Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/3AEBF2CA236A11F1ADDAADCFDAE4EC9C.roa
File: 3AEBF2CA236A11F1ADDAADCFDAE4EC9C.roa (raw, json)
Hash identifier: G527jJmWp9XW/uUPmQqS6S12eJxHnEj2lFeK1PcOh/4=
Subject key identifier: C1:16:7E:19:52:67:38:E7:94:9C:DC:91:0A:2D:11:9E:75:93:48:DA
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01BFBB
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/3AEBF2CA236A11F1ADDAADCFDAE4EC9C.roa
Signing time: Thu 19 Mar 2026 08:04:19 +0000
ROA not before: Thu 19 Mar 2026 08:04:13 +0000
ROA not after: Sat 28 Mar 2026 08:04:13 +0000
asID: 153671
IP address blocks: 154.196.170.0/23 maxlen: 24
154.196.248.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Thu 26 Mar 2026 08:06:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 114619 (0x1bfbb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Mar 19 08:04:13 2026 GMT
Not After : Mar 28 08:04:13 2026 GMT
Subject: CN=69bbae03-afce
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:0b:a2:3b:69:e8:0a:81:af:c4:d4:66:84:9e:
0b:cd:60:4d:91:ce:23:f2:65:6f:49:ce:9f:33:08:
66:b3:46:14:9b:cf:ad:10:b7:ed:8d:ad:5d:cb:dd:
76:ca:d7:7e:36:be:18:4a:06:4a:ff:9b:97:3e:a8:
38:ad:8e:96:07:8b:70:78:56:90:c8:b8:9d:b2:52:
82:c8:b6:78:e8:21:80:4d:77:d1:09:49:94:c2:03:
05:a1:2f:a5:6d:34:74:c7:92:14:f5:64:d0:1e:3e:
77:84:35:15:91:99:da:ad:1f:3f:9b:0b:58:fe:c9:
93:9d:b9:ec:8f:ac:a5:35:e6:05:05:75:11:dd:5d:
c5:4a:fa:d9:1c:37:d9:d2:36:2d:af:25:8b:f2:69:
c3:7d:6c:20:02:38:d9:b0:21:8f:ba:fa:d6:04:44:
08:6f:66:1a:de:b3:ea:81:24:0b:2a:32:e3:04:ea:
91:98:97:75:2b:81:05:67:18:59:33:05:49:79:d0:
f9:34:50:f8:f1:74:60:9f:0b:ee:cd:df:61:6c:d6:
7e:70:5a:e3:af:f6:92:66:fd:8f:55:b4:b1:85:65:
d5:08:b6:5f:d1:11:c5:b6:77:7f:69:1d:00:ba:ec:
92:e9:7c:02:b5:d5:78:e0:72:be:1e:08:c0:8f:10:
a6:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:16:7E:19:52:67:38:E7:94:9C:DC:91:0A:2D:11:9E:75:93:48:DA
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/3AEBF2CA236A11F1ADDAADCFDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.196.170.0/23
154.196.248.0/22
Signature Algorithm: sha256WithRSAEncryption
4d:00:5d:a0:c7:b1:b2:d3:91:13:cf:5b:9b:88:7f:38:b0:5d:
f8:23:74:08:b2:ea:b8:5a:3a:e0:5d:ad:17:51:ae:e8:6a:25:
9d:27:25:86:53:3d:58:32:6b:16:84:bd:3a:de:c3:55:6d:2e:
65:82:83:d3:35:fb:a7:4d:71:78:a2:08:39:c6:0b:4a:84:0d:
e7:ac:1b:b7:6a:a1:3d:d4:50:46:b2:69:3c:11:c0:7c:25:d0:
d0:e7:b7:61:f3:68:55:84:bd:0b:f2:1e:61:40:68:f5:31:52:
ba:d9:8c:6e:74:4d:fa:9c:32:7c:0c:5f:6c:10:c0:3b:97:5a:
92:84:37:9a:cd:ac:13:3b:d1:b8:ca:2e:5d:93:90:63:31:e6:
33:92:ad:df:2b:65:29:e0:21:25:62:90:36:26:67:6c:2e:86:
4f:c3:4a:d0:3b:92:b8:5c:e0:25:1f:e9:61:a9:2c:85:f4:d5:
16:f4:91:ca:7b:89:4e:e7:fe:51:1f:97:5e:9a:c5:5c:81:c3:
58:a0:e8:d4:dd:dd:33:c6:14:f5:d5:6c:cc:9e:22:9f:ef:23:
40:17:f3:80:29:17:16:d7:2d:4c:e1:71:8d:63:82:5f:eb:15:
42:c3:85:5d:79:b6:20:87:b0:de:aa:78:0a:67:c9:0b:8c:1d:
4d:5a:3f:d3
-----BEGIN CERTIFICATE-----
MIIFijCCBHKgAwIBAgIDAb+7MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjYwMzE5MDgwNDEzWhcNMjYwMzI4MDgwNDEzWjAYMRYw
FAYDVQQDEw02OWJiYWUwMy1hZmNlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAuguiO2noCoGvxNRmhJ4LzWBNkc4j8mVvSc6fMwhms0YUm8+tELftja1d
y912ytd+Nr4YSgZK/5uXPqg4rY6WB4tweFaQyLidslKCyLZ46CGATXfRCUmUwgMF
oS+lbTR0x5IU9WTQHj53hDUVkZnarR8/mwtY/smTnbnsj6ylNeYFBXUR3V3FSvrZ
HDfZ0jYtryWL8mnDfWwgAjjZsCGPuvrWBEQIb2Ya3rPqgSQLKjLjBOqRmJd1K4EF
ZxhZMwVJedD5NFD48XRgnwvuzd9hbNZ+cFrjr/aSZv2PVbSxhWXVCLZf0RHFtnd/
aR0AuuyS6XwCtdV44HK+HgjAjxCmHwIDAQABo4ICqzCCAqcwHQYDVR0OBBYEFMEW
fhlSZzjnlJzckQotEZ51k0jaMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8zQUVCRjJDQTIzNkExMUYxQUREQUFEQ0ZEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBmsSqAwQCmsT4MA0GCSqG
SIb3DQEBCwUAA4IBAQBNAF2gx7Gy05ETz1ubiH84sF34I3QIsuq4WjrgXa0XUa7o
aiWdJyWGUz1YMmsWhL063sNVbS5lgoPTNfunTXF4ogg5xgtKhA3nrBu3aqE91FBG
smk8EcB8JdDQ57dh82hVhL0L8h5hQGj1MVK62YxudE36nDJ8DF9sEMA7l1qShDea
zawTO9G4yi5dk5BjMeYzkq3fK2Up4CElYpA2JmdsLoZPw0rQO5K4XOAlH+lhqSyF
9NUW9JHKe4lO5/5RH5demsVcgcNYoOjU3d0zxhT11WzMniKf7yNAF/OAKRcW1y1M
4XGNY4Jf6xVCw4VdebYgh7DeqngKZ8kLjB1NWj/T
-----END CERTIFICATE-----
Generated at Tue Mar 24 16:13:52 2026 by rpki-client