Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/0A86A1FE237711F19F13A19ADAE4EC9C.roa
File: 0A86A1FE237711F19F13A19ADAE4EC9C.roa (raw, json)
Hash identifier: CC/SdvWjRXCKeOPgiA4CdJfaSmZw0WIRgVCGpj9i4yI=
Subject key identifier: 5F:3E:D2:F0:87:B2:AC:F5:04:24:35:C6:69:15:92:B3:59:00:DA:82
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01BFCD
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/0A86A1FE237711F19F13A19ADAE4EC9C.roa
Signing time: Thu 19 Mar 2026 09:36:01 +0000
ROA not before: Thu 19 Mar 2026 09:35:56 +0000
ROA not after: Fri 24 Apr 2026 09:35:56 +0000
asID: 8796
IP address blocks: 154.89.144.0/20 maxlen: 24
154.89.160.0/19 maxlen: 24
154.89.192.0/20 maxlen: 24
154.95.24.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Thu 26 Mar 2026 08:06:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 114637 (0x1bfcd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Mar 19 09:35:56 2026 GMT
Not After : Apr 24 09:35:56 2026 GMT
Subject: CN=69bbc381-13f1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:97:75:32:5b:9d:92:74:2f:ce:ad:37:f7:35:
59:73:f6:8e:73:52:01:d4:3d:b0:10:4d:29:5d:d7:
66:de:0f:2f:5f:1a:e2:77:75:42:10:af:6b:88:ac:
84:54:89:d2:35:c2:b9:0e:e4:f9:d2:70:a0:47:8c:
7d:f4:4a:e8:58:92:d4:d9:27:f2:bb:10:3a:26:0c:
c6:97:b2:3e:20:47:24:88:a1:56:99:d7:07:c3:6a:
aa:34:5e:db:5e:29:68:ad:af:84:ec:6e:83:27:fe:
c9:ed:d0:8d:8a:f3:70:87:13:04:fb:46:a1:59:3b:
2f:0a:f7:54:18:4d:96:7a:33:58:04:19:ab:4d:df:
49:25:c8:a1:8a:aa:3b:99:26:75:53:73:44:93:2b:
ec:33:ee:a0:09:de:ce:ad:38:a2:7d:ae:48:c5:17:
6f:5c:a6:9e:b6:ad:9e:9a:bc:96:2f:19:f4:99:16:
2f:19:fe:52:08:ce:86:39:5e:a8:90:ec:7f:0b:60:
62:61:b0:ac:db:6d:9d:10:01:82:01:85:0c:6f:01:
29:47:f8:af:e4:58:b2:c1:ff:3a:22:88:81:2a:34:
47:af:d7:95:84:ad:6d:5f:c6:e6:72:d3:17:55:74:
8d:e1:61:b8:28:ce:30:32:15:d5:b9:9f:9a:e4:7b:
86:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:3E:D2:F0:87:B2:AC:F5:04:24:35:C6:69:15:92:B3:59:00:DA:82
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/0A86A1FE237711F19F13A19ADAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.89.144.0-154.89.207.255
154.95.24.0/24
Signature Algorithm: sha256WithRSAEncryption
24:f8:fe:cd:b4:90:1b:a8:ff:f1:54:26:23:35:b5:85:2f:4d:
de:a1:23:6d:b6:00:f8:d4:e4:5d:b8:05:3f:3d:fd:8a:58:b8:
ca:c1:cd:9a:d9:a4:00:b1:cf:2c:0e:27:24:9a:22:ba:a8:1d:
ea:d8:54:7d:c8:30:8e:70:18:f3:05:36:5d:df:08:a0:46:f3:
78:f6:8a:01:b4:c2:bc:5c:62:74:4b:bd:3b:e5:9d:53:6b:d2:
51:b9:fe:be:0d:ab:93:46:3a:de:92:01:2e:b2:3e:8f:1b:29:
80:27:48:5d:7e:31:48:6e:72:ad:2a:bb:d7:7b:db:f7:61:67:
93:3b:6b:2e:ff:e1:09:da:70:7c:eb:37:f3:1e:9c:43:25:59:
27:44:23:d5:ce:aa:ed:97:54:50:c4:98:76:68:14:a4:e1:b3:
e7:21:14:3d:6d:95:a8:f2:ef:a1:0a:c6:8b:b9:2f:32:85:5f:
57:c2:8a:2c:8b:0a:d2:de:4a:6c:0a:18:e8:65:20:53:ce:83:
8c:d4:9c:f4:ab:9f:eb:b1:5c:52:64:a6:c9:94:30:8f:e0:05:
5e:87:5e:e1:9e:1d:c6:5b:62:3f:0a:18:66:5c:cd:8f:b7:dd:
fd:fb:70:d4:c3:80:a2:8b:d1:ab:ed:76:ee:c1:2a:2c:06:80:
bd:33:56:e7
-----BEGIN CERTIFICATE-----
MIIFkjCCBHqgAwIBAgIDAb/NMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjYwMzE5MDkzNTU2WhcNMjYwNDI0MDkzNTU2WjAYMRYw
FAYDVQQDEw02OWJiYzM4MS0xM2YxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAwZd1MludknQvzq039zVZc/aOc1IB1D2wEE0pXddm3g8vXxrid3VCEK9r
iKyEVInSNcK5DuT50nCgR4x99EroWJLU2SfyuxA6JgzGl7I+IEckiKFWmdcHw2qq
NF7bXilora+E7G6DJ/7J7dCNivNwhxME+0ahWTsvCvdUGE2WejNYBBmrTd9JJcih
iqo7mSZ1U3NEkyvsM+6gCd7OrTiifa5IxRdvXKaetq2emryWLxn0mRYvGf5SCM6G
OV6okOx/C2BiYbCs222dEAGCAYUMbwEpR/iv5Fiywf86IoiBKjRHr9eVhK1tX8bm
ctMXVXSN4WG4KM4wMhXVuZ+a5HuGrQIDAQABo4ICszCCAq8wHQYDVR0OBBYEFF8+
0vCHsqz1BCQ1xmkVkrNZANqCMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8wQTg2QTFGRTIzNzcxMUYxOUYxM0ExOUFEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBASaWZADBASaWcADBACa
XxgwDQYJKoZIhvcNAQELBQADggEBACT4/s20kBuo//FUJiM1tYUvTd6hI222APjU
5F24BT89/YpYuMrBzZrZpACxzywOJySaIrqoHerYVH3IMI5wGPMFNl3fCKBG83j2
igG0wrxcYnRLvTvlnVNr0lG5/r4Nq5NGOt6SAS6yPo8bKYAnSF1+MUhucq0qu9d7
2/dhZ5M7ay7/4QnacHzrN/MenEMlWSdEI9XOqu2XVFDEmHZoFKThs+chFD1tlajy
76EKxou5LzKFX1fCiiyLCtLeSmwKGOhlIFPOg4zUnPSrn+uxXFJkpsmUMI/gBV6H
XuGeHcZbYj8KGGZczY+33f37cNTDgKKL0avtdu7BKiwGgL0zVuc=
-----END CERTIFICATE-----
Generated at Tue Mar 24 16:17:30 2026 by rpki-client