Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/28B7295A188211F1906216ACDAE4EC9C.roa
File: 28B7295A188211F1906216ACDAE4EC9C.roa (raw, json)
Hash identifier: 3tEabdOJ1GhR5TRo9zaQGc8svULfYqwQlQppkOdIrMo=
Subject key identifier: 8B:5E:25:B5:78:CC:49:CC:26:94:9D:1F:F0:2C:C4:84:B1:C1:91:A8
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01BDC7
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/28B7295A188211F1906216ACDAE4EC9C.roa
Signing time: Thu 05 Mar 2026 10:57:53 +0000
ROA not before: Thu 05 Mar 2026 10:57:49 +0000
ROA not after: Thu 16 Apr 2026 10:57:49 +0000
asID: 401696
IP address blocks: 154.222.16.0/20 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Thu 26 Mar 2026 08:06:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 114119 (0x1bdc7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Mar 5 10:57:49 2026 GMT
Not After : Apr 16 10:57:49 2026 GMT
Subject: CN=69a961b1-7fb3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:ed:9d:03:32:74:33:0e:aa:a8:0f:6c:b3:aa:
7c:b5:d0:a3:f9:2b:d8:6b:1f:62:9e:98:49:20:b2:
8b:fa:19:5c:8d:42:7c:c4:e4:02:98:e2:a9:3f:b3:
2c:6a:d3:2c:d8:8a:8e:27:d1:5c:4b:02:de:ba:b9:
02:23:46:bd:3b:b4:a3:4f:9f:9a:d7:ea:4a:ed:c1:
3d:92:2f:d5:5b:95:f3:cd:23:99:06:e8:03:39:e5:
28:13:6c:f0:85:c2:58:ba:0d:3f:15:db:cb:f2:18:
bb:9f:c0:a5:f3:6a:58:af:51:cf:8e:6e:74:24:55:
fc:4a:7d:78:62:64:cc:2a:f4:53:4a:9f:0d:b0:c4:
06:14:4c:d6:04:10:d4:e8:a3:7b:b2:0e:ce:7e:c7:
ad:1f:1b:87:4c:64:3e:53:d0:2e:b8:0c:a6:9f:5e:
34:dc:44:49:8a:74:fc:82:84:ae:29:8c:aa:b3:d5:
b8:a8:df:de:be:3c:68:b3:ea:c4:2d:57:f1:6b:c6:
27:98:d3:32:ae:14:fb:e9:c6:2a:50:8e:c8:e5:32:
a7:88:64:e7:c6:d7:ea:66:57:07:ff:06:87:6f:68:
f1:f2:65:40:db:37:5b:69:b4:0a:e9:5d:e1:e6:24:
72:6d:b7:e9:6f:ef:5b:4b:97:67:9c:c5:b9:dd:6c:
e7:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:5E:25:B5:78:CC:49:CC:26:94:9D:1F:F0:2C:C4:84:B1:C1:91:A8
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/28B7295A188211F1906216ACDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.222.16.0/20
Signature Algorithm: sha256WithRSAEncryption
c6:2c:02:81:ae:f5:1b:75:bf:2b:0a:87:8f:6c:80:47:d7:21:
f2:de:36:62:d4:5e:40:f4:96:95:d2:f4:18:b8:a7:fa:50:cd:
cf:2d:77:aa:5c:c6:12:17:86:5d:3e:ab:12:06:34:2f:90:1c:
69:a4:02:e2:0d:f8:95:6d:d3:04:62:72:88:6f:d6:95:5a:23:
c5:87:d7:9b:e8:a7:67:33:9c:e4:87:12:a9:5f:db:d8:5b:af:
d6:01:d6:1d:67:ac:34:cf:4a:37:f6:af:f6:43:f4:35:9c:a9:
af:52:72:ef:5e:5a:b4:7b:68:8f:c5:76:02:f1:cb:4d:89:51:
12:45:a8:55:9f:46:3c:2f:96:58:50:33:0a:02:21:8a:a6:c3:
d9:5b:69:ac:b3:ba:87:7a:62:33:cf:a5:75:04:ee:07:7c:21:
4e:c7:0b:59:27:ba:37:7b:ce:64:68:0e:d7:e7:06:4b:23:38:
4a:da:f2:1e:59:45:ba:29:a2:f7:3c:8e:f8:46:c3:b8:af:8d:
66:c1:fe:5c:27:0a:b9:87:b1:04:21:f0:cb:a2:fe:68:8d:63:
65:ba:8e:b5:8c:f3:7a:eb:ba:d1:81:f1:25:46:7e:32:ed:21:
4e:10:cc:d9:49:60:cd:0a:86:a1:3c:fb:8c:43:2a:d1:91:90:
ee:41:6d:55
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAb3HMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjYwMzA1MTA1NzQ5WhcNMjYwNDE2MTA1NzQ5WjAYMRYw
FAYDVQQDEw02OWE5NjFiMS03ZmIzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAye2dAzJ0Mw6qqA9ss6p8tdCj+SvYax9inphJILKL+hlcjUJ8xOQCmOKp
P7MsatMs2IqOJ9FcSwLeurkCI0a9O7SjT5+a1+pK7cE9ki/VW5XzzSOZBugDOeUo
E2zwhcJYug0/FdvL8hi7n8Cl82pYr1HPjm50JFX8Sn14YmTMKvRTSp8NsMQGFEzW
BBDU6KN7sg7OfsetHxuHTGQ+U9AuuAymn1403ERJinT8goSuKYyqs9W4qN/evjxo
s+rELVfxa8YnmNMyrhT76cYqUI7I5TKniGTnxtfqZlcH/waHb2jx8mVA2zdbabQK
6V3h5iRybbfpb+9bS5dnnMW53Wzn2wIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFIte
JbV4zEnMJpSdH/AsxISxwZGoMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8yOEI3Mjk1QTE4ODIxMUYxOTA2MjE2QUNEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEmt4QMA0GCSqGSIb3DQEB
CwUAA4IBAQDGLAKBrvUbdb8rCoePbIBH1yHy3jZi1F5A9JaV0vQYuKf6UM3PLXeq
XMYSF4ZdPqsSBjQvkBxppALiDfiVbdMEYnKIb9aVWiPFh9eb6KdnM5zkhxKpX9vY
W6/WAdYdZ6w0z0o39q/2Q/Q1nKmvUnLvXlq0e2iPxXYC8ctNiVESRahVn0Y8L5ZY
UDMKAiGKpsPZW2mss7qHemIzz6V1BO4HfCFOxwtZJ7o3e85kaA7X5wZLIzhK2vIe
WUW6KaL3PI74RsO4r41mwf5cJwq5h7EEIfDLov5ojWNluo61jPN667rRgfElRn4y
7SFOEMzZSWDNCoahPPuMQyrRkZDuQW1V
-----END CERTIFICATE-----
Generated at Tue Mar 24 16:16:07 2026 by rpki-client