Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/0E8A846E253411F19A49DFAEDAE4EC9C.roa
File: 0E8A846E253411F19A49DFAEDAE4EC9C.roa (raw, json)
Hash identifier: Oa0gBD5w6HQH7N216NQjsszqdaeMU0hXnS8dKtq8q3k=
Subject key identifier: F9:A1:39:86:14:8C:7E:4E:36:E9:54:FE:98:B5:4A:B8:C5:30:28:A8
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01C049
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/0E8A846E253411F19A49DFAEDAE4EC9C.roa
Signing time: Sat 21 Mar 2026 14:41:34 +0000
ROA not before: Sat 21 Mar 2026 14:41:29 +0000
ROA not after: Mon 27 Apr 2026 14:41:29 +0000
asID: 17561
IP address blocks: 154.82.154.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Thu 26 Mar 2026 08:06:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 114761 (0x1c049)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Mar 21 14:41:29 2026 GMT
Not After : Apr 27 14:41:29 2026 GMT
Subject: CN=69beae1e-ff50
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:40:67:71:6e:c8:86:55:ea:d6:33:3e:f5:81:
4a:19:c8:1d:53:9e:ad:14:60:c2:a9:f1:51:2c:47:
dc:a7:86:da:6e:22:bf:98:ed:10:66:82:c8:91:9f:
53:55:35:ce:e1:db:9a:b9:01:cc:14:49:2d:5a:0a:
aa:87:3a:85:68:5f:d6:fa:c5:ab:10:93:4f:1f:86:
a4:e5:ed:07:6e:ed:28:1c:f2:86:87:4c:11:ce:46:
c3:64:af:9e:f4:6a:fe:1d:c7:2d:02:d6:8b:a0:6a:
bd:51:2c:5f:aa:f7:be:e6:6a:af:0d:a6:c4:1f:81:
5d:d0:08:cd:15:0a:e3:41:14:00:3b:af:c6:2b:b9:
08:04:03:c3:ea:98:c7:f9:10:00:7c:1b:00:ce:d3:
ca:5b:c8:32:02:ba:68:41:cc:6f:ab:f1:73:ec:82:
94:7c:3d:8b:75:6f:ce:ec:26:dd:4c:bc:9e:cf:bb:
01:df:9b:ef:65:5e:1f:c4:49:ea:2b:04:7c:a9:9d:
c0:c3:d1:a8:76:38:3a:83:c3:84:e0:87:f5:6a:56:
47:ef:c5:9a:e1:9b:c8:83:e2:7c:59:ed:17:25:74:
8d:0c:8e:41:fc:35:c9:d0:aa:fa:f2:45:b1:7d:5c:
d6:b5:d3:f4:76:a3:07:6b:e9:23:77:be:d4:7b:90:
b5:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:A1:39:86:14:8C:7E:4E:36:E9:54:FE:98:B5:4A:B8:C5:30:28:A8
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/0E8A846E253411F19A49DFAEDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.82.154.0/23
Signature Algorithm: sha256WithRSAEncryption
86:1a:f6:0f:b2:2c:fc:1e:30:bc:a8:36:93:9b:04:e1:f3:22:
cd:ee:e0:c8:ba:7b:0b:25:74:c9:5d:bc:a1:f0:1c:25:77:2b:
05:22:6b:bc:f0:69:26:3f:52:b2:e9:03:0c:e5:ac:ad:ed:d1:
53:79:e4:9a:f7:98:1d:a5:96:be:58:85:6a:d5:37:c1:de:95:
8d:be:ed:23:ff:ee:90:90:12:b6:11:33:2a:79:83:85:be:10:
1c:e9:00:e2:62:78:ea:b9:52:49:9d:70:2e:0a:71:ea:7e:31:
b8:1d:2e:fa:27:3e:aa:b0:a1:44:d8:1c:15:ed:93:01:32:29:
08:3a:f7:41:4e:4c:3b:6e:50:b3:94:a1:1b:a9:fd:91:aa:29:
01:39:ef:21:aa:64:9a:67:39:46:1f:5f:86:af:af:98:c8:d8:
cc:7d:80:68:8e:de:06:fc:86:df:a5:72:86:5f:57:2a:4c:34:
0a:c9:11:97:c3:ac:20:e6:02:dc:a3:f7:be:5f:d0:39:db:b6:
0c:89:ba:69:08:9f:99:b5:14:b6:22:6e:6b:6e:ba:1f:32:88:
20:66:3c:aa:80:ed:90:d3:b5:14:74:71:21:9a:9d:41:fe:7e:
79:ab:5f:e0:2a:26:24:59:45:41:92:5a:3b:c4:c1:09:a1:77:
5e:a2:6a:09
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAcBJMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjYwMzIxMTQ0MTI5WhcNMjYwNDI3MTQ0MTI5WjAYMRYw
FAYDVQQDEw02OWJlYWUxZS1mZjUwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAuEBncW7IhlXq1jM+9YFKGcgdU56tFGDCqfFRLEfcp4babiK/mO0QZoLI
kZ9TVTXO4duauQHMFEktWgqqhzqFaF/W+sWrEJNPH4ak5e0Hbu0oHPKGh0wRzkbD
ZK+e9Gr+HcctAtaLoGq9USxfqve+5mqvDabEH4Fd0AjNFQrjQRQAO6/GK7kIBAPD
6pjH+RAAfBsAztPKW8gyArpoQcxvq/Fz7IKUfD2LdW/O7CbdTLyez7sB35vvZV4f
xEnqKwR8qZ3Aw9Godjg6g8OE4If1alZH78Wa4ZvIg+J8We0XJXSNDI5B/DXJ0Kr6
8kWxfVzWtdP0dqMHa+kjd77Ue5C1KQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFPmh
OYYUjH5ONulU/pi1SrjFMCioMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8wRThBODQ2RTI1MzQxMUYxOUE0OURGQUVEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBmlKaMA0GCSqGSIb3DQEB
CwUAA4IBAQCGGvYPsiz8HjC8qDaTmwTh8yLN7uDIunsLJXTJXbyh8BwldysFImu8
8GkmP1Ky6QMM5ayt7dFTeeSa95gdpZa+WIVq1TfB3pWNvu0j/+6QkBK2ETMqeYOF
vhAc6QDiYnjquVJJnXAuCnHqfjG4HS76Jz6qsKFE2BwV7ZMBMikIOvdBTkw7blCz
lKEbqf2RqikBOe8hqmSaZzlGH1+Gr6+YyNjMfYBojt4G/IbfpXKGX1cqTDQKyRGX
w6wg5gLco/e+X9A527YMibppCJ+ZtRS2Im5rbrofMoggZjyqgO2Q07UUdHEhmp1B
/n55q1/gKiYkWUVBklo7xMEJoXdeomoJ
-----END CERTIFICATE-----
Generated at Tue Mar 24 16:17:34 2026 by rpki-client