Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/3E75FFA81EB511F1A5A91ADBDAE4EC9C.roa
File: 3E75FFA81EB511F1A5A91ADBDAE4EC9C.roa (raw, json)
Hash identifier: 34s0jrXpH6ZjhfNpbqqz5AUxEFodcxsHTIAs+y8t1Lc=
Subject key identifier: E9:73:33:E7:12:94:16:6F:57:FE:CB:1D:90:4D:9B:2F:6F:31:7B:8E
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01BF4D
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/3E75FFA81EB511F1A5A91ADBDAE4EC9C.roa
Signing time: Fri 13 Mar 2026 08:18:41 +0000
ROA not before: Fri 13 Mar 2026 08:18:36 +0000
ROA not after: Wed 29 Apr 2026 08:18:36 +0000
asID: 214143
IP address blocks: 154.81.132.0/22 maxlen: 24
154.81.138.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Thu 26 Mar 2026 08:06:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 114509 (0x1bf4d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Mar 13 08:18:36 2026 GMT
Not After : Apr 29 08:18:36 2026 GMT
Subject: CN=69b3c861-270f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:2d:82:94:90:5e:51:b7:69:6c:a0:a8:ab:60:
f0:e5:ae:18:00:cf:06:8d:db:8e:97:09:07:05:01:
be:33:e8:11:d7:c6:39:7c:ec:79:b1:65:ba:2d:1f:
ea:f3:92:87:76:da:60:e4:05:ef:e5:6d:ce:ec:b5:
59:26:45:69:b4:0b:87:23:3f:55:67:5b:4d:92:f7:
d4:1b:b9:ab:a0:b9:96:f2:40:de:4d:bd:9a:b8:08:
1a:58:e7:a9:7e:6a:a0:a4:e1:6f:72:f2:90:bf:d4:
1c:ef:fa:24:5c:58:dc:6a:a2:cb:cd:12:49:79:1f:
fe:47:7f:86:fc:8f:ad:cd:cc:72:9d:fb:5b:68:a3:
38:ee:04:33:9f:71:da:9c:b0:3f:02:64:eb:65:f4:
90:6f:54:96:12:66:00:31:67:e4:f4:aa:56:c3:44:
a1:ff:71:28:ee:90:17:d6:66:3e:74:0e:f0:10:14:
d9:2d:5e:b5:81:0e:35:1d:7f:0d:82:f3:b9:e5:c6:
37:f8:b0:8e:2e:98:c8:98:9a:c1:b7:51:45:de:d9:
6e:97:68:8b:6e:e3:d0:42:72:e9:e6:5d:06:f3:fa:
b2:3b:02:32:48:37:85:10:ef:df:1a:30:09:57:8a:
46:f8:ba:d6:7d:ad:67:90:18:e7:cd:9a:da:92:e6:
db:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E9:73:33:E7:12:94:16:6F:57:FE:CB:1D:90:4D:9B:2F:6F:31:7B:8E
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/3E75FFA81EB511F1A5A91ADBDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.81.132.0/22
154.81.138.0/23
Signature Algorithm: sha256WithRSAEncryption
a9:66:89:1d:46:14:b8:11:ea:f4:41:dd:d6:29:40:99:6f:62:
17:1f:ee:05:e1:90:01:02:6c:32:68:8b:75:c7:00:70:d5:d0:
6a:f2:df:df:ea:1e:1b:e4:4d:d4:65:c4:b2:10:f2:b0:d9:62:
a3:dc:aa:d9:99:31:3a:83:70:2d:89:7a:4f:43:ed:3d:d1:d5:
af:c0:6f:99:b9:a9:e5:81:6a:42:cc:15:b7:a9:3e:41:11:7c:
44:00:c9:5e:d9:d6:40:3e:aa:86:91:cf:dc:77:a3:68:73:c1:
d0:7d:14:30:5f:9b:24:b0:56:47:5b:b0:17:5a:11:76:4a:0d:
d1:fa:7b:69:7f:c5:fa:c0:c6:b3:10:e4:7c:c6:5f:20:1f:e2:
8a:0b:de:87:cc:59:3d:81:8e:66:c4:2c:0e:5c:04:5f:78:b8:
a4:9b:56:35:e0:b2:b4:ec:7b:fc:96:27:2f:f1:93:b8:39:a9:
22:7d:15:20:9f:19:53:1d:2a:b5:b8:f8:2d:43:53:51:77:71:
76:47:37:3f:31:75:e9:37:37:30:f5:d8:8c:75:d0:3d:5c:2d:
e3:9d:df:da:ca:04:d9:a3:93:25:2f:be:ba:1b:ab:42:82:1d:
fb:4b:41:77:8d:8a:12:9b:80:e2:81:b6:79:85:49:c1:63:05:
09:09:3f:40
-----BEGIN CERTIFICATE-----
MIIFijCCBHKgAwIBAgIDAb9NMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjYwMzEzMDgxODM2WhcNMjYwNDI5MDgxODM2WjAYMRYw
FAYDVQQDEw02OWIzYzg2MS0yNzBmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAxy2ClJBeUbdpbKCoq2Dw5a4YAM8GjduOlwkHBQG+M+gR18Y5fOx5sWW6
LR/q85KHdtpg5AXv5W3O7LVZJkVptAuHIz9VZ1tNkvfUG7mroLmW8kDeTb2auAga
WOepfmqgpOFvcvKQv9Qc7/okXFjcaqLLzRJJeR/+R3+G/I+tzcxynftbaKM47gQz
n3HanLA/AmTrZfSQb1SWEmYAMWfk9KpWw0Sh/3Eo7pAX1mY+dA7wEBTZLV61gQ41
HX8NgvO55cY3+LCOLpjImJrBt1FF3tlul2iLbuPQQnLp5l0G8/qyOwIySDeFEO/f
GjAJV4pG+LrWfa1nkBjnzZrakubbwwIDAQABo4ICqzCCAqcwHQYDVR0OBBYEFOlz
M+cSlBZvV/7LHZBNmy9vMXuOMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8zRTc1RkZBODFFQjUxMUYxQTVBOTFBREJEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCmlGEAwQBmlGKMA0GCSqG
SIb3DQEBCwUAA4IBAQCpZokdRhS4Eer0Qd3WKUCZb2IXH+4F4ZABAmwyaIt1xwBw
1dBq8t/f6h4b5E3UZcSyEPKw2WKj3KrZmTE6g3AtiXpPQ+090dWvwG+ZuanlgWpC
zBW3qT5BEXxEAMle2dZAPqqGkc/cd6Noc8HQfRQwX5sksFZHW7AXWhF2Sg3R+ntp
f8X6wMazEOR8xl8gH+KKC96HzFk9gY5mxCwOXARfeLikm1Y14LK07Hv8licv8ZO4
OakifRUgnxlTHSq1uPgtQ1NRd3F2Rzc/MXXpNzcw9diMddA9XC3jnd/aygTZo5Ml
L766G6tCgh37S0F3jYoSm4DigbZ5hUnBYwUJCT9A
-----END CERTIFICATE-----
Generated at Tue Mar 24 16:14:19 2026 by rpki-client