Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/1D42E10A17C311F18F423695DAE4EC9C.roa
File: 1D42E10A17C311F18F423695DAE4EC9C.roa (raw, json)
Hash identifier: RlL7VESBNT46LAFLV27qcaMvZmeqM0tTCY3xFsW204Y=
Subject key identifier: 5E:D5:F4:1C:8A:56:05:E5:3A:32:3F:2C:5D:66:1F:2F:69:04:24:E6
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01BD6D
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/1D42E10A17C311F18F423695DAE4EC9C.roa
Signing time: Wed 04 Mar 2026 12:10:20 +0000
ROA not before: Wed 04 Mar 2026 12:10:15 +0000
ROA not after: Fri 10 Apr 2026 12:10:15 +0000
asID: 401701
IP address blocks: 154.94.224.0/20 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 23 Mar 2026 00:06:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 114029 (0x1bd6d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Mar 4 12:10:15 2026 GMT
Not After : Apr 10 12:10:15 2026 GMT
Subject: CN=69a8212c-71cf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:2a:af:1a:a8:4c:90:c1:1d:b3:63:fe:dc:f1:
3b:98:fc:fe:74:2b:4c:ca:e1:c2:b4:82:8a:1a:92:
8e:c7:e0:6c:77:03:d1:4e:96:2c:39:f6:32:ca:83:
47:12:d0:57:a3:64:2f:f0:20:2d:74:c6:87:88:ef:
1c:89:a9:de:18:81:6a:e8:5b:b3:27:ca:19:4d:f2:
e8:a9:c5:b9:ec:db:78:13:d6:be:05:36:c1:19:eb:
e9:41:ff:73:29:4d:49:35:0a:17:29:d2:75:49:f2:
a9:19:40:b0:6b:42:3f:d8:c7:ed:1c:43:a2:7d:d5:
d4:13:f0:6e:6b:d5:42:05:ad:d8:bc:ed:08:3a:80:
14:58:0c:20:db:da:1f:e7:aa:54:89:c9:db:91:2d:
b6:94:0a:0f:43:e9:c3:18:a0:0c:1a:4b:73:1b:a2:
eb:b5:ef:07:53:6a:e6:47:6b:22:23:ec:a0:36:e8:
c7:ba:54:7b:e9:3c:d2:f7:b0:59:cb:94:28:f9:83:
52:d3:2b:40:8a:a6:5f:48:d0:12:04:3f:24:d7:01:
d5:3c:ae:10:0a:ff:f4:ff:9b:ad:8a:f9:a7:a9:cf:
ba:df:fb:6f:55:78:0c:aa:f1:99:d7:ec:4c:76:5a:
5b:ad:44:c9:4c:8b:3d:7a:29:44:7b:fe:4c:60:f4:
9a:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:D5:F4:1C:8A:56:05:E5:3A:32:3F:2C:5D:66:1F:2F:69:04:24:E6
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/1D42E10A17C311F18F423695DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.94.224.0/20
Signature Algorithm: sha256WithRSAEncryption
cc:0c:22:dc:86:23:db:9c:54:65:2a:fb:eb:c7:2a:ea:be:1c:
fe:65:84:23:ee:32:f0:1a:49:ad:3c:9b:2f:83:f3:55:95:67:
eb:81:f4:ab:a0:f7:45:ed:41:4a:2c:e8:02:d8:c6:4a:00:1d:
76:34:c4:fe:3b:2a:70:58:04:ef:75:8a:66:a5:2a:f5:b7:6b:
25:2c:a7:0e:ec:88:16:dd:ee:66:f8:2f:46:29:52:32:74:0b:
9f:7e:82:f3:16:ee:1b:f7:ce:1c:94:f3:1e:49:30:5c:99:1d:
94:df:3b:3a:fb:cd:7c:38:a5:fa:3e:7d:a2:d0:66:ae:24:c1:
9a:a1:ff:31:9a:1d:2e:cb:69:5e:34:08:b4:39:f4:e8:a2:1f:
52:66:f9:b0:bd:ae:1a:fc:9d:0f:15:97:d5:dc:82:08:4f:eb:
f5:99:2b:c6:ed:43:61:f6:87:5f:66:cd:68:ca:67:fc:44:45:
ac:53:1d:d4:4d:28:b4:b1:dd:bb:9e:eb:36:93:7f:c8:73:bf:
fa:41:48:1d:c0:ca:26:90:51:b0:c4:b4:40:c8:46:27:0c:b2:
31:d6:f7:89:90:7b:b7:e5:ee:29:c4:fb:89:04:d7:a6:22:26:
9d:06:3c:5f:e6:ab:dd:ca:4b:a6:eb:db:fd:76:61:ce:b7:c1:
e7:ee:f6:07
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAb1tMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjYwMzA0MTIxMDE1WhcNMjYwNDEwMTIxMDE1WjAYMRYw
FAYDVQQDEw02OWE4MjEyYy03MWNmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAuCqvGqhMkMEds2P+3PE7mPz+dCtMyuHCtIKKGpKOx+BsdwPRTpYsOfYy
yoNHEtBXo2Qv8CAtdMaHiO8cianeGIFq6FuzJ8oZTfLoqcW57Nt4E9a+BTbBGevp
Qf9zKU1JNQoXKdJ1SfKpGUCwa0I/2MftHEOifdXUE/Bua9VCBa3YvO0IOoAUWAwg
29of56pUicnbkS22lAoPQ+nDGKAMGktzG6Lrte8HU2rmR2siI+ygNujHulR76TzS
97BZy5Qo+YNS0ytAiqZfSNASBD8k1wHVPK4QCv/0/5utivmnqc+63/tvVXgMqvGZ
1+xMdlpbrUTJTIs9eilEe/5MYPSaZwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFF7V
9ByKVgXlOjI/LF1mHy9pBCTmMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8xRDQyRTEwQTE3QzMxMUYxOEY0MjM2OTVEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEml7gMA0GCSqGSIb3DQEB
CwUAA4IBAQDMDCLchiPbnFRlKvvrxyrqvhz+ZYQj7jLwGkmtPJsvg/NVlWfrgfSr
oPdF7UFKLOgC2MZKAB12NMT+OypwWATvdYpmpSr1t2slLKcO7IgW3e5m+C9GKVIy
dAuffoLzFu4b984clPMeSTBcmR2U3zs6+818OKX6Pn2i0GauJMGaof8xmh0uy2le
NAi0OfTooh9SZvmwva4a/J0PFZfV3IIIT+v1mSvG7UNh9odfZs1oymf8REWsUx3U
TSi0sd27nus2k3/Ic7/6QUgdwMomkFGwxLRAyEYnDLIx1veJkHu35e4pxPuJBNem
IiadBjxf5qvdykum69v9dmHOt8Hn7vYH
-----END CERTIFICATE-----
Generated at Sat Mar 21 17:17:33 2026 by rpki-client