Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/F22760864DE111F18C3503F5CE1D38B0.roa
File: F22760864DE111F18C3503F5CE1D38B0.roa (raw, json)
Hash identifier: oVck6MMVj7BaFciOLw/HxdYlVme/MOWRzjk9COn96l0=
Subject key identifier: 82:7E:2B:0D:3F:D6:75:9B:B1:6D:BC:D3:29:4D:02:E9:CB:11:D6:3D
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01CB37
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/F22760864DE111F18C3503F5CE1D38B0.roa
Signing time: Tue 12 May 2026 09:07:05 +0000
ROA not before: Tue 12 May 2026 09:07:01 +0000
ROA not after: Tue 16 Jun 2026 09:07:01 +0000
asID: 22773
IP address blocks: 154.198.21.0/24 maxlen: 24
154.198.22.0/24 maxlen: 24
154.198.23.0/24 maxlen: 24
154.198.24.0/24 maxlen: 24
154.198.25.0/24 maxlen: 24
154.198.26.0/24 maxlen: 24
154.198.27.0/24 maxlen: 24
154.198.28.0/24 maxlen: 24
154.198.29.0/24 maxlen: 24
154.202.78.0/24 maxlen: 24
154.202.79.0/24 maxlen: 24
154.202.80.0/24 maxlen: 24
154.202.81.0/24 maxlen: 24
154.202.82.0/24 maxlen: 24
154.202.83.0/24 maxlen: 24
154.202.84.0/24 maxlen: 24
154.202.85.0/24 maxlen: 24
154.202.88.0/24 maxlen: 24
154.202.108.0/24 maxlen: 24
154.202.111.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 15 May 2026 06:17:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 117559 (0x1cb37)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: May 12 09:07:01 2026 GMT
Not After : Jun 16 09:07:01 2026 GMT
Subject: CN=6a02edb9-53ec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:18:fc:5f:3b:a1:ba:8f:33:3b:c7:c2:24:15:
3a:18:00:2d:6c:53:db:f5:1f:77:3c:80:89:cf:27:
87:63:f3:d3:38:22:9d:f9:4c:f0:b5:cb:ea:77:6a:
91:a1:8d:c5:cf:1c:1a:c8:a4:fb:cc:2d:f4:5c:86:
36:97:de:71:2b:a4:df:12:4d:3d:9b:5e:c8:a3:4d:
58:85:bf:68:3f:f2:1b:79:b4:03:1b:c8:77:d8:1a:
89:1e:d7:a0:a9:47:48:88:23:1e:7a:7b:2a:12:e5:
9f:cf:14:17:aa:2b:b6:d5:e2:17:55:a1:c8:3d:0d:
a6:d5:d5:66:d3:a1:5a:b0:f3:d4:67:d4:b8:68:04:
e7:46:ba:94:c2:72:a9:9b:53:8c:7a:27:b3:68:db:
20:ec:91:bd:a7:76:4a:40:c5:32:40:a5:e0:38:ba:
78:72:9b:b0:af:c7:1e:90:60:c3:ee:af:ed:96:0d:
47:3a:7d:19:d1:5e:16:21:74:3a:16:b6:18:6d:84:
03:ad:0c:20:14:45:d4:81:d5:86:22:db:0c:33:83:
27:57:2c:37:13:71:48:bb:be:92:f6:42:fe:06:6b:
a1:26:44:d7:f8:9c:ee:20:9a:e5:ae:88:fc:d9:1f:
53:97:61:8c:0b:7b:4f:33:d3:f3:15:7e:d6:72:6b:
6f:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:7E:2B:0D:3F:D6:75:9B:B1:6D:BC:D3:29:4D:02:E9:CB:11:D6:3D
