Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/0AAAA9D629C711F19923ECE3DAE4EC9C.roa
File: 0AAAA9D629C711F19923ECE3DAE4EC9C.roa (raw, json)
Hash identifier: DhWGexdOgHPffKYCrjUax4GGRNv1/3tvF/IMS7VwSIQ=
Subject key identifier: E2:70:D7:10:79:D3:EA:9C:D6:74:43:94:A9:9B:9E:5D:59:BF:5B:C7
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01C11E
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/0AAAA9D629C711F19923ECE3DAE4EC9C.roa
Signing time: Fri 27 Mar 2026 10:23:48 +0000
ROA not before: Fri 27 Mar 2026 10:23:43 +0000
ROA not after: Thu 22 Apr 2027 10:23:43 +0000
asID: 21859
IP address blocks: 154.93.2.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Thu 09 Apr 2026 00:07:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 114974 (0x1c11e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Mar 27 10:23:43 2026 GMT
Not After : Apr 22 10:23:43 2027 GMT
Subject: CN=69c65ab4-ddd0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:6f:9f:36:fd:62:c3:b3:c6:79:5e:e4:d4:f4:
7c:80:a5:04:a3:90:9c:2a:88:41:3d:6c:f7:8a:51:
68:7b:c4:75:33:73:30:1d:d9:e5:06:ea:bc:d0:00:
81:35:e7:d4:20:da:04:83:fe:4b:39:52:3d:07:ad:
7f:18:d1:77:5e:b7:4a:c1:17:36:6b:d4:6e:e1:5a:
86:0f:be:d6:61:d3:c5:a1:30:68:05:e9:8d:70:c6:
a5:c4:19:94:21:82:b6:a2:52:34:fa:7f:06:73:b7:
d8:d2:a9:81:f9:48:9b:26:84:29:08:00:59:ff:34:
3d:ce:99:d1:48:e0:d9:b1:47:ed:c2:b2:e4:c6:df:
75:54:7c:85:7e:25:0b:50:0d:9f:ae:04:9a:4e:8a:
9e:a4:19:1e:bc:0a:0b:8e:c2:fa:d5:d1:80:c9:8b:
9e:c9:41:74:b6:ae:84:59:a2:b7:81:24:30:44:a5:
fd:1f:89:c8:74:fb:ab:cc:f1:db:6e:c9:7a:24:74:
7c:28:11:81:c7:49:b9:5b:49:25:8f:0e:50:93:27:
1d:e3:6f:97:54:03:7e:55:3d:b8:69:05:c2:40:bd:
de:0f:ac:71:00:41:42:f8:e3:b1:b2:68:7a:21:02:
c4:29:dd:a5:a6:cb:fb:a9:d6:c8:c6:2c:5b:85:e3:
2f:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:70:D7:10:79:D3:EA:9C:D6:74:43:94:A9:9B:9E:5D:59:BF:5B:C7
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/0AAAA9D629C711F19923ECE3DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.93.2.0/24
Signature Algorithm: sha256WithRSAEncryption
64:97:ff:4a:de:d9:73:75:ee:92:21:e7:d3:8d:72:ba:f7:4b:
89:4d:0d:64:39:d0:ad:03:fd:d6:49:b3:ef:d8:da:e4:32:4f:
aa:5e:d0:70:d0:6a:b2:83:00:4c:31:bd:e6:e9:32:67:be:d9:
74:0a:2f:ed:91:4d:29:61:9e:89:39:6f:4f:3c:2e:fe:e2:c4:
2e:92:00:98:55:ce:9d:ab:d7:4d:49:3f:8d:dc:a0:6c:b5:89:
a5:28:7a:53:3d:f5:f8:82:7c:a1:b5:23:53:47:cf:c4:06:f5:
21:2c:16:90:3a:2a:22:e4:c1:42:3a:8d:82:d6:3b:80:80:5e:
18:f6:aa:34:15:1e:a7:46:58:18:2b:1c:e3:f5:95:f5:b4:63:
4d:11:d7:3b:67:02:b1:a0:7c:ef:18:1d:ba:72:ce:a4:96:f8:
09:97:00:5d:4a:22:e1:b9:e9:d7:87:e2:e6:55:90:80:a3:80:
37:a0:3f:08:ed:27:2b:7d:de:38:39:0d:29:5b:19:f5:99:92:
4e:69:c0:6c:51:81:05:cd:70:f4:ab:8f:6b:de:31:6e:a8:45:
98:d9:8d:b0:c8:04:01:96:b8:6c:4f:d9:ec:5d:b5:02:be:69:
95:a3:15:29:c3:44:f4:11:dc:6c:d4:84:c3:7f:48:27:6c:7e:
bf:ab:da:2f
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAcEeMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjYwMzI3MTAyMzQzWhcNMjcwNDIyMTAyMzQzWjAYMRYw
FAYDVQQDEw02OWM2NWFiNC1kZGQwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAqm+fNv1iw7PGeV7k1PR8gKUEo5CcKohBPWz3ilFoe8R1M3MwHdnlBuq8
0ACBNefUINoEg/5LOVI9B61/GNF3XrdKwRc2a9Ru4VqGD77WYdPFoTBoBemNcMal
xBmUIYK2olI0+n8Gc7fY0qmB+UibJoQpCABZ/zQ9zpnRSODZsUftwrLkxt91VHyF
fiULUA2frgSaToqepBkevAoLjsL61dGAyYueyUF0tq6EWaK3gSQwRKX9H4nIdPur
zPHbbsl6JHR8KBGBx0m5W0kljw5Qkycd42+XVAN+VT24aQXCQL3eD6xxAEFC+OOx
smh6IQLEKd2lpsv7qdbIxixbheMv9QIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFOJw
1xB50+qc1nRDlKmbnl1Zv1vHMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8wQUFBQTlENjI5QzcxMUYxOTkyM0VDRTNEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAml0CMA0GCSqGSIb3DQEB
CwUAA4IBAQBkl/9K3tlzde6SIefTjXK690uJTQ1kOdCtA/3WSbPv2NrkMk+qXtBw
0GqygwBMMb3m6TJnvtl0Ci/tkU0pYZ6JOW9PPC7+4sQukgCYVc6dq9dNST+N3KBs
tYmlKHpTPfX4gnyhtSNTR8/EBvUhLBaQOioi5MFCOo2C1juAgF4Y9qo0FR6nRlgY
Kxzj9ZX1tGNNEdc7ZwKxoHzvGB26cs6klvgJlwBdSiLhuenXh+LmVZCAo4A3oD8I
7Scrfd44OQ0pWxn1mZJOacBsUYEFzXD0q49r3jFuqEWY2Y2wyAQBlrhsT9nsXbUC
vmmVoxUpw0T0Edxs1ITDf0gnbH6/q9ov
-----END CERTIFICATE-----
Generated at Tue Apr 7 05:00:36 2026 by rpki-client