Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/185786AE1C5611F19FCAD37FDAE4EC9C.roa
File: 185786AE1C5611F19FCAD37FDAE4EC9C.roa (raw, json)
Hash identifier: 2RxZ0b9GglTopVLMsHhYmuOZpqshaK+jN9DP2/Ix33k=
Subject key identifier: C1:62:BB:3B:B4:C1:2C:F7:0C:CF:C2:CD:73:4B:BE:99:FF:60:FF:BE
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01BE9D
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/185786AE1C5611F19FCAD37FDAE4EC9C.roa
Signing time: Tue 10 Mar 2026 07:52:33 +0000
ROA not before: Tue 10 Mar 2026 07:52:28 +0000
ROA not after: Wed 18 Nov 2026 07:52:28 +0000
asID: 205512
IP address blocks: 154.218.6.0/24 maxlen: 24
154.218.7.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Thu 26 Mar 2026 08:06:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 114333 (0x1be9d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Mar 10 07:52:28 2026 GMT
Not After : Nov 18 07:52:28 2026 GMT
Subject: CN=69afcdc1-5b9f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:5b:63:85:15:e7:ba:c1:8a:83:21:35:b7:da:
d8:7a:a1:ef:f7:31:5c:f0:3f:92:39:86:2f:27:85:
d4:fb:58:60:d5:d8:e9:fd:0d:ca:d1:35:69:62:9c:
22:b3:42:13:86:f3:97:81:74:3a:d8:6e:11:93:90:
97:41:8c:2e:d2:6a:70:52:9d:91:a9:fb:22:ca:d9:
6b:ff:e4:02:f7:c9:50:17:56:f6:21:1e:39:fd:02:
5b:65:38:93:af:39:52:e6:df:e0:34:94:ac:b9:6c:
a4:53:6b:27:5a:28:cb:6c:f7:75:c1:67:be:9b:e3:
ca:ad:3f:0a:8c:35:cd:43:ec:5c:0b:3c:f8:89:87:
f6:4e:36:ad:0c:8b:77:10:f2:71:3a:20:6d:ba:d8:
50:0c:9e:e9:aa:a3:5a:95:a7:77:81:d0:47:aa:0f:
bf:40:12:53:a4:16:12:f8:6b:e9:68:2f:c7:70:bc:
5d:08:8d:45:fb:56:f3:38:a9:46:7e:46:26:40:94:
72:75:7b:e7:cb:38:1e:2c:d2:6a:4d:55:bd:9f:98:
1f:75:81:08:6e:66:83:fa:90:f2:23:94:ef:f3:e3:
3d:cd:aa:0e:66:16:43:b8:59:5d:4f:61:73:c0:2b:
36:fb:c3:4c:17:5d:20:83:84:a9:bd:24:da:f3:86:
d5:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:62:BB:3B:B4:C1:2C:F7:0C:CF:C2:CD:73:4B:BE:99:FF:60:FF:BE
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/185786AE1C5611F19FCAD37FDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.218.6.0/23
Signature Algorithm: sha256WithRSAEncryption
94:6c:72:4c:48:b3:45:c4:b1:23:37:5a:30:90:84:fa:b8:21:
6a:7b:91:a1:ff:23:fc:f6:ac:77:77:4c:97:76:82:d1:b6:e3:
99:28:2f:b2:cf:a8:af:b3:6e:72:0f:ba:af:fe:aa:62:38:03:
36:18:fd:70:45:5c:d1:45:53:ec:97:11:7d:28:d3:ff:f8:c1:
79:9b:6d:a5:9f:d2:bb:2b:5d:36:a5:34:95:30:bd:e1:02:e8:
1e:42:4c:ee:34:eb:4a:b5:6c:ab:5d:2e:32:02:c3:7d:2e:c1:
6e:64:f5:54:d2:f1:74:77:d5:55:d6:d1:14:31:38:50:31:6b:
e0:49:6b:73:01:19:a7:5c:49:23:70:50:06:98:e2:87:a2:d3:
31:fd:38:20:ca:62:e7:27:fe:e3:53:86:e1:98:67:96:a4:bf:
e5:4e:16:f9:64:58:96:54:5a:da:dd:2c:0a:94:a3:be:65:39:
a4:23:62:ce:f4:4a:99:64:f3:81:20:f0:95:7a:18:34:b2:3b:
3a:7b:46:28:d6:e0:f6:a0:bf:ad:88:cb:3b:a0:25:b3:b6:11:
a0:a7:f6:50:d5:87:7e:3c:a5:65:da:41:3f:d3:bc:70:55:8d:
01:a1:91:61:dc:07:ed:c0:92:75:66:9d:df:c7:da:8a:63:a8:
ce:f8:bb:97
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAb6dMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjYwMzEwMDc1MjI4WhcNMjYxMTE4MDc1MjI4WjAYMRYw
FAYDVQQDEw02OWFmY2RjMS01YjlmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA0ltjhRXnusGKgyE1t9rYeqHv9zFc8D+SOYYvJ4XU+1hg1djp/Q3K0TVp
Ypwis0IThvOXgXQ62G4Rk5CXQYwu0mpwUp2Rqfsiytlr/+QC98lQF1b2IR45/QJb
ZTiTrzlS5t/gNJSsuWykU2snWijLbPd1wWe+m+PKrT8KjDXNQ+xcCzz4iYf2Tjat
DIt3EPJxOiBtuthQDJ7pqqNalad3gdBHqg+/QBJTpBYS+GvpaC/HcLxdCI1F+1bz
OKlGfkYmQJRydXvnyzgeLNJqTVW9n5gfdYEIbmaD+pDyI5Tv8+M9zaoOZhZDuFld
T2FzwCs2+8NMF10gg4SpvSTa84bVDQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFMFi
uzu0wSz3DM/CzXNLvpn/YP++MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8xODU3ODZBRTFDNTYxMUYxOUZDQUQzN0ZEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBmtoGMA0GCSqGSIb3DQEB
CwUAA4IBAQCUbHJMSLNFxLEjN1owkIT6uCFqe5Gh/yP89qx3d0yXdoLRtuOZKC+y
z6ivs25yD7qv/qpiOAM2GP1wRVzRRVPslxF9KNP/+MF5m22ln9K7K102pTSVML3h
AugeQkzuNOtKtWyrXS4yAsN9LsFuZPVU0vF0d9VV1tEUMThQMWvgSWtzARmnXEkj
cFAGmOKHotMx/TggymLnJ/7jU4bhmGeWpL/lThb5ZFiWVFra3SwKlKO+ZTmkI2LO
9EqZZPOBIPCVehg0sjs6e0Yo1uD2oL+tiMs7oCWzthGgp/ZQ1Yd+PKVl2kE/07xw
VY0BoZFh3AftwJJ1Zp3fx9qKY6jO+LuX
-----END CERTIFICATE-----
Generated at Tue Mar 24 16:14:22 2026 by rpki-client