjsDfLnG9hy+OAWAiefp0IbY29t
uhBxvF1Ark49wqDT4KdrqxfWc4APrcCxR9838TVnE8cDZs84XTrpj085o9W+x02W
Gu0aqCGlDi0sWLno/Q+k/mhwlcZmsGc06NmvEiXlHFw+S1/lxigbxCWypd02B2hP
RnBQzEIirzZnOZB/l7K9We9Q5JMtms7gSg/ZeriExCKG6+oCTfqCJ/4dkrt8rcA5
DeQVe87/Or9THxxZMMuon2sdzFIcoLDLMSrZ4jAI
-----END CERTIFICATE-----
Generated at Sat Jun 13 05:54:27 2026 by rpki-client