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/F22760864DE111F18C3503F5CE1D38B0.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.198.21.0-154.198.29.255
154.202.78.0-154.202.85.255
154.202.88.0/24
154.202.108.0/24
154.202.111.0/24
Signature Algorithm: sha256WithRSAEncryption
80:0e:7b:48:e4:4f:a7:87:c9:bc:b7:ab:a3:c5:44:11:19:69:
6b:0f:11:f4:2d:a4:ad:3f:5f:e5:67:dd:ea:fd:8c:5c:e4:55:
e2:00:9e:c6:71:be:61:ce:76:50:84:51:d6:f1:2a:4a:82:37:
33:e3:84:b8:2d:37:8e:a5:2a:09:8d:17:20:bf:08:a4:a1:e5:
9b:40:0e:b3:7a:3e:b7:38:9b:70:da:cb:a1:d6:3b:c2:ef:fa:
22:9f:75:0a:c9:68:4c:68:2f:1d:4b:7c:63:16:01:11:72:76:
c7:43:eb:1e:5f:f6:d1:26:ab:dd:ad:2c:63:01:80:ff:ed:da:
65:59:2d:5c:f1:f0:a8:42:41:19:f2:ff:1e:f8:90:5c:12:19:
67:6f:14:db:e6:e6:a5:13:65:e3:6c:b4:e8:46:34:b8:4a:10:
8c:ef:52:32:7a:94:76:c5:92:58:05:12:d2:3b:70:ae:76:f5:
52:c0:70:ad:d8:5b:c4:57:96:2b:20:5f:ef:67:fa:93:3e:b7:
d4:e8:22:78:13:b0:e7:1a:e9:bc:96:9f:fa:98:bb:17:e5:77:
97:a4:9d:d0:a7:bd:a0:f7:3f:0b:bf:62:de:5e:4d:d9:f6:29:
ec:94:21:04:f0:68:07:48:b9:56:18:ea:5a:45:fd:31:30:d5:
38:2c:a6:86
-----BEGIN CERTIFICATE-----
MIIFrDCCBJSgAwIBAgIDAcs3MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjYwNTEyMDkwNzAxWhcNMjYwNjE2MDkwNzAxWjAYMRYw
FAYDVQQDEw02YTAyZWRiOS01M2VjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAzxj8Xzuhuo8zO8fCJBU6GAAtbFPb9R93PICJzyeHY/PTOCKd+Uzwtcvq
d2qRoY3FzxwayKT7zC30XIY2l95xK6TfEk09m17Io01Yhb9oP/IbebQDG8h32BqJ
HtegqUdIiCMeensqEuWfzxQXqiu21eIXVaHIPQ2m1dVm06FasPPUZ9S4aATnRrqU
wnKpm1OMeiezaNsg7JG9p3ZKQMUyQKXgOLp4cpuwr8cekGDD7q/tlg1HOn0Z0V4W
IXQ6FrYYbYQDrQwgFEXUgdWGItsMM4MnVyw3E3FIu76S9kL+BmuhJkTX+JzuIJrl
roj82R9Tl2GMC3tPM9PzFX7Wcmtv/QIDAQABo4ICzTCCAskwHQYDVR0OBBYEFIJ+
Kw0/1nWbsW280ylNAunLEdY9MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9GMjI3NjA4NjRERTExMUYxOEMzNTAzRjVDRTFEMzhCMC5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMEcGCCsGAQUFBwEHAQH/BDgwNjA0BAIAATAuMAwDBACaxhUDBAGaxhwwDAME
AZrKTgMEAZrKVAMEAJrKWAMEAJrKbAMEAJrKbzANBgkqhkiG9w0BAQsFAAOCAQEA
gA57SORPp4fJvLero8VEERlpaw8R9C2krT9f5Wfd6v2MXORV4gCexnG+Yc52UIRR
1vEqSoI3M+OEuC03jqUqCY0XIL8IpKHlm0AOs3o+tzibcNrLodY7wu/6Ip91Cslo
TGgvHUt8YxYBEXJ2x0PrHl/20Sar3a0sYwGA/+3aZVktXPHwqEJBGfL/HviQXBIZ
Z28U2+bmpRNl42y06EY0uEoQjO9SMnqUdsWSWAUS0jtwrnb1UsBwrdhbxFeWKyBf
72f6kz631OgieBOw5xrpvJaf+pi7F+V3l6Sd0Ke9oPc/C79i3l5N2fYp7JQhBPBo
B0i5VhjqWkX9MTDVOCymhg==
-----END CERTIFICATE-----
Generated at Wed May 13 12:01:57 2026 by rpki-client