Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/3B136F5A1E4F11F194DAFE79DAE4EC9C.roa
File: 3B136F5A1E4F11F194DAFE79DAE4EC9C.roa (raw, json)
Hash identifier: jc2OSdlMEJkuJ+zWfEaE9QplsM7GN24uaH0HwFhsN58=
Subject key identifier: FD:3F:85:E5:F0:08:07:8F:A4:68:8D:CB:E6:4F:24:2B:9F:87:74:38
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01BF30
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/3B136F5A1E4F11F194DAFE79DAE4EC9C.roa
Signing time: Thu 12 Mar 2026 20:08:27 +0000
ROA not before: Thu 12 Mar 2026 20:08:22 +0000
ROA not after: Thu 16 Apr 2026 20:08:22 +0000
asID: 22773
IP address blocks: 154.198.20.0/24 maxlen: 24
154.198.21.0/24 maxlen: 24
154.198.22.0/24 maxlen: 24
154.198.23.0/24 maxlen: 24
154.198.24.0/24 maxlen: 24
154.198.25.0/24 maxlen: 24
154.198.26.0/24 maxlen: 24
154.198.27.0/24 maxlen: 24
154.198.28.0/24 maxlen: 24
154.202.111.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Thu 26 Mar 2026 08:06:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 114480 (0x1bf30)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Mar 12 20:08:22 2026 GMT
Not After : Apr 16 20:08:22 2026 GMT
Subject: CN=69b31d3b-b42a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:b1:0b:fa:7c:92:e6:67:ae:8d:1f:fd:25:b5:
b9:2c:8c:05:17:96:49:94:56:1e:a8:90:6a:fe:aa:
a1:ed:69:0c:16:fa:e0:42:aa:b1:13:11:77:be:26:
67:d4:3f:ba:de:16:62:b0:08:d4:3e:f3:95:82:8a:
87:c8:a7:b8:a0:44:c0:cf:cc:c3:53:eb:b8:f7:79:
85:1b:29:62:43:cd:8f:51:04:9b:1c:ce:a5:a9:0c:
97:26:b7:13:63:2e:68:e1:81:11:28:07:53:b8:9a:
87:97:5b:38:93:68:82:4b:06:d3:6b:9b:57:9b:3a:
a6:e8:89:77:24:23:cc:5c:c1:2c:85:6e:0a:58:19:
d1:d3:9f:42:c2:b5:28:ae:14:e8:b7:fd:24:7e:8c:
d7:73:77:f7:dc:1b:9c:36:f9:b6:da:34:3e:7f:ab:
08:c1:10:b3:1d:44:a9:f1:16:66:6d:1f:1d:09:65:
97:ba:c8:39:2e:2b:a8:d0:e7:ce:1c:b5:3e:e3:98:
04:54:b2:7a:5e:c6:7c:15:bf:af:14:d7:f3:8a:5d:
98:ba:b3:fa:b8:a0:e6:61:d3:ee:21:48:24:0c:34:
b7:64:96:f7:50:66:8a:7b:fe:e8:a3:b9:ce:8d:b5:
6a:36:2e:31:9c:1f:74:23:df:39:b9:65:00:9f:09:
cd:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:3F:85:E5:F0:08:07:8F:A4:68:8D:CB:E6:4F:24:2B:9F:87:74:38
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/3B136F5A1E4F11F194DAFE79DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.198.20.0-154.198.28.255
154.202.111.0/24
Signature Algorithm: sha256WithRSAEncryption
a7:42:26:13:a3:b5:b6:23:ac:35:bd:c3:0d:08:bb:d0:46:60:
c7:6d:80:31:01:1f:80:83:7c:c0:89:4b:ab:a1:64:3c:87:8e:
a3:83:5f:3c:13:7b:f4:f8:5a:a1:2f:cb:e8:cb:12:d1:ac:97:
aa:fe:07:6d:0c:fb:56:c9:22:a5:d6:e1:c3:c2:90:a0:6b:d0:
fc:7b:1c:7b:76:42:d0:c1:86:11:9b:81:76:00:de:44:4c:46:
26:9d:c7:e3:3d:ef:a1:6c:f2:c4:d0:ad:17:00:26:47:74:15:
fa:00:60:d2:2a:89:2c:2a:bd:39:ff:16:3f:df:f2:d1:b3:0c:
12:de:9b:a5:17:e9:38:4f:b8:8f:90:db:26:7c:dd:51:87:3d:
0b:17:c9:d7:f4:b2:ec:eb:90:81:c5:12:06:72:91:75:6a:71:
e0:7d:99:a2:ce:25:3e:14:4c:47:1f:82:bc:5e:b6:81:14:12:
f0:e7:87:d0:70:8a:e6:79:85:8e:3d:0c:44:8b:c4:9c:0b:6d:
a3:e7:30:35:47:98:3a:d4:12:00:88:d9:10:0a:1c:72:f6:9d:
34:8d:b5:93:32:4d:44:85:1a:d8:b1:cb:65:9e:87:7a:18:c6:
0d:c5:da:ea:d5:46:28:b1:88:5b:91:99:e7:58:87:f6:6b:56:
63:41:5a:fb
-----BEGIN CERTIFICATE-----
MIIFkjCCBHqgAwIBAgIDAb8wMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjYwMzEyMjAwODIyWhcNMjYwNDE2MjAwODIyWjAYMRYw
FAYDVQQDEw02OWIzMWQzYi1iNDJhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAtrEL+nyS5meujR/9JbW5LIwFF5ZJlFYeqJBq/qqh7WkMFvrgQqqxExF3
viZn1D+63hZisAjUPvOVgoqHyKe4oETAz8zDU+u493mFGyliQ82PUQSbHM6lqQyX
JrcTYy5o4YERKAdTuJqHl1s4k2iCSwbTa5tXmzqm6Il3JCPMXMEshW4KWBnR059C
wrUorhTot/0kfozXc3f33BucNvm22jQ+f6sIwRCzHUSp8RZmbR8dCWWXusg5Liuo
0OfOHLU+45gEVLJ6XsZ8Fb+vFNfzil2YurP6uKDmYdPuIUgkDDS3ZJb3UGaKe/7o
o7nOjbVqNi4xnB90I985uWUAnwnNewIDAQABo4ICszCCAq8wHQYDVR0OBBYEFP0/
heXwCAePpGiNy+ZPJCufh3Q4MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8zQjEzNkY1QTFFNEYxMUYxOTREQUZFNzlEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBAKaxhQDBACaxhwDBACa
ym8wDQYJKoZIhvcNAQELBQADggEBAKdCJhOjtbYjrDW9ww0Iu9BGYMdtgDEBH4CD
fMCJS6uhZDyHjqODXzwTe/T4WqEvy+jLEtGsl6r+B20M+1bJIqXW4cPCkKBr0Px7
HHt2QtDBhhGbgXYA3kRMRiadx+M976Fs8sTQrRcAJkd0FfoAYNIqiSwqvTn/Fj/f
8tGzDBLem6UX6ThPuI+Q2yZ83VGHPQsXydf0suzrkIHFEgZykXVqceB9maLOJT4U
TEcfgrxetoEUEvDnh9BwiuZ5hY49DESLxJwLbaPnMDVHmDrUEgCI2RAKHHL2nTSN
tZMyTUSFGtixy2Weh3oYxg3F2urVRiixiFuRmedYh/ZrVmNBWvs=
-----END CERTIFICATE-----
Generated at Tue Mar 24 16:14:25 2026 by rpki-client