Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/3CB33E8E237311F1BAC51984DAE4EC9C.roa
File: 3CB33E8E237311F1BAC51984DAE4EC9C.roa (raw, json)
Hash identifier: PK1ko418GhGodoDXH01jfJ+r070NbNJ3GDFqVNv1KB4=
Subject key identifier: 2C:6B:43:51:48:86:A1:30:6A:6F:AF:75:57:85:7A:68:17:0D:92:67
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01BFC9
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/3CB33E8E237311F1BAC51984DAE4EC9C.roa
Signing time: Thu 19 Mar 2026 09:08:48 +0000
ROA not before: Thu 19 Mar 2026 09:08:42 +0000
ROA not after: Fri 24 Apr 2026 09:08:42 +0000
asID: 395886
IP address blocks: 154.89.144.0/20 maxlen: 24
154.89.160.0/19 maxlen: 24
154.89.192.0/20 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Wed 25 Mar 2026 10:47:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 114633 (0x1bfc9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Mar 19 09:08:42 2026 GMT
Not After : Apr 24 09:08:42 2026 GMT
Subject: CN=69bbbd20-c73f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:3c:1b:68:e7:b6:0f:c2:73:4d:37:a2:91:ac:
8d:db:b2:a8:7f:3a:44:9d:04:3c:c2:ae:40:e5:73:
80:67:f8:d1:33:29:ec:39:e9:8b:34:d7:3a:43:77:
0b:d9:e5:48:17:49:63:fd:c5:d9:b9:ff:65:aa:e7:
d3:69:bf:d9:f2:33:07:dd:ee:41:a8:cd:8b:24:b9:
e8:0c:d8:df:de:32:b5:4d:ce:83:07:86:35:70:b8:
90:41:8d:fe:83:6f:fb:95:2b:c1:2f:f3:81:d7:a1:
52:ae:34:60:00:23:72:db:79:3e:68:2e:a0:03:86:
d6:b0:bb:8f:37:f4:36:4f:cc:a4:4b:81:c2:7a:5b:
db:ca:ca:d7:8c:d8:40:92:6e:00:8f:00:7c:5f:5d:
6d:3c:1b:97:81:43:34:d5:53:d2:ad:48:37:4b:12:
1b:05:1f:81:4a:53:e8:b1:5f:92:a8:2f:85:e6:f9:
36:f8:40:89:ff:d8:7c:33:41:cc:39:22:19:b8:4f:
ab:9c:5d:76:41:b5:68:97:75:00:14:c7:ec:76:2e:
9c:b4:51:a3:9b:26:1d:b9:e8:9e:70:5c:56:0a:11:
52:63:35:b1:4c:1b:45:41:ac:53:ce:1b:0e:ef:2f:
2f:5f:72:cc:16:10:33:10:a4:60:fd:50:8e:2c:07:
f8:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:6B:43:51:48:86:A1:30:6A:6F:AF:75:57:85:7A:68:17:0D:92:67
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/3CB33E8E237311F1BAC51984DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.89.144.0-154.89.207.255
Signature Algorithm: sha256WithRSAEncryption
99:15:1e:dd:c1:b7:3a:d7:6c:e8:8c:43:38:ef:08:f2:25:17:
da:86:73:3c:82:57:4a:9d:03:e4:0b:c8:a9:02:04:47:4a:ea:
53:79:64:2c:f5:13:1a:dc:24:ac:d5:86:68:68:7c:dc:5d:65:
06:16:b5:0d:4f:0f:53:60:c2:c5:c0:43:3c:bc:7e:e3:91:bc:
03:c4:86:97:8c:47:82:b8:6a:5b:d4:a3:b9:e6:72:2a:f6:33:
b4:a1:b9:b4:43:75:27:e1:ab:b2:82:f7:50:f6:be:e3:76:44:
d1:a4:3e:d6:30:e9:15:3a:08:b0:9c:14:90:79:d6:57:82:78:
cd:9d:ef:cc:11:90:d6:91:0b:5c:02:27:0e:b4:b3:b7:3c:73:
44:71:17:41:18:73:f2:8b:b9:99:8e:67:cd:72:35:b8:2a:99:
52:ab:0b:73:59:07:c4:a9:71:fe:d8:06:05:2c:24:d8:c5:0a:
1a:7a:61:e3:1d:93:b2:5d:2d:5f:6f:cc:fb:b1:d7:9d:27:a7:
ad:88:94:96:19:24:5a:d1:70:4f:43:5e:6c:f0:3d:c1:d3:9e:
e7:e2:ca:e7:8d:a7:5d:10:bd:bf:5c:86:69:02:f8:ba:04:36:
36:85:07:ef:a0:0d:77:b3:e3:d7:5d:2e:8c:67:a5:81:85:9a:
38:e9:88:53
-----BEGIN CERTIFICATE-----
MIIFjDCCBHSgAwIBAgIDAb/JMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjYwMzE5MDkwODQyWhcNMjYwNDI0MDkwODQyWjAYMRYw
FAYDVQQDEw02OWJiYmQyMC1jNzNmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAzzwbaOe2D8JzTTeikayN27KofzpEnQQ8wq5A5XOAZ/jRMynsOemLNNc6
Q3cL2eVIF0lj/cXZuf9lqufTab/Z8jMH3e5BqM2LJLnoDNjf3jK1Tc6DB4Y1cLiQ
QY3+g2/7lSvBL/OB16FSrjRgACNy23k+aC6gA4bWsLuPN/Q2T8ykS4HCelvbysrX
jNhAkm4AjwB8X11tPBuXgUM01VPSrUg3SxIbBR+BSlPosV+SqC+F5vk2+ECJ/9h8
M0HMOSIZuE+rnF12QbVol3UAFMfsdi6ctFGjmyYdueiecFxWChFSYzWxTBtFQaxT
zhsO7y8vX3LMFhAzEKRg/VCOLAf4fQIDAQABo4ICrTCCAqkwHQYDVR0OBBYEFCxr
Q1FIhqEwam+vdVeFemgXDZJnMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8zQ0IzM0U4RTIzNzMxMUYxQkFDNTE5ODREQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBASaWZADBASaWcAwDQYJ
KoZIhvcNAQELBQADggEBAJkVHt3BtzrXbOiMQzjvCPIlF9qGczyCV0qdA+QLyKkC
BEdK6lN5ZCz1ExrcJKzVhmhofNxdZQYWtQ1PD1NgwsXAQzy8fuORvAPEhpeMR4K4
alvUo7nmcir2M7ShubRDdSfhq7KC91D2vuN2RNGkPtYw6RU6CLCcFJB51leCeM2d
78wRkNaRC1wCJw60s7c8c0RxF0EYc/KLuZmOZ81yNbgqmVKrC3NZB8Spcf7YBgUs
JNjFChp6YeMdk7JdLV9vzPux150np62IlJYZJFrRcE9DXmzwPcHTnufiyueNp10Q
vb9chmkC+LoENjaFB++gDXez49ddLoxnpYGFmjjpiFM=
-----END CERTIFICATE-----
Generated at Mon Mar 23 20:17:47 2026 by rpki-client