Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/13DFFAB016DF11F1BB1B9E9CDAE4EC9C.roa
File: 13DFFAB016DF11F1BB1B9E9CDAE4EC9C.roa (raw, json)
Hash identifier: Cn6UX8EsPGpuNMrZMGDBxgay8ScqCAbYnvFQI8fxyTk=
Subject key identifier: 9F:65:1F:10:66:52:AD:B2:9E:08:9E:1E:EE:01:12:AF:32:F5:CC:64
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01BD18
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/13DFFAB016DF11F1BB1B9E9CDAE4EC9C.roa
Signing time: Tue 03 Mar 2026 08:57:59 +0000
ROA not before: Tue 03 Mar 2026 08:57:55 +0000
ROA not after: Thu 12 Mar 2026 08:57:55 +0000
asID: 149014
IP address blocks: 154.223.168.0/22 maxlen: 24
154.223.176.0/22 maxlen: 24
154.223.180.0/22 maxlen: 24
154.223.188.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 08 Mar 2026 08:35:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 113944 (0x1bd18)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Mar 3 08:57:55 2026 GMT
Not After : Mar 12 08:57:55 2026 GMT
Subject: CN=69a6a297-d83a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:97:89:14:16:71:0d:86:63:67:7f:6d:30:ed:
03:66:b3:13:54:51:72:6b:52:e9:02:90:2f:31:af:
25:f3:65:d7:be:c8:f0:05:c2:f9:95:c1:a2:4f:b4:
7d:58:78:47:6d:4e:b0:44:39:62:b0:29:5a:b4:3b:
20:de:f4:e4:97:3c:82:6d:84:bd:94:44:e0:25:b3:
5c:ea:62:a8:13:87:26:10:4d:f0:92:01:eb:53:5a:
4c:f7:4c:15:9c:e3:50:ab:8c:30:d7:3a:6c:f5:8a:
3b:2d:0e:e3:98:d2:06:78:09:65:27:6f:f3:aa:0b:
02:9f:f8:ab:07:2a:9a:5f:00:a6:b9:db:a4:28:90:
ef:55:27:18:85:8e:83:8f:2c:19:94:7a:06:62:89:
75:de:2a:bd:d1:86:53:d0:c2:77:d8:b8:a6:33:b9:
0e:9b:01:17:2e:ff:ed:c7:50:96:28:d0:76:b2:d8:
64:8e:87:58:0c:e9:50:47:a4:9d:57:e3:fb:62:02:
c0:c3:3d:0e:b5:4f:57:12:f9:f3:77:1a:ef:12:a6:
6c:95:5f:7f:5c:c8:7f:14:3b:99:f4:b6:1a:5d:44:
f1:35:77:75:3d:93:4e:68:4e:b8:b2:a1:31:9a:40:
da:60:80:b5:fa:55:5a:a4:95:8c:89:23:d7:22:87:
d4:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:65:1F:10:66:52:AD:B2:9E:08:9E:1E:EE:01:12:AF:32:F5:CC:64
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/13DFFAB016DF11F1BB1B9E9CDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.223.168.0/22
154.223.176.0/21
154.223.188.0/22
Signature Algorithm: sha256WithRSAEncryption
c7:c3:26:c8:37:91:82:e1:d9:f0:9d:75:bd:d9:24:21:f5:42:
0a:45:71:2c:b1:65:c8:5f:cf:3a:dc:27:a2:dc:3f:17:37:d7:
f2:f0:aa:3c:02:41:14:50:40:29:9c:7e:34:33:2f:71:65:2f:
31:ce:99:7b:ed:f5:b9:4e:e9:05:0e:c4:8a:92:9b:19:8d:a5:
6d:ad:1a:b8:35:7f:77:27:9b:52:ea:6c:6f:b1:94:06:4e:65:
3c:9a:4a:14:33:ed:19:0c:06:8b:26:e2:b1:00:dc:d9:5c:65:
c2:dd:ea:a3:30:31:7c:72:bb:9c:34:04:b1:9c:f5:24:0c:70:
86:e1:a9:a3:af:a5:a3:1f:d9:ef:cb:31:30:c6:d2:66:58:ae:
01:c9:85:17:71:3b:2b:24:fc:c9:26:20:a7:45:d8:95:34:27:
01:06:b3:da:2a:d5:00:01:4a:d8:eb:d2:f6:bb:6b:e4:ba:a5:
62:c0:9f:f1:12:2c:fd:58:a5:0f:86:67:9a:ba:97:e5:f8:f6:
79:30:92:a8:d8:49:33:e1:cd:80:2c:56:11:27:fb:6e:2a:ea:
d7:3c:31:cd:a4:02:12:55:5c:01:69:58:ea:a6:dc:51:45:4a:
17:1a:ab:a7:c9:f1:72:99:6f:f1:88:db:e4:de:c3:04:7b:3f:
47:e4:6d:e6
-----BEGIN CERTIFICATE-----
MIIFkDCCBHigAwIBAgIDAb0YMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjYwMzAzMDg1NzU1WhcNMjYwMzEyMDg1NzU1WjAYMRYw
FAYDVQQDEw02OWE2YTI5Ny1kODNhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAz5eJFBZxDYZjZ39tMO0DZrMTVFFya1LpApAvMa8l82XXvsjwBcL5lcGi
T7R9WHhHbU6wRDlisClatDsg3vTklzyCbYS9lETgJbNc6mKoE4cmEE3wkgHrU1pM
90wVnONQq4ww1zps9Yo7LQ7jmNIGeAllJ2/zqgsCn/irByqaXwCmudukKJDvVScY
hY6DjywZlHoGYol13iq90YZT0MJ32LimM7kOmwEXLv/tx1CWKNB2sthkjodYDOlQ
R6SdV+P7YgLAwz0OtU9XEvnzdxrvEqZslV9/XMh/FDuZ9LYaXUTxNXd1PZNOaE64
sqExmkDaYIC1+lVapJWMiSPXIofUtQIDAQABo4ICsTCCAq0wHQYDVR0OBBYEFJ9l
HxBmUq2yngieHu4BEq8y9cxkMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8xM0RGRkFCMDE2REYxMUYxQkIxQjlFOUNEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCmt+oAwQDmt+wAwQCmt+8
MA0GCSqGSIb3DQEBCwUAA4IBAQDHwybIN5GC4dnwnXW92SQh9UIKRXEssWXIX886
3Cei3D8XN9fy8Ko8AkEUUEApnH40My9xZS8xzpl77fW5TukFDsSKkpsZjaVtrRq4
NX93J5tS6mxvsZQGTmU8mkoUM+0ZDAaLJuKxANzZXGXC3eqjMDF8crucNASxnPUk
DHCG4amjr6WjH9nvyzEwxtJmWK4ByYUXcTsrJPzJJiCnRdiVNCcBBrPaKtUAAUrY
69L2u2vkuqViwJ/xEiz9WKUPhmeaupfl+PZ5MJKo2Ekz4c2ALFYRJ/tuKurXPDHN
pAISVVwBaVjqptxRRUoXGqunyfFymW/xiNvk3sMEez9H5G3m
-----END CERTIFICATE-----
Generated at Fri Mar 6 09:54:31 2026 by rpki-client