Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/29151B88268C11F1B547ED8FDAE4EC9C.roa
File: 29151B88268C11F1B547ED8FDAE4EC9C.roa (raw, json)
Hash identifier: mXK8UxiUkoGUMyZKk6kReGi5MBCv7JAwIpoJA2Ncd+Q=
Subject key identifier: 32:03:C4:A1:78:3D:61:2E:90:ED:5B:70:0A:66:5C:4D:63:09:18:9A
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01C067
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/29151B88268C11F1B547ED8FDAE4EC9C.roa
Signing time: Mon 23 Mar 2026 07:44:46 +0000
ROA not before: Mon 23 Mar 2026 07:44:40 +0000
ROA not after: Wed 29 Apr 2026 07:44:40 +0000
asID: 134365
IP address blocks: 154.194.248.0/21 maxlen: 24
154.194.248.0/24 maxlen: 24
154.194.249.0/24 maxlen: 24
154.194.250.0/24 maxlen: 24
154.194.251.0/24 maxlen: 24
154.194.252.0/24 maxlen: 24
154.194.253.0/24 maxlen: 24
154.194.254.0/24 maxlen: 24
154.194.255.0/24 maxlen: 24
154.198.40.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Thu 26 Mar 2026 08:06:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 114791 (0x1c067)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Mar 23 07:44:40 2026 GMT
Not After : Apr 29 07:44:40 2026 GMT
Subject: CN=69c0ef6d-e3ce
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:27:21:0b:78:d1:e1:15:89:92:35:0c:54:93:
7b:72:f4:f3:d2:9b:01:fd:fa:bd:dc:7f:11:67:80:
b4:16:90:cc:f9:8e:ba:ac:1f:a2:eb:46:06:f9:37:
0a:0d:fb:a3:fd:cc:a0:27:45:33:c3:31:e0:43:ec:
66:74:9b:48:a7:03:32:41:53:fe:95:20:43:28:20:
75:74:3c:ee:e1:eb:de:e6:1a:48:e2:99:82:31:b7:
ba:8d:33:16:e4:7b:49:b7:0b:07:5b:f4:0d:59:bd:
12:66:6c:38:91:b9:4c:5c:ff:23:d9:64:aa:a8:5d:
88:7b:db:42:44:f4:30:95:dc:52:ce:4d:98:86:d5:
73:07:37:ba:01:fc:06:fa:42:e0:94:fe:1f:65:02:
64:09:b4:88:65:0b:2e:da:49:7d:d2:12:11:66:1e:
56:45:30:e3:bc:d0:5d:d3:95:c2:83:1a:51:5b:19:
d6:08:89:ca:be:f2:33:63:b0:8e:c4:03:30:34:58:
3f:7e:e2:c7:05:bf:f9:6c:b1:87:06:22:cc:7c:df:
c7:b6:73:94:a5:33:42:64:a6:c3:e3:0f:90:ce:72:
f3:9c:f3:7d:45:8d:48:89:67:e6:9d:2a:ae:18:2c:
fb:c0:ad:0f:95:e9:45:bc:d1:b2:e7:3b:dc:42:7f:
db:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:03:C4:A1:78:3D:61:2E:90:ED:5B:70:0A:66:5C:4D:63:09:18:9A
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/29151B88268C11F1B547ED8FDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.194.248.0/21
154.198.40.0/22
Signature Algorithm: sha256WithRSAEncryption
84:e0:d5:82:64:6f:56:94:70:3e:42:d8:d5:d3:a3:75:5b:70:
91:d1:fc:ed:1b:15:37:5b:d8:fa:26:93:24:3e:d8:cf:a8:6c:
42:c1:c1:e1:d1:39:6f:c9:8b:d7:85:20:f2:34:6b:9d:cd:59:
17:03:21:e6:0a:e4:7f:a9:15:cf:49:8c:3b:7f:db:1f:13:26:
ba:b9:e3:28:99:2c:20:7b:a2:46:85:f3:23:3f:43:ba:62:3b:
f9:b3:14:21:19:62:0e:ba:51:d2:b3:cf:03:7b:8f:a0:57:96:
a1:66:cd:67:36:08:88:21:f1:da:79:b1:aa:1b:be:08:84:32:
6d:3a:67:d0:57:a1:4b:4c:ed:6a:40:de:22:6a:67:00:57:a0:
eb:1d:5b:9d:e3:6f:84:24:7f:e4:8b:07:13:4c:21:e7:cf:6c:
e4:d6:35:08:4a:30:e4:68:bb:03:d1:06:4d:f9:38:24:0a:e5:
c5:ac:8c:6a:18:34:a2:9d:7a:39:84:50:f7:0d:d0:8a:fb:e5:
35:02:27:0f:1a:e2:46:3d:02:80:d6:ba:0b:44:71:80:8c:ba:
28:b4:7b:25:df:ab:90:52:bb:1f:91:eb:30:63:31:8c:53:29:
69:36:b1:bd:a3:14:78:05:84:f6:a5:02:ae:0d:fa:7f:0a:05:
ad:ed:6a:5b
-----BEGIN CERTIFICATE-----
MIIFijCCBHKgAwIBAgIDAcBnMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjYwMzIzMDc0NDQwWhcNMjYwNDI5MDc0NDQwWjAYMRYw
FAYDVQQDEw02OWMwZWY2ZC1lM2NlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA1ychC3jR4RWJkjUMVJN7cvTz0psB/fq93H8RZ4C0FpDM+Y66rB+i60YG
+TcKDfuj/cygJ0UzwzHgQ+xmdJtIpwMyQVP+lSBDKCB1dDzu4eve5hpI4pmCMbe6
jTMW5HtJtwsHW/QNWb0SZmw4kblMXP8j2WSqqF2Ie9tCRPQwldxSzk2YhtVzBze6
AfwG+kLglP4fZQJkCbSIZQsu2kl90hIRZh5WRTDjvNBd05XCgxpRWxnWCInKvvIz
Y7COxAMwNFg/fuLHBb/5bLGHBiLMfN/HtnOUpTNCZKbD4w+QznLznPN9RY1IiWfm
nSquGCz7wK0PlelFvNGy5zvcQn/bCwIDAQABo4ICqzCCAqcwHQYDVR0OBBYEFDID
xKF4PWEukO1bcApmXE1jCRiaMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8yOTE1MUI4ODI2OEMxMUYxQjU0N0VEOEZEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDmsL4AwQCmsYoMA0GCSqG
SIb3DQEBCwUAA4IBAQCE4NWCZG9WlHA+QtjV06N1W3CR0fztGxU3W9j6JpMkPtjP
qGxCwcHh0TlvyYvXhSDyNGudzVkXAyHmCuR/qRXPSYw7f9sfEya6ueMomSwge6JG
hfMjP0O6Yjv5sxQhGWIOulHSs88De4+gV5ahZs1nNgiIIfHaebGqG74IhDJtOmfQ
V6FLTO1qQN4iamcAV6DrHVud42+EJH/kiwcTTCHnz2zk1jUISjDkaLsD0QZN+Tgk
CuXFrIxqGDSinXo5hFD3DdCK++U1AicPGuJGPQKA1roLRHGAjLootHsl36uQUrsf
keswYzGMUylpNrG9oxR4BYT2pQKuDfp/CgWt7Wpb
-----END CERTIFICATE-----
Generated at Tue Mar 24 16:20:34 2026 by rpki-client