Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/2FA163A03E9511F1ACC5D0C2CE1D38B0.roa
File: 2FA163A03E9511F1ACC5D0C2CE1D38B0.roa (raw, json)
Hash identifier: YDYLHRAdabVOKyqHgZREFtFCVOn3up726TiqnWey5bk=
Subject key identifier: 54:E5:9B:E3:42:E8:44:0C:19:FE:13:ED:4B:C5:D6:80:93:C0:B7:87
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01C6AC
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/2FA163A03E9511F1ACC5D0C2CE1D38B0.roa
Signing time: Wed 22 Apr 2026 21:49:50 +0000
ROA not before: Wed 22 Apr 2026 21:49:45 +0000
ROA not after: Fri 29 May 2026 21:49:45 +0000
asID: 63099
IP address blocks: 154.222.84.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 08 May 2026 00:07:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 116396 (0x1c6ac)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Apr 22 21:49:45 2026 GMT
Not After : May 29 21:49:45 2026 GMT
Subject: CN=69e9427e-4a29
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:82:39:13:72:e7:51:1f:48:3b:8e:1b:13:42:
a4:70:80:f6:48:8c:fc:41:d3:a0:de:b6:67:9e:b4:
e1:34:22:81:0a:9e:d9:f1:6a:3f:da:d1:95:5f:23:
f7:88:a5:b0:a6:52:00:f3:7a:9b:00:d0:e9:86:ef:
cc:21:44:2c:9a:bc:08:26:94:ec:40:28:d8:b2:be:
2f:37:42:57:af:be:90:d1:5d:2d:a6:68:24:8f:de:
a8:ec:7d:26:d9:37:cd:7f:66:f5:6a:6e:cc:bb:8b:
50:eb:5e:9a:f3:93:33:1c:30:54:42:4c:7b:e2:24:
f1:93:8b:a1:a4:a6:74:b6:55:94:b1:75:31:52:d7:
39:bb:30:02:dd:9f:5a:3a:8d:d9:b0:96:2f:1a:68:
80:64:62:15:84:0b:b9:5f:6d:37:fd:3e:9c:43:6c:
64:00:34:00:6d:bd:8e:48:fa:32:51:60:44:bb:86:
31:65:24:be:99:d1:01:09:33:21:a0:80:fa:48:c1:
65:34:cc:64:b6:df:82:7e:4a:0a:be:bf:ca:b6:0b:
bc:7a:e1:b7:df:6f:b6:a3:a8:30:56:ce:5e:b2:3d:
f0:83:5d:5f:9e:6b:15:25:32:99:67:2c:c6:61:ec:
36:d5:c8:88:48:b8:49:10:3c:bb:98:3e:bf:c3:e0:
d2:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:E5:9B:E3:42:E8:44:0C:19:FE:13:ED:4B:C5:D6:80:93:C0:B7:87
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/2FA163A03E9511F1ACC5D0C2CE1D38B0.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.222.84.0/23
Signature Algorithm: sha256WithRSAEncryption
92:88:98:7c:ed:a2:6a:39:de:54:90:47:49:07:6f:db:d1:8f:
61:e3:76:16:17:e7:0d:c0:d3:c1:34:13:74:8e:ae:98:56:92:
51:24:19:21:6f:e4:6b:65:8d:76:fd:10:a0:88:40:3e:83:33:
6f:70:68:2e:29:75:c2:fe:8e:a4:21:54:91:88:8b:a9:ea:2f:
79:f6:d2:94:45:29:01:81:81:78:d4:75:11:42:96:e6:a2:1b:
66:6b:29:63:1a:8c:4d:5c:f3:b9:6b:0d:3a:ae:ad:63:39:89:
29:41:8a:8d:e1:e4:71:ab:a5:ab:40:b4:ef:6a:08:fa:b5:8b:
0e:70:8e:8e:88:ec:86:dd:bd:5e:2e:fb:b4:b8:d4:5a:74:69:
7b:33:a2:b5:29:c7:0e:4f:14:80:25:ac:43:6f:3a:b3:93:66:
e7:72:eb:6e:68:17:07:6b:4a:51:99:fc:03:33:8a:b9:45:e5:
7e:0c:03:6d:4e:42:43:5e:dd:2c:19:45:15:d2:77:f1:73:00:
bd:f6:66:e0:d4:cb:84:07:fb:82:6b:a7:61:6a:0d:79:a4:c6:
68:69:74:ea:e5:87:e3:74:ac:ea:20:7b:b4:21:55:cd:78:55:
63:37:32:d9:d7:4b:a6:15:c7:14:9d:36:a7:f1:91:2a:b1:f8:
f8:da:e5:8e
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAcasMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjYwNDIyMjE0OTQ1WhcNMjYwNTI5MjE0OTQ1WjAYMRYw
FAYDVQQDEw02OWU5NDI3ZS00YTI5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA0oI5E3LnUR9IO44bE0KkcID2SIz8QdOg3rZnnrThNCKBCp7Z8Wo/2tGV
XyP3iKWwplIA83qbANDphu/MIUQsmrwIJpTsQCjYsr4vN0JXr76Q0V0tpmgkj96o
7H0m2TfNf2b1am7Mu4tQ616a85MzHDBUQkx74iTxk4uhpKZ0tlWUsXUxUtc5uzAC
3Z9aOo3ZsJYvGmiAZGIVhAu5X203/T6cQ2xkADQAbb2OSPoyUWBEu4YxZSS+mdEB
CTMhoID6SMFlNMxktt+CfkoKvr/Ktgu8euG332+2o6gwVs5esj3wg11fnmsVJTKZ
ZyzGYew21ciISLhJEDy7mD6/w+DSQwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFFTl
m+NC6EQMGf4T7UvF1oCTwLeHMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8yRkExNjNBMDNFOTUxMUYxQUNDNUQwQzJDRTFEMzhCMC5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBmt5UMA0GCSqGSIb3DQEB
CwUAA4IBAQCSiJh87aJqOd5UkEdJB2/b0Y9h43YWF+cNwNPBNBN0jq6YVpJRJBkh
b+RrZY12/RCgiEA+gzNvcGguKXXC/o6kIVSRiIup6i959tKURSkBgYF41HURQpbm
ohtmayljGoxNXPO5aw06rq1jOYkpQYqN4eRxq6WrQLTvagj6tYsOcI6OiOyG3b1e
Lvu0uNRadGl7M6K1KccOTxSAJaxDbzqzk2bncutuaBcHa0pRmfwDM4q5ReV+DANt
TkJDXt0sGUUV0nfxcwC99mbg1MuEB/uCa6dhag15pMZoaXTq5YfjdKzqIHu0IVXN
eFVjNzLZ10umFccUnTan8ZEqsfj42uWO
-----END CERTIFICATE-----
Generated at Wed May 6 09:06:09 2026 by rpki-client