Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/208250E6244B11F1AE2023E9DAE4EC9C.roa
File: 208250E6244B11F1AE2023E9DAE4EC9C.roa (raw, json)
Hash identifier: AyyzGnrF+S6xc7nzz0W+5wcrdDijghG9TdQzsrTp2pA=
Subject key identifier: 45:EA:54:AA:A4:E1:83:99:31:E4:86:15:C8:C8:2C:B5:93:B2:15:A7
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01C022
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/208250E6244B11F1AE2023E9DAE4EC9C.roa
Signing time: Fri 20 Mar 2026 10:54:12 +0000
ROA not before: Fri 20 Mar 2026 10:54:07 +0000
ROA not after: Sun 26 Apr 2026 10:54:07 +0000
asID: 138915
IP address blocks: 154.203.128.0/23 maxlen: 24
154.203.130.0/23 maxlen: 24
154.203.132.0/24 maxlen: 24
154.203.133.0/24 maxlen: 24
154.203.134.0/24 maxlen: 24
154.203.136.0/24 maxlen: 24
154.206.116.0/23 maxlen: 24
154.206.118.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Thu 26 Mar 2026 08:06:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 114722 (0x1c022)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Mar 20 10:54:07 2026 GMT
Not After : Apr 26 10:54:07 2026 GMT
Subject: CN=69bd2754-a20c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:ff:93:a8:c5:f3:df:6f:ce:ec:36:6a:c6:5b:
69:ed:cc:96:7d:20:bf:97:4c:73:fd:94:be:50:0a:
0a:cc:85:65:f1:ff:19:de:38:84:cb:20:4a:e1:a7:
23:b0:de:58:b5:32:b6:77:3f:77:08:96:97:91:17:
4b:81:d6:87:1c:cb:23:06:a8:05:b2:e4:30:b4:b5:
f4:18:15:ff:4b:35:4c:18:07:bb:a5:a0:bd:34:c7:
18:44:f7:04:c3:17:2f:38:6a:8a:1e:2c:34:78:48:
52:6d:42:12:f7:c8:e2:23:cb:78:2b:cc:15:87:65:
14:a2:f2:f7:49:2d:18:8f:2c:b3:b1:70:a4:71:88:
25:ea:f8:57:66:e5:66:b4:2f:6e:1a:2d:64:d8:b7:
21:98:8d:f7:75:8f:3a:63:d2:a3:44:8e:fd:15:fa:
fe:5b:0b:18:9c:38:fc:bf:0d:38:7f:1f:0c:b4:5a:
b1:bb:51:cc:2c:0a:20:63:a2:1c:a9:f5:d4:9c:38:
48:a1:a7:06:e8:f4:ca:ce:e6:e4:9d:88:40:8a:8f:
7d:3e:25:c6:8f:ec:79:f6:b3:2d:ce:9d:e0:96:24:
a2:a5:cc:2e:68:7b:8e:b0:4b:31:6e:3d:be:34:08:
d6:90:0e:5b:91:f1:79:a8:64:1e:fa:cb:a2:f1:f4:
b0:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:EA:54:AA:A4:E1:83:99:31:E4:86:15:C8:C8:2C:B5:93:B2:15:A7
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/208250E6244B11F1AE2023E9DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.203.128.0-154.203.134.255
154.203.136.0/24
154.206.116.0/22
Signature Algorithm: sha256WithRSAEncryption
24:83:ce:93:09:e3:a6:71:73:09:03:47:3d:3c:b1:aa:f4:6f:
6b:82:0e:ec:bc:5c:13:2e:3d:e8:2c:e6:c2:3b:89:a9:bd:37:
c0:2a:9d:31:28:1f:ed:ec:0a:80:cc:38:11:86:b3:23:24:b2:
9f:6b:b5:bd:a8:4c:81:c2:50:24:fb:b0:15:0a:65:c1:89:a7:
69:57:dc:e5:f2:75:7c:e2:36:86:ae:b2:47:c3:aa:e8:1d:7b:
63:c1:b1:a9:6b:16:ee:95:4d:16:ad:87:7b:84:f1:0f:10:11:
3d:e3:24:47:97:a0:12:38:6f:5f:5a:a4:05:9c:db:7a:d2:76:
2b:c2:4d:59:b8:35:32:d0:0b:3e:c9:6c:75:9c:ff:3a:9a:bf:
82:04:2d:da:29:83:85:4c:6c:28:fa:c6:72:0c:0e:b2:54:61:
38:01:b6:c8:04:c8:05:06:d1:cd:52:f8:00:ea:e0:b7:8f:08:
bf:f9:6f:19:36:e0:a3:17:1d:de:5e:ce:d9:f5:df:05:56:32:
a4:aa:01:23:3b:1a:10:8f:e1:4d:42:4d:bd:5e:33:02:91:7a:
f1:b7:2e:e4:37:cd:ec:61:96:79:0a:b5:76:1a:b7:5a:b4:71:
bf:fd:31:62:64:09:42:87:80:cb:33:2c:84:db:ea:a0:a4:ac:
2f:90:d6:f8
-----BEGIN CERTIFICATE-----
MIIFmDCCBICgAwIBAgIDAcAiMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjYwMzIwMTA1NDA3WhcNMjYwNDI2MTA1NDA3WjAYMRYw
FAYDVQQDEw02OWJkMjc1NC1hMjBjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA6v+TqMXz32/O7DZqxltp7cyWfSC/l0xz/ZS+UAoKzIVl8f8Z3jiEyyBK
4acjsN5YtTK2dz93CJaXkRdLgdaHHMsjBqgFsuQwtLX0GBX/SzVMGAe7paC9NMcY
RPcEwxcvOGqKHiw0eEhSbUIS98jiI8t4K8wVh2UUovL3SS0YjyyzsXCkcYgl6vhX
ZuVmtC9uGi1k2LchmI33dY86Y9KjRI79Ffr+WwsYnDj8vw04fx8MtFqxu1HMLAog
Y6IcqfXUnDhIoacG6PTKzubknYhAio99PiXGj+x59rMtzp3gliSipcwuaHuOsEsx
bj2+NAjWkA5bkfF5qGQe+sui8fSwbQIDAQABo4ICuTCCArUwHQYDVR0OBBYEFEXq
VKqk4YOZMeSGFcjILLWTshWnMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8yMDgyNTBFNjI0NEIxMUYxQUUyMDIzRTlEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBAeay4ADBACay4YDBACa
y4gDBAKaznQwDQYJKoZIhvcNAQELBQADggEBACSDzpMJ46ZxcwkDRz08sar0b2uC
Duy8XBMuPegs5sI7iam9N8AqnTEoH+3sCoDMOBGGsyMksp9rtb2oTIHCUCT7sBUK
ZcGJp2lX3OXydXziNoauskfDqugde2PBsalrFu6VTRath3uE8Q8QET3jJEeXoBI4
b19apAWc23rSdivCTVm4NTLQCz7JbHWc/zqav4IELdopg4VMbCj6xnIMDrJUYTgB
tsgEyAUG0c1S+ADq4LePCL/5bxk24KMXHd5eztn13wVWMqSqASM7GhCP4U1CTb1e
MwKRevG3LuQ3zexhlnkKtXYat1q0cb/9MWJkCUKHgMszLITb6qCkrC+Q1vg=
-----END CERTIFICATE-----
Generated at Tue Mar 24 16:19:49 2026 by rpki-client