Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/1DB792DC17BB11F1ACFEE5E1DAE4EC9C.roa
File: 1DB792DC17BB11F1ACFEE5E1DAE4EC9C.roa (raw, json)
Hash identifier: B2+l8vaygvUvdg2A7a/bd+csfz/9/jVIhM1SOFXpi9s=
Subject key identifier: 26:51:D2:78:06:1B:D8:0E:78:AB:98:D8:72:F8:EE:7A:FA:61:37:9E
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01BD67
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/1DB792DC17BB11F1ACFEE5E1DAE4EC9C.roa
Signing time: Wed 04 Mar 2026 11:13:05 +0000
ROA not before: Wed 04 Mar 2026 11:13:01 +0000
ROA not after: Fri 08 May 2026 11:13:01 +0000
asID: 137443
IP address blocks: 154.223.168.0/22 maxlen: 24
154.223.176.0/22 maxlen: 24
154.223.180.0/22 maxlen: 24
154.223.188.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Wed 18 Mar 2026 00:06:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 114023 (0x1bd67)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Mar 4 11:13:01 2026 GMT
Not After : May 8 11:13:01 2026 GMT
Subject: CN=69a813c1-4f4d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:f4:31:d2:ad:6f:64:43:f6:a7:f4:cc:d5:93:
81:26:8c:be:45:1f:1b:90:6d:e2:00:5e:0f:95:0f:
8f:c1:3b:06:93:cb:31:d9:a0:d1:4e:75:ad:76:29:
ac:17:f7:eb:41:8f:ca:83:7f:db:ad:e6:30:52:39:
65:2f:f0:e6:57:ad:7d:e4:fc:03:12:4b:4d:d6:1b:
0b:82:95:10:0f:d3:8f:44:8d:bb:64:73:e2:bd:a1:
c2:08:5a:ac:1a:0e:e6:82:ee:a6:5b:2f:ca:69:2c:
df:79:16:30:71:8e:d1:25:bc:3b:e9:46:42:7c:ba:
df:c7:d9:3f:e3:35:d5:33:54:ec:a3:d2:72:88:14:
1d:29:9f:c8:23:89:8d:97:e0:d3:a9:0b:a2:c5:64:
f5:17:31:7f:44:1e:d9:f6:98:f0:af:3b:06:0f:91:
9c:4a:9a:d2:3b:08:00:e9:eb:af:49:fa:a1:9f:17:
ca:39:b0:e5:48:4b:9c:72:e7:00:f1:10:73:f9:ca:
65:a0:13:7e:01:59:ea:8c:ea:8e:c8:ce:ea:89:66:
49:1e:ce:1a:3a:7f:ba:b5:3a:9d:0a:6f:95:9b:20:
9f:30:14:cf:7d:47:f5:5d:dc:30:c9:34:aa:02:7f:
6a:c7:29:9f:7a:60:ea:42:91:29:f5:a3:ce:31:6c:
59:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
26:51:D2:78:06:1B:D8:0E:78:AB:98:D8:72:F8:EE:7A:FA:61:37:9E
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/1DB792DC17BB11F1ACFEE5E1DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.223.168.0/22
154.223.176.0/21
154.223.188.0/22
Signature Algorithm: sha256WithRSAEncryption
ca:f5:d5:8c:66:86:74:50:1c:e5:f7:f0:15:6b:13:ea:ae:42:
45:96:6c:ec:d1:5e:44:d3:1b:a6:ef:88:1d:83:97:8b:42:2a:
d6:a9:a7:3a:46:9e:24:c4:23:0f:ac:b3:87:0b:34:34:c0:ac:
07:77:d4:d1:de:d1:49:b1:4e:82:68:f9:e6:e6:7b:30:30:8b:
11:af:28:62:92:2e:a8:6f:3d:5d:41:08:71:4d:fa:eb:8e:39:
6a:3e:79:54:de:d1:c3:25:8b:f7:4c:25:0f:3c:7e:bd:8c:60:
99:68:09:03:e9:82:93:1c:1a:c0:16:01:4e:ee:f1:f6:b8:20:
29:ce:e9:b6:4d:c3:c6:66:73:3b:64:65:c0:44:a0:f8:d3:48:
06:cf:c1:77:2b:94:14:ec:95:3f:22:3a:f8:9f:9b:2e:b8:7a:
9d:55:65:fd:48:0c:74:a5:99:e8:11:09:81:36:5f:b4:f9:55:
10:fd:8e:5e:af:35:eb:db:89:8b:73:16:a7:07:40:53:f7:da:
8d:35:c5:f6:e6:76:ca:c8:52:ad:e7:b6:e4:e2:94:28:37:78:
91:29:ce:95:70:ad:6f:4e:0c:42:e5:3b:70:f6:26:0b:a1:66:
6f:d2:85:84:54:ba:32:40:be:9b:71:77:01:7c:2d:cb:c5:90:
1e:5f:2a:fd
-----BEGIN CERTIFICATE-----
MIIFkDCCBHigAwIBAgIDAb1nMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjYwMzA0MTExMzAxWhcNMjYwNTA4MTExMzAxWjAYMRYw
FAYDVQQDEw02OWE4MTNjMS00ZjRkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAqPQx0q1vZEP2p/TM1ZOBJoy+RR8bkG3iAF4PlQ+PwTsGk8sx2aDRTnWt
dimsF/frQY/Kg3/breYwUjllL/DmV6195PwDEktN1hsLgpUQD9OPRI27ZHPivaHC
CFqsGg7mgu6mWy/KaSzfeRYwcY7RJbw76UZCfLrfx9k/4zXVM1Tso9JyiBQdKZ/I
I4mNl+DTqQuixWT1FzF/RB7Z9pjwrzsGD5GcSprSOwgA6euvSfqhnxfKObDlSEuc
cucA8RBz+cploBN+AVnqjOqOyM7qiWZJHs4aOn+6tTqdCm+VmyCfMBTPfUf1Xdww
yTSqAn9qxymfemDqQpEp9aPOMWxZTQIDAQABo4ICsTCCAq0wHQYDVR0OBBYEFCZR
0ngGG9gOeKuY2HL47nr6YTeeMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8xREI3OTJEQzE3QkIxMUYxQUNGRUU1RTFEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCmt+oAwQDmt+wAwQCmt+8
MA0GCSqGSIb3DQEBCwUAA4IBAQDK9dWMZoZ0UBzl9/AVaxPqrkJFlmzs0V5E0xum
74gdg5eLQirWqac6Rp4kxCMPrLOHCzQ0wKwHd9TR3tFJsU6CaPnm5nswMIsRryhi
ki6obz1dQQhxTfrrjjlqPnlU3tHDJYv3TCUPPH69jGCZaAkD6YKTHBrAFgFO7vH2
uCApzum2TcPGZnM7ZGXARKD400gGz8F3K5QU7JU/Ijr4n5suuHqdVWX9SAx0pZno
EQmBNl+0+VUQ/Y5erzXr24mLcxanB0BT99qNNcX25nbKyFKt57bk4pQoN3iRKc6V
cK1vTgxC5Ttw9iYLoWZv0oWEVLoyQL6bcXcBfC3LxZAeXyr9
-----END CERTIFICATE-----
Generated at Mon Mar 16 19:06:21 2026 by rpki-client