Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/40A8121A237011F1A36D8FF2DAE4EC9C.roa
File: 40A8121A237011F1A36D8FF2DAE4EC9C.roa (raw, json)
Hash identifier: Wk3tUTG09sbPl5qWeHE48n8PBgcNE2toi5E7x/4bmsg=
Subject key identifier: D8:F5:06:92:B1:95:99:61:6F:3C:FA:CE:68:07:DB:94:DC:5D:96:53
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01BFC1
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/40A8121A237011F1A36D8FF2DAE4EC9C.roa
Signing time: Thu 19 Mar 2026 08:47:26 +0000
ROA not before: Thu 19 Mar 2026 08:47:21 +0000
ROA not after: Fri 24 Apr 2026 08:47:21 +0000
asID: 54600
IP address blocks: 154.89.144.0/20 maxlen: 24
154.89.160.0/19 maxlen: 24
154.89.192.0/20 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Thu 26 Mar 2026 08:06:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 114625 (0x1bfc1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Mar 19 08:47:21 2026 GMT
Not After : Apr 24 08:47:21 2026 GMT
Subject: CN=69bbb81e-101e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:db:31:9d:ce:07:02:88:01:ec:2f:9f:a3:c6:
c2:f7:47:e7:8c:e0:ac:fc:49:8f:57:3f:f2:5c:be:
6b:3c:88:e6:68:9d:98:09:f2:d1:4a:84:39:41:59:
30:72:3d:d6:15:2e:01:38:07:ba:53:9a:a4:01:fd:
b2:87:ab:54:f9:07:37:98:5d:bc:6c:db:85:d6:3b:
e0:53:1f:5a:16:cb:9d:e0:5b:98:b5:79:41:71:19:
54:2f:29:22:19:e7:5f:80:93:72:97:da:cb:36:85:
9d:d1:f9:c3:50:81:9d:3b:03:bc:24:a0:8e:81:b4:
5c:04:3c:b1:14:d0:33:b8:38:4c:53:b4:aa:5a:9a:
41:77:b4:5c:d9:64:99:be:bb:86:52:4d:9f:3e:91:
a6:91:dc:67:fc:66:66:31:de:c7:90:e6:f1:ee:2a:
11:a9:82:e4:77:dc:72:25:4a:c8:3a:3d:ae:fd:19:
d3:b7:4d:b7:23:76:28:fc:6b:6b:cb:c8:ea:ff:14:
03:3f:e1:0a:ea:db:47:27:1e:43:b6:f5:f5:2d:fc:
1d:e3:61:10:ca:30:82:6e:bb:89:22:ee:4a:9c:39:
8f:35:ac:f3:7c:fe:93:2a:df:52:41:90:d0:14:a7:
22:55:67:d3:1d:07:d6:8f:4c:bf:7b:bd:16:c5:c0:
ed:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:F5:06:92:B1:95:99:61:6F:3C:FA:CE:68:07:DB:94:DC:5D:96:53
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/40A8121A237011F1A36D8FF2DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.89.144.0-154.89.207.255
Signature Algorithm: sha256WithRSAEncryption
68:bb:5b:29:b3:61:3b:87:a8:47:0c:7a:01:ea:45:53:16:05:
af:6a:7a:2c:0b:cb:20:b1:e7:f8:5f:18:6a:58:e4:e4:12:38:
bc:fc:f0:20:82:98:ad:e0:f5:13:20:f4:9a:10:67:ac:6f:ed:
be:ae:d6:3b:8c:2a:0a:c5:bb:2d:2f:29:8c:25:89:a7:3f:61:
81:33:3c:2b:4d:f2:27:8f:51:62:b9:ef:ac:f9:37:28:c5:6a:
46:de:7e:7d:0d:31:69:e1:ab:06:0e:5e:3a:08:b2:a8:29:0c:
b4:8e:91:16:df:e4:ee:30:31:de:24:70:9b:09:54:0d:1e:5a:
99:de:a8:8e:be:2c:e3:68:c0:13:5c:92:01:d2:d8:8e:08:4e:
ea:47:18:9e:eb:31:d3:6c:6f:7e:7c:b0:e1:0b:ad:7e:b2:8b:
7c:24:94:49:a6:3e:8a:57:b1:d4:a0:fd:6e:25:44:35:08:d6:
95:20:e5:35:ff:58:76:0e:b1:61:04:34:98:b0:5a:6e:b8:bd:
60:e9:89:b1:a4:08:52:5a:74:79:ce:43:d5:22:b0:4d:61:78:
43:7b:ef:5c:03:7c:17:fd:c4:9b:40:c3:63:48:12:27:52:b3:
31:bd:75:26:52:0f:1b:9c:81:1a:9d:7e:37:3a:0e:f6:16:cd:
9a:ab:29:8d
-----BEGIN CERTIFICATE-----
MIIFjDCCBHSgAwIBAgIDAb/BMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjYwMzE5MDg0NzIxWhcNMjYwNDI0MDg0NzIxWