Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/33D824B64D5611F18C87D01ACF1D38B0.roa
File: 33D824B64D5611F18C87D01ACF1D38B0.roa (raw, json)
Hash identifier: S5AHfDyRag34Xyr4fEXmmuyyUxO1jh988gEErL+U0k4=
Subject key identifier: 90:F4:6B:5D:12:57:58:40:1B:8F:2B:9F:3B:A8:D9:D1:62:4C:A8:6D
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01CB1D
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/33D824B64D5611F18C87D01ACF1D38B0.roa
Signing time: Mon 11 May 2026 16:26:46 +0000
ROA not before: Mon 11 May 2026 16:26:41 +0000
ROA not after: Mon 18 May 2026 16:26:41 +0000
asID: 140227
IP address blocks: 154.86.16.0/23 maxlen: 24
154.86.16.0/24 maxlen: 24
154.86.17.0/24 maxlen: 24
154.86.18.0/23 maxlen: 24
154.86.18.0/24 maxlen: 24
154.86.19.0/24 maxlen: 24
154.86.20.0/23 maxlen: 24
154.86.20.0/24 maxlen: 24
154.86.21.0/24 maxlen: 24
154.86.22.0/23 maxlen: 24
154.86.22.0/24 maxlen: 24
154.86.23.0/24 maxlen: 24
154.86.24.0/24 maxlen: 24
154.86.25.0/24 maxlen: 24
154.86.26.0/24 maxlen: 24
154.86.27.0/24 maxlen: 24
154.86.28.0/24 maxlen: 24
154.86.29.0/24 maxlen: 24
154.86.30.0/23 maxlen: 24
154.86.30.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 15 May 2026 06:17:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 117533 (0x1cb1d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: May 11 16:26:41 2026 GMT
Not After : May 18 16:26:41 2026 GMT
Subject: CN=6a020346-41c0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:4f:17:01:1b:3b:be:0b:11:75:f2:52:2e:f6:
a7:71:e9:02:90:c5:28:b9:89:f9:a5:7e:6f:88:67:
6d:25:5b:a1:b9:de:62:75:90:bf:bf:ff:3f:64:78:
29:09:ab:d7:8f:d0:96:d7:90:53:28:4e:fb:16:db:
13:2a:9b:8a:b4:31:0e:1b:94:0c:bc:17:b5:f7:8e:
fd:c3:b8:54:70:46:20:16:98:95:e1:c9:1a:b6:ad:
06:79:9c:fe:83:9e:0c:13:46:12:11:4e:73:d0:33:
a8:00:de:cf:ee:7f:ec:e4:a0:3d:fe:7d:e5:e8:76:
bd:4a:09:a2:58:58:20:b6:8d:9c:8e:03:6e:3b:08:
0d:1a:68:b9:19:75:16:f2:a6:0d:bc:99:ed:2a:0b:
bf:20:65:26:62:92:4b:7e:0c:5a:9f:44:d5:7a:71:
22:bf:48:87:ec:9f:41:d6:4c:78:73:fb:1c:c6:3d:
32:61:98:98:40:b3:45:38:4c:48:76:6d:78:8f:9c:
fc:31:ce:75:db:88:05:5b:c5:3f:ef:1b:a3:9f:49:
e5:61:a6:38:61:45:db:fc:1e:89:8a:47:1b:68:bb:
e3:b6:57:d9:e4:92:df:5a:44:2f:5b:63:c0:84:51:
d3:2f:98:1b:84:31:bf:d4:f1:2c:b7:c1:5d:e8:a6:
6d:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:F4:6B:5D:12:57:58:40:1B:8F:2B:9F:3B:A8:D9:D1:62:4C:A8:6D
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/33D824B64D5611F18C87D01ACF1D38B0.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.86.16.0/20
Signature Algorithm: sha256WithRSAEncryption
83:4f:d1:a5:3e:2e:2e:18:3d:0d:d4:5c:77:4f:e9:b6:1e:1d:
39:0e:4d:fd:88:22:3c:bd:13:3c:96:1e:eb:36:74:d8:3c:35:
cc:43:fb:38:c7:92:4e:70:a3:9f:c4:c7:6b:8c:09:ef:0d:25:
46:5c:9f:7b:37:ac:3f:5f:31:06:d3:50:c9:80:9a:d4:07:f4:
7b:55:05:d8:24:ec:f3:24:b8:1f:35:0b:73:c8:dc:1a:76:2d:
9a:25:dc:55:0d:b5:3b:a5:b3:fd:7c:3a:11:57:7a:48:c7:30:
4a:69:5f:6c:bf:20:d5:f1:09:2f:42:29:e8:92:4f:33:b1:31:
cf:fb:94:83:82:bb:4f:bc:84:dc:3c:b4:b9:a0:0c:25:36:f9:
c6:44:9b:71:9f:73:64:5f:a5:5a:ab:11:20:ee:b7:af:06:1c:
79:0c:1e:a8:e1:2a:91:40:f3:ba:1b:a5:bb:f1:a3:c8:46:c0:
1c:d8:cf:58:bd:4d:7e:fd:d3:6b:9c:e8:74:b6:65:cc:44:eb:
f1:26:49:66:0d:08:9c:7b:4c:e8:2d:16:8d:63:e2:de:f3:6b:
35:84:bc:ff:5d:fe:87:2e:3a:c8:2b:22:e0:f5:9b:3e:6b:7a:
d9:ec:34:bd:d2:ca:1d:a5:6f:55:c8:7c:57:9e:bd:c2:0f:2a:
72:92:55:2e
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAcsdMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjYwNTExMTYyNjQxWhcNMjYwNTE4MTYyNjQxWjAYMRYw
FAYDVQQDEw02YTAyMDM0Ni00MWMwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAtU8XARs7vgsRdfJSLvancekCkMUouYn5pX5viGdtJVuhud5idZC/v/8/
ZHgpCavXj9CW15BTKE77FtsTKpuKtDEOG5QMvBe19479w7hUcEYgFpiV4ckatq0G
eZz+g54ME0YSEU5z0DOoAN7P7n/s5KA9/n3l6Ha9SgmiWFggto2cjgNuOwgNGmi5
GXUW8qYNvJntKgu/IGUmYpJLfgxan0TVenEiv0iH7J9B1kx4c/scxj0yYZiYQLNF
OExIdm14j5z8Mc5124gFW8U/7xujn0nlYaY4YUXb/B6JikcbaLvjtlfZ5JLfWkQv
W2PAhFHTL5gbhDG/1PEst8Fd6KZtYwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFJD0
a10SV1hAG48rnzuo2dFiTKhtMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8zM0Q4MjRCNjRENTYxMUYxOEM4N0QwMUFDRjFEMzhCMC5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEmlYQMA0GCSqGSIb3DQEB
CwUAA4IBAQCDT9GlPi4uGD0N1Fx3T+m2Hh05Dk39iCI8vRM8lh7rNnTYPDXMQ/s4
x5JOcKOfxMdrjAnvDSVGXJ97N6w/XzEG01DJgJrUB/R7VQXYJOzzJLgfNQtzyNwa
di2aJdxVDbU7pbP9fDoRV3pIxzBKaV9svyDV8QkvQinokk8zsTHP+5SDgrtPvITc
PLS5oAwlNvnGRJtxn3NkX6VaqxEg7revBhx5DB6o4SqRQPO6G6W78aPIRsAc2M9Y
vU1+/dNrnOh0tmXMROvxJklmDQice0zoLRaNY+Le82s1hLz/Xf6HLjrIKyLg9Zs+
a3rZ7DS90sodpW9VyHxXnr3CDypyklUu
-----END CERTIFICATE-----
Generated at Wed May 13 12:25:18 2026 by rpki-client