Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/0896D1E2275111F18375D58DDAE4EC9C.roa
File: 0896D1E2275111F18375D58DDAE4EC9C.roa (raw, json)
Hash identifier: 3xYHIEX6058hS1TIGI53ESg0fAd4NmWNQRnU9ZmUYYo=
Subject key identifier: 32:41:EE:55:DD:D2:85:A0:1A:01:B0:B3:73:CD:3F:63:44:68:F2:C6
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01C077
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/0896D1E2275111F18375D58DDAE4EC9C.roa
Signing time: Tue 24 Mar 2026 07:14:02 +0000
ROA not before: Tue 24 Mar 2026 07:13:57 +0000
ROA not after: Fri 24 Apr 2026 07:13:57 +0000
asID: 17497
IP address blocks: 154.81.159.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Thu 26 Mar 2026 08:06:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 114807 (0x1c077)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Mar 24 07:13:57 2026 GMT
Not After : Apr 24 07:13:57 2026 GMT
Subject: CN=69c239ba-07e6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:5c:a5:1c:b8:4c:2f:cf:62:a7:db:f9:7f:56:
c0:70:c2:66:6a:a8:94:f9:83:7f:3f:ad:6d:af:07:
fa:5d:b4:1e:e0:81:de:f5:ee:4a:f2:d2:d2:1c:e3:
9d:6f:f6:2f:89:80:bd:db:11:82:6e:36:b1:d8:81:
3b:f5:06:41:2f:13:54:9a:78:d0:e2:b0:54:10:d8:
e4:0e:cd:54:4a:37:fc:8c:d3:0c:b9:b6:79:d9:84:
a5:37:97:14:e4:ea:ae:aa:21:17:4e:e4:7e:70:74:
66:e1:55:20:af:14:0b:ac:bd:f1:34:c7:79:92:ba:
62:fb:fc:ec:af:f0:cf:8a:10:35:6c:1b:9c:83:ac:
f2:ae:7f:48:97:75:ce:96:22:e9:9a:26:02:05:84:
e2:07:b6:a2:fd:cf:7f:ff:55:fc:6f:fe:fe:2e:11:
c2:2a:70:fe:21:67:af:d6:f8:be:53:35:d2:88:1e:
bf:b8:90:70:1c:c4:dc:68:f2:c6:8f:c1:85:84:4f:
d3:10:91:13:d4:ed:88:28:1f:f6:a5:5b:51:1b:36:
3b:59:ad:68:d0:f3:62:ad:e2:45:82:71:35:d6:c0:
9d:ed:d4:34:18:3b:d8:d7:52:c1:91:2a:2c:33:82:
2f:4a:92:e3:e6:46:4f:86:d0:53:12:18:0b:74:fb:
a9:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:41:EE:55:DD:D2:85:A0:1A:01:B0:B3:73:CD:3F:63:44:68:F2:C6
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/0896D1E2275111F18375D58DDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.81.159.0/24
Signature Algorithm: sha256WithRSAEncryption
97:18:34:3f:da:6e:7f:39:ab:56:71:29:02:13:99:92:65:39:
ef:17:1e:b6:b1:24:3c:59:71:67:fc:f3:79:c6:51:0b:73:1a:
59:f0:3d:e2:f4:a3:1d:09:bb:ba:0f:58:5a:ea:9c:93:23:13:
a8:9f:89:7d:7f:b3:ff:74:46:49:a9:52:a2:1c:84:5f:5c:65:
93:66:06:3e:9b:ba:b6:9f:67:58:5d:5c:3d:1b:49:c1:b2:27:
4b:ae:f2:89:b5:22:ae:a7:14:ca:b0:78:7e:3f:d8:ac:95:ee:
a4:75:65:d5:af:b5:a9:81:e1:ab:bc:64:b9:74:b1:98:8c:76:
15:1f:60:07:52:1d:d9:ed:08:5b:e4:29:c4:48:4f:ec:7f:34:
40:57:13:f7:04:4c:22:af:23:d0:67:ca:61:e7:54:7d:08:6e:
5f:27:11:01:32:cd:be:94:38:31:6c:f5:21:70:ba:33:b0:7e:
7c:45:7c:30:d3:f8:85:5f:19:80:a9:3e:ef:be:05:83:ac:62:
e3:f4:75:79:eb:13:f2:0f:ca:be:f9:45:3d:67:a1:0c:5e:2b:
fe:14:df:6c:15:04:c1:f6:c9:c4:8f:be:38:53:cd:2f:02:6b:
b6:c5:78:bc:75:ff:9c:77:e2:fa:88:fa:79:91:21:a4:59:b2:
05:a4:b3:d6
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAcB3MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjYwMzI0MDcxMzU3WhcNMjYwNDI0MDcxMzU3WjAYMRYw
FAYDVQQDEw02OWMyMzliYS0wN2U2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAw1ylHLhML89ip9v5f1bAcMJmaqiU+YN/P61trwf6XbQe4IHe9e5K8tLS
HOOdb/YviYC92xGCbjax2IE79QZBLxNUmnjQ4rBUENjkDs1USjf8jNMMubZ52YSl
N5cU5OquqiEXTuR+cHRm4VUgrxQLrL3xNMd5krpi+/zsr/DPihA1bBucg6zyrn9I
l3XOliLpmiYCBYTiB7ai/c9//1X8b/7+LhHCKnD+IWev1vi+UzXSiB6/uJBwHMTc
aPLGj8GFhE/TEJET1O2IKB/2pVtRGzY7Wa1o0PNireJFgnE11sCd7dQ0GDvY11LB
kSosM4IvSpLj5kZPhtBTEhgLdPupWQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFDJB
7lXd0oWgGgGws3PNP2NEaPLGMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8wODk2RDFFMjI3NTExMUYxODM3NUQ1OEREQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmlGfMA0GCSqGSIb3DQEB
CwUAA4IBAQCXGDQ/2m5/OatWcSkCE5mSZTnvFx62sSQ8WXFn/PN5xlELcxpZ8D3i
9KMdCbu6D1ha6pyTIxOon4l9f7P/dEZJqVKiHIRfXGWTZgY+m7q2n2dYXVw9G0nB
sidLrvKJtSKupxTKsHh+P9isle6kdWXVr7WpgeGrvGS5dLGYjHYVH2AHUh3Z7Qhb
5CnESE/sfzRAVxP3BEwiryPQZ8ph51R9CG5fJxEBMs2+lDgxbPUhcLozsH58RXww
0/iFXxmAqT7vvgWDrGLj9HV56xPyD8q++UU9Z6EMXiv+FN9sFQTB9snEj744U80v
Amu2xXi8df+cd+L6iPp5kSGkWbIFpLPW
-----END CERTIFICATE-----
Generated at Tue Mar 24 16:20:35 2026 by rpki-client