Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/0EB57B58237A11F19160F9ABDAE4EC9C.roa
File: 0EB57B58237A11F19160F9ABDAE4EC9C.roa (raw, json)
Hash identifier: 6jev2JN0OniJh4I6ydNTN8U74Yj6HZCbP3bD6QLtggE=
Subject key identifier: EB:7E:EC:C9:72:FF:47:73:45:63:11:90:B5:B6:7C:36:D4:F9:ED:36
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01BFD7
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/0EB57B58237A11F19160F9ABDAE4EC9C.roa
Signing time: Thu 19 Mar 2026 09:57:37 +0000
ROA not before: Thu 19 Mar 2026 09:57:32 +0000
ROA not after: Fri 24 Apr 2026 09:57:32 +0000
asID: 214432
IP address blocks: 154.89.194.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Thu 26 Mar 2026 08:06:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 114647 (0x1bfd7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Mar 19 09:57:32 2026 GMT
Not After : Apr 24 09:57:32 2026 GMT
Subject: CN=69bbc891-2257
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ee:b8:bd:6d:54:64:3c:1a:a9:17:24:92:49:fc:
b5:6e:9a:19:5f:f3:07:3d:00:a0:78:70:e6:29:b9:
32:c4:69:d9:c2:6c:3f:d8:fc:b1:cf:2b:41:b5:3f:
d2:35:19:7a:bd:ad:4e:e1:3c:50:b7:c8:45:bd:5c:
70:9b:d0:cf:16:c3:4f:bd:10:89:03:16:5b:31:c6:
7a:cf:85:63:29:1b:ac:fe:2a:b2:a3:b1:8c:16:31:
6f:4b:ca:dc:f7:b9:97:27:5c:38:b3:4e:e3:bd:8a:
f3:b2:67:6b:06:9d:48:be:cc:bf:51:f8:be:96:bb:
ee:ce:f0:3f:9d:77:9e:b1:e4:d7:09:71:96:5e:82:
39:0b:8c:a8:15:a2:c3:7a:7e:f3:ad:79:cb:22:2d:
a2:ba:2e:3e:b7:44:1e:87:f1:45:e7:26:53:a6:c0:
c3:32:57:50:7a:07:f0:79:14:58:f5:e0:3e:00:d2:
84:3f:46:ca:e4:d2:ea:87:a8:14:6c:e6:44:6a:e1:
0a:95:7f:f5:6f:5a:75:19:7a:92:e4:99:14:75:a1:
25:1a:9e:04:0a:c6:0c:93:7f:ae:64:93:77:ce:a9:
a6:a8:4b:74:cd:de:c6:ec:e2:5a:49:eb:9b:bc:ce:
35:7c:ca:8c:11:9d:37:6c:86:86:2b:fa:a2:27:01:
0f:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:7E:EC:C9:72:FF:47:73:45:63:11:90:B5:B6:7C:36:D4:F9:ED:36
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/0EB57B58237A11F19160F9ABDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.89.194.0/24
Signature Algorithm: sha256WithRSAEncryption
9a:7a:81:0f:a8:a2:b4:81:ed:96:05:2a:55:a5:00:b8:d4:fb:
3d:c1:32:32:a4:7d:3d:c8:c2:3f:c0:d3:9a:84:74:cd:f5:cc:
40:2e:ea:60:ed:73:13:1a:ac:ae:8c:5f:f4:47:b6:46:78:4b:
63:f8:9d:2d:6d:07:31:d8:e2:2f:fa:ae:d6:91:b5:ba:b7:dd:
32:d3:0f:02:37:c9:cc:04:72:1c:dd:3e:c5:fa:b5:a3:8c:ad:
b2:33:fe:01:bb:2c:a6:2e:91:91:34:5d:9c:d6:e8:b7:40:6b:
77:6b:d2:d9:7b:f1:ad:6a:62:9e:bb:43:3e:d2:6b:b4:9f:44:
ef:00:b0:e5:d3:01:37:5c:61:c0:eb:62:7e:a5:04:78:77:c4:
f7:9d:a2:02:75:4c:30:2a:81:fa:40:34:7d:a0:f2:25:13:8e:
9e:5d:b8:d3:c0:0f:5e:e8:5b:47:7f:2d:5d:f4:ed:af:e7:08:
cf:3a:bb:0c:14:4f:d1:d2:60:51:2a:35:66:6a:61:2b:1e:ab:
43:1c:1d:15:b2:96:de:81:bb:7c:83:cc:6d:7c:bd:43:13:9c:
30:a3:fe:d6:e7:12:96:7c:2f:be:92:ce:b0:bf:d1:c8:67:5b:
62:a0:09:71:73:17:31:c6:fc:d0:a6:c8:e7:94:a1:42:71:1b:
c2:03:5c:b5
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAb/XMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjYwMzE5MDk1NzMyWhcNMjYwNDI0MDk1NzMyWjAYMRYw
FAYDVQQDEw02OWJiYzg5MS0yMjU3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA7ri9bVRkPBqpFySSSfy1bpoZX/MHPQCgeHDmKbkyxGnZwmw/2PyxzytB
tT/SNRl6va1O4TxQt8hFvVxwm9DPFsNPvRCJAxZbMcZ6z4VjKRus/iqyo7GMFjFv
S8rc97mXJ1w4s07jvYrzsmdrBp1Ivsy/Ufi+lrvuzvA/nXeeseTXCXGWXoI5C4yo
FaLDen7zrXnLIi2iui4+t0Qeh/FF5yZTpsDDMldQegfweRRY9eA+ANKEP0bK5NLq
h6gUbOZEauEKlX/1b1p1GXqS5JkUdaElGp4ECsYMk3+uZJN3zqmmqEt0zd7G7OJa
SeubvM41fMqMEZ03bIaGK/qiJwEPcwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFOt+
7Mly/0dzRWMRkLW2fDbU+e02MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8wRUI1N0I1ODIzN0ExMUYxOTE2MEY5QUJEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmlnCMA0GCSqGSIb3DQEB
CwUAA4IBAQCaeoEPqKK0ge2WBSpVpQC41Ps9wTIypH09yMI/wNOahHTN9cxALupg
7XMTGqyujF/0R7ZGeEtj+J0tbQcx2OIv+q7WkbW6t90y0w8CN8nMBHIc3T7F+rWj
jK2yM/4BuyymLpGRNF2c1ui3QGt3a9LZe/GtamKeu0M+0mu0n0TvALDl0wE3XGHA
62J+pQR4d8T3naICdUwwKoH6QDR9oPIlE46eXbjTwA9e6FtHfy1d9O2v5wjPOrsM
FE/R0mBRKjVmamErHqtDHB0Vspbegbt8g8xtfL1DE5wwo/7W5xKWfC++ks6wv9HI
Z1tioAlxcxcxxvzQpsjnlKFCcRvCA1y1
-----END CERTIFICATE-----
Generated at Tue Mar 24 16:19:14 2026 by rpki-client