Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/2FAAE83C254311F197182B86DAE4EC9C.roa
File: 2FAAE83C254311F197182B86DAE4EC9C.roa (raw, json)
Hash identifier: LYTQwsxyg0CayguBT7ZfEig1QiOj9K8opWgrunHB0h0=
Subject key identifier: 27:D8:38:D4:A9:7A:12:7E:49:A4:12:F8:B3:33:48:8A:B6:87:9D:E2
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01C04B
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/2FAAE83C254311F197182B86DAE4EC9C.roa
Signing time: Sat 21 Mar 2026 16:29:52 +0000
ROA not before: Sat 21 Mar 2026 16:29:47 +0000
ROA not after: Tue 28 Apr 2026 16:29:47 +0000
asID: 48031
IP address blocks: 154.92.12.0/24 maxlen: 24
154.92.13.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Thu 26 Mar 2026 08:06:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 114763 (0x1c04b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Mar 21 16:29:47 2026 GMT
Not After : Apr 28 16:29:47 2026 GMT
Subject: CN=69bec780-2731
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:ce:0e:e7:73:2f:48:9e:93:b9:1f:19:4b:c0:
78:4e:b6:c1:e1:48:cf:b2:a4:29:fb:99:f5:75:da:
2a:a0:26:90:5d:38:41:19:c2:df:8f:3a:f3:a3:d9:
ec:4b:43:1d:79:d3:b5:80:30:c3:1e:8b:1c:70:2e:
79:0c:63:a8:7a:0a:e5:5e:00:00:e8:e0:b4:b0:70:
0e:7c:37:fa:d9:e8:0b:43:39:9b:a5:ec:11:19:f8:
b8:fb:95:7c:c1:27:2a:6e:b5:04:5a:37:bb:ca:63:
d4:3d:7e:37:4e:09:c8:11:b0:8b:23:e8:fc:5f:1f:
0f:a3:a6:3e:2f:9b:63:9f:28:a9:0b:d0:38:0e:94:
84:5f:81:05:d6:36:b3:7a:e2:10:a2:1d:62:5b:14:
d6:74:59:5c:01:79:0c:a7:68:64:3a:86:95:08:96:
64:04:2a:c0:fb:e9:da:7f:9f:b4:dc:43:fd:cb:ed:
56:87:98:f1:a5:38:6a:81:99:82:7c:c3:38:8c:68:
ad:5a:53:91:9b:a5:be:97:34:53:28:e4:6d:14:78:
61:d5:bc:2f:8b:4a:36:0e:9e:08:d4:ef:65:ea:f9:
40:cd:a4:b9:e8:56:1e:74:d5:f0:4d:35:4a:23:c0:
29:2b:d2:79:f6:c7:c5:b5:39:16:d7:26:73:02:f4:
08:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:D8:38:D4:A9:7A:12:7E:49:A4:12:F8:B3:33:48:8A:B6:87:9D:E2
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/2FAAE83C254311F197182B86DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.92.12.0/23
Signature Algorithm: sha256WithRSAEncryption
4a:0c:db:df:a4:c4:e7:f5:86:38:07:7f:ea:ce:01:47:a4:63:
79:5d:03:85:4e:cd:7b:98:a2:bc:e0:fc:37:09:6e:e8:66:8c:
aa:ba:c2:0d:71:ae:16:14:53:04:52:fc:f8:c8:29:5f:61:89:
87:14:e4:db:30:bf:4a:c0:06:86:2d:86:1a:c3:b4:ad:6f:62:
19:71:46:47:d6:d2:38:8c:b2:f1:fe:3e:10:f2:5c:92:2f:b7:
30:5c:66:9b:32:d2:58:2b:36:71:88:6d:7c:ab:29:1b:a4:d9:
0a:4e:c4:ef:7d:df:b3:cb:1d:1e:cf:e0:c4:33:b3:c1:b2:a6:
af:f3:0c:c6:56:51:f9:46:15:1a:3a:65:2f:4a:e0:91:2c:29:
df:08:a0:7f:23:9b:e5:c0:c2:f0:ba:94:63:a6:78:a0:6c:89:
ac:73:eb:75:e3:7b:77:5d:eb:4c:e1:8f:c6:76:c0:22:3e:f7:
5a:3f:d8:de:b3:af:53:4c:14:35:ab:81:4f:bb:40:b0:b4:e9:
1f:38:54:25:8d:89:c7:34:a6:26:4e:0a:d8:34:2c:c1:f3:f6:
18:96:84:3b:25:4a:cb:cf:ab:ba:d7:94:31:43:00:a0:54:85:
12:94:7d:34:f4:0c:ed:ef:b0:23:1e:a8:91:f8:d0:fe:68:6a:
61:c6:86:58
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAcBLMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjYwMzIxMTYyOTQ3WhcNMjYwNDI4MTYyOTQ3WjAYMRYw
FAYDVQQDEw02OWJlYzc4MC0yNzMxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAtc4O53MvSJ6TuR8ZS8B4TrbB4UjPsqQp+5n1ddoqoCaQXThBGcLfjzrz
o9nsS0MdedO1gDDDHosccC55DGOoegrlXgAA6OC0sHAOfDf62egLQzmbpewRGfi4
+5V8wScqbrUEWje7ymPUPX43TgnIEbCLI+j8Xx8Po6Y+L5tjnyipC9A4DpSEX4EF
1jazeuIQoh1iWxTWdFlcAXkMp2hkOoaVCJZkBCrA++naf5+03EP9y+1Wh5jxpThq
gZmCfMM4jGitWlORm6W+lzRTKORtFHhh1bwvi0o2Dp4I1O9l6vlAzaS56FYedNXw
TTVKI8ApK9J59sfFtTkW1yZzAvQIpwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFCfY
ONSpehJ+SaQS+LMzSIq2h53iMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8yRkFBRTgzQzI1NDMxMUYxOTcxODJCODZEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBmlwMMA0GCSqGSIb3DQEB
CwUAA4IBAQBKDNvfpMTn9YY4B3/qzgFHpGN5XQOFTs17mKK84Pw3CW7oZoyqusIN
ca4WFFMEUvz4yClfYYmHFOTbML9KwAaGLYYaw7Stb2IZcUZH1tI4jLLx/j4Q8lyS
L7cwXGabMtJYKzZxiG18qykbpNkKTsTvfd+zyx0ez+DEM7PBsqav8wzGVlH5RhUa
OmUvSuCRLCnfCKB/I5vlwMLwupRjpnigbImsc+t143t3XetM4Y/GdsAiPvdaP9je
s69TTBQ1q4FPu0CwtOkfOFQljYnHNKYmTgrYNCzB8/YYloQ7JUrLz6u615QxQwCg
VIUSlH009Azt77AjHqiR+ND+aGphxoZY
-----END CERTIFICATE-----
Generated at Tue Mar 24 16:19:12 2026 by rpki-client