Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/36B5230618B711F184BCEEE9DAE4EC9C.roa
File: 36B5230618B711F184BCEEE9DAE4EC9C.roa (raw, json)
Hash identifier: ayjq7NqKNwGeun+The44F1Q6xt1eW6tP3QlS7/eN214=
Subject key identifier: FD:CC:65:40:D3:07:D5:9F:B7:EC:0F:83:FB:6C:F8:7A:B4:96:86:1A
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01BDD3
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/36B5230618B711F184BCEEE9DAE4EC9C.roa
Signing time: Thu 05 Mar 2026 17:17:40 +0000
ROA not before: Thu 05 Mar 2026 17:17:36 +0000
ROA not after: Thu 09 Apr 2026 17:17:36 +0000
asID: 141883
IP address blocks: 154.204.0.0/24 maxlen: 24
154.208.12.0/22 maxlen: 24
154.208.16.0/20 maxlen: 24
154.212.128.0/24 maxlen: 24
154.215.0.0/24 maxlen: 24
154.218.0.0/24 maxlen: 24
154.221.0.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Thu 26 Mar 2026 08:06:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 114131 (0x1bdd3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Mar 5 17:17:36 2026 GMT
Not After : Apr 9 17:17:36 2026 GMT
Subject: CN=69a9bab4-a04c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:ad:f2:78:53:0f:36:c8:dd:f3:ac:a5:b7:5e:
f2:45:94:95:3d:ad:20:ef:48:18:d7:52:46:18:bb:
2f:cf:3d:37:ab:07:97:ce:0d:37:32:bf:6c:7f:e8:
e4:dd:73:4b:cf:8c:92:ed:84:ae:dc:d1:e4:cb:af:
d2:47:e3:43:51:0a:99:71:dd:4a:72:a2:7e:08:ae:
cd:99:fd:09:77:16:02:97:df:15:bf:9a:33:ab:ee:
83:3a:d0:0c:99:33:6f:bc:c6:7d:62:b6:ea:8e:09:
3b:25:fe:6c:de:00:40:38:a4:01:8b:11:1d:78:29:
b5:3e:4c:63:a8:76:24:da:d8:0f:92:9a:8b:c1:74:
6c:90:7f:3d:5a:4d:b2:a7:fc:d7:1a:b7:a6:f3:f2:
9b:ad:69:60:19:9e:45:a1:a4:97:d1:62:d2:3c:0c:
ec:6f:14:b8:b5:a7:10:f8:74:45:83:ed:a0:8f:e9:
d5:de:c8:f9:05:d2:c0:bb:ae:ca:8e:06:d4:e7:2e:
a1:25:97:9a:b5:d3:12:e1:10:04:20:85:9a:d8:29:
2b:a3:99:8e:92:6c:48:21:c8:39:5b:91:ce:e7:4b:
51:21:c5:f8:61:79:74:98:b7:b7:79:cf:4a:fb:ee:
3e:05:11:43:ae:b6:35:ee:db:b8:9d:1c:f5:da:fc:
29:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:CC:65:40:D3:07:D5:9F:B7:EC:0F:83:FB:6C:F8:7A:B4:96:86:1A
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/36B5230618B711F184BCEEE9DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.204.0.0/24
154.208.12.0-154.208.31.255
154.212.128.0/24
154.215.0.0/24
154.218.0.0/24
154.221.0.0/24
Signature Algorithm: sha256WithRSAEncryption
a9:c0:d4:66:36:46:54:8f:c2:cd:62:02:fd:46:a0:12:48:06:
d3:19:2f:df:6f:2f:61:b0:ec:8e:75:76:42:57:f4:dd:b2:87:
db:2a:9e:11:5a:9d:34:90:d2:1d:d0:cf:18:96:11:f1:1e:aa:
dc:d4:d9:70:8d:2a:a3:73:06:ae:83:7e:32:81:0d:b8:05:56:
f7:c5:14:86:42:12:e9:91:3a:46:0d:62:90:82:29:63:2a:be:
48:9e:15:87:db:e7:bb:5f:36:33:1d:52:8f:60:91:f0:b4:39:
e0:30:51:0b:ab:36:33:24:0a:73:24:c0:41:c4:9a:14:78:49:
7e:b1:0b:10:68:80:6b:b6:a1:33:8a:cb:0c:d3:ea:5d:70:2c:
0c:8a:d2:1a:ec:78:bd:25:7f:67:f6:b6:bb:74:e5:f6:c9:e7:
7f:48:4a:93:13:a8:2c:3f:20:43:e1:46:44:7b:02:81:73:94:
71:aa:e3:64:87:e7:de:f9:55:a3:3d:68:45:a8:3f:5d:56:da:
e7:9e:da:88:95:1a:bb:86:9d:b5:7d:11:34:66:ca:73:0d:a3:
b3:c1:39:5a:9d:b1:b6:b3:ed:ad:c8:df:af:04:9f:6c:e5:b5:
20:3a:32:b6:3a:bb:23:28:72:1f:36:a8:9e:9f:86:1d:60:f0:
18:a3:13:7e
-----BEGIN CERTIFICATE-----
MIIFqjCCBJKgAwIBAgIDAb3TMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjYwMzA1MTcxNzM2WhcNMjYwNDA5MTcxNzM2WjAYMRYw
FAYDVQQDEw02OWE5YmFiNC1hMDRjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAwK3yeFMPNsjd86ylt17yRZSVPa0g70gY11JGGLsvzz03qweXzg03Mr9s
f+jk3XNLz4yS7YSu3NHky6/SR+NDUQqZcd1KcqJ+CK7Nmf0JdxYCl98Vv5ozq+6D
OtAMmTNvvMZ9Yrbqjgk7Jf5s3gBAOKQBixEdeCm1PkxjqHYk2tgPkpqLwXRskH89
Wk2yp/zXGrem8/KbrWlgGZ5FoaSX0WLSPAzsbxS4tacQ+HRFg+2gj+nV3sj5BdLA
u67KjgbU5y6hJZeatdMS4RAEIIWa2Ckro5mOkmxIIcg5W5HO50tRIcX4YXl0mLe3
ec9K++4+BRFDrrY17tu4nRz12vwp8wIDAQABo4ICyzCCAscwHQYDVR0OBBYEFP3M
ZUDTB9Wft+wPg/ts+Hq0loYaMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8zNkI1MjMwNjE4QjcxMUYxODRCQ0VFRTlEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMEUGCCsGAQUFBwEHAQH/BDYwNDAyBAIAATAsAwQAmswAMAwDBAKa0AwDBAWa
0AADBACa1IADBACa1wADBACa2gADBACa3QAwDQYJKoZIhvcNAQELBQADggEBAKnA
1GY2RlSPws1iAv1GoBJIBtMZL99vL2Gw7I51dkJX9N2yh9sqnhFanTSQ0h3QzxiW
EfEeqtzU2XCNKqNzBq6DfjKBDbgFVvfFFIZCEumROkYNYpCCKWMqvkieFYfb57tf
NjMdUo9gkfC0OeAwUQurNjMkCnMkwEHEmhR4SX6xCxBogGu2oTOKywzT6l1wLAyK
0hrseL0lf2f2trt05fbJ539ISpMTqCw/IEPhRkR7AoFzlHGq42SH5975VaM9aEWo
P11W2uee2oiVGruGnbV9ETRmynMNo7PBOVqdsbaz7a3I368En2zltSA6MrY6uyMo
ch82qJ6fhh1g8BijE34=
-----END CERTIFICATE-----
Generated at Tue Mar 24 16:13:51 2026 by rpki-client