Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/2A22E9E2195811F18AB0FBCEDAE4EC9C.roa
File: 2A22E9E2195811F18AB0FBCEDAE4EC9C.roa (raw, json)
Hash identifier: Cuiw9pxfGd/6zaKMeF0RQFFU1ILzK84bzIpVx9yyxI8=
Subject key identifier: 1D:AA:FA:8A:92:16:74:EF:A9:AD:C8:0E:92:C1:CB:E2:CF:20:6E:73
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01BE0F
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/2A22E9E2195811F18AB0FBCEDAE4EC9C.roa
Signing time: Fri 06 Mar 2026 12:29:48 +0000
ROA not before: Fri 06 Mar 2026 12:29:43 +0000
ROA not after: Sun 12 Apr 2026 12:29:43 +0000
asID: 328608
IP address blocks: 154.88.0.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 20 Mar 2026 00:06:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 114191 (0x1be0f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Mar 6 12:29:43 2026 GMT
Not After : Apr 12 12:29:43 2026 GMT
Subject: CN=69aac8bc-d403
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:72:0d:82:c5:56:69:c4:78:dc:69:73:a6:9f:
cf:37:91:7f:f7:6a:3b:bf:67:d8:fe:59:71:a8:9b:
8e:a6:7d:18:a6:c9:c8:74:d0:78:d3:5e:fe:6e:4c:
3d:b2:7c:7d:f0:8f:b9:1a:90:64:64:4c:8d:c2:c6:
a6:cc:63:f4:b4:9f:86:97:f0:fa:a1:cc:88:ee:17:
43:57:72:d8:ac:6c:f3:0a:6b:f3:61:eb:72:12:36:
93:fb:38:0e:c3:18:d3:a6:74:20:46:bb:3b:27:d8:
21:7c:58:12:5c:30:7b:f6:fd:de:aa:8e:86:f8:10:
0f:e4:73:3c:94:7f:40:57:f9:54:3e:50:3e:fa:83:
27:d3:8c:35:b8:a5:81:3c:03:85:74:2f:bb:67:a4:
75:18:57:92:7b:14:bd:e0:82:56:c3:f0:5e:a7:ba:
ce:ae:40:8e:cf:9f:c4:d0:0b:8f:33:61:7f:4f:52:
4d:1f:25:08:df:cc:14:44:e7:cb:6b:79:01:8b:5d:
73:60:cd:e9:62:8f:a5:91:ac:56:11:9f:3c:ea:d0:
bf:f8:93:c4:b6:6e:87:87:ae:d7:62:9d:ad:59:7e:
b2:66:15:d7:04:a7:9b:d5:f5:64:0c:5e:b1:c8:e4:
37:93:5c:80:3d:6e:4b:2e:9a:11:aa:46:e4:dc:18:
93:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:AA:FA:8A:92:16:74:EF:A9:AD:C8:0E:92:C1:CB:E2:CF:20:6E:73
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/2A22E9E2195811F18AB0FBCEDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.88.0.0/23
Signature Algorithm: sha256WithRSAEncryption
69:48:24:23:84:84:70:1c:e2:52:c4:cb:fb:c4:2f:ab:b5:bf:
15:a6:fc:d1:13:5b:d1:c2:61:d4:f9:2e:60:d6:d9:cc:88:f4:
c7:0b:0f:60:b5:15:21:ac:d1:9a:07:79:1c:b3:b9:a8:39:60:
7e:7e:8b:ec:82:3e:1d:32:87:9e:96:ff:8c:b2:b9:bc:b8:ee:
fa:9a:58:2c:14:c3:d0:fb:d2:1c:45:64:78:df:17:63:00:1e:
02:63:57:6f:64:08:af:d8:b7:a5:dc:27:24:d0:49:5d:25:2b:
58:56:8d:63:aa:47:8c:fb:6f:36:25:a5:f3:65:99:29:60:e5:
db:0a:e9:01:07:20:14:55:63:ae:60:fd:c0:6f:c4:cb:07:36:
d5:70:7a:98:d4:32:7f:a0:1e:8e:c3:c6:e4:bf:2a:32:56:f5:
f9:08:aa:d2:72:d7:5d:39:2f:29:68:43:1b:d6:2c:43:7a:08:
21:90:14:76:6e:93:c8:94:1f:e9:75:77:90:11:2d:60:96:bc:
2e:c2:96:f6:20:84:d9:ca:d0:45:86:0f:b2:80:d9:e6:58:97:
ee:0b:b2:27:db:e0:2b:b4:0a:79:b3:2e:5a:81:79:63:65:57:
ad:c6:cb:d3:78:fc:84:3c:aa:01:14:c2:93:71:cb:53:4a:fd:
a1:01:f7:c2
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAb4PMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjYwMzA2MTIyOTQzWhcNMjYwNDEyMTIyOTQzWjAYMRYw
FAYDVQQDEw02OWFhYzhiYy1kNDAzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAzHINgsVWacR43Glzpp/PN5F/92o7v2fY/llxqJuOpn0YpsnIdNB4017+
bkw9snx98I+5GpBkZEyNwsamzGP0tJ+Gl/D6ocyI7hdDV3LYrGzzCmvzYetyEjaT
+zgOwxjTpnQgRrs7J9ghfFgSXDB79v3eqo6G+BAP5HM8lH9AV/lUPlA++oMn04w1
uKWBPAOFdC+7Z6R1GFeSexS94IJWw/Bep7rOrkCOz5/E0AuPM2F/T1JNHyUI38wU
ROfLa3kBi11zYM3pYo+lkaxWEZ886tC/+JPEtm6Hh67XYp2tWX6yZhXXBKeb1fVk
DF6xyOQ3k1yAPW5LLpoRqkbk3BiTaQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFB2q
+oqSFnTvqa3IDpLBy+LPIG5zMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8yQTIyRTlFMjE5NTgxMUYxOEFCMEZCQ0VEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBmlgAMA0GCSqGSIb3DQEB
CwUAA4IBAQBpSCQjhIRwHOJSxMv7xC+rtb8VpvzRE1vRwmHU+S5g1tnMiPTHCw9g
tRUhrNGaB3kcs7moOWB+fovsgj4dMoeelv+Msrm8uO76mlgsFMPQ+9IcRWR43xdj
AB4CY1dvZAiv2Lel3Cck0EldJStYVo1jqkeM+282JaXzZZkpYOXbCukBByAUVWOu
YP3Ab8TLBzbVcHqY1DJ/oB6Ow8bkvyoyVvX5CKrSctddOS8paEMb1ixDegghkBR2
bpPIlB/pdXeQES1glrwuwpb2IITZytBFhg+ygNnmWJfuC7In2+ArtAp5sy5agXlj
ZVetxsvTePyEPKoBFMKTcctTSv2hAffC
-----END CERTIFICATE-----
Generated at Wed Mar 18 06:52:06 2026 by rpki-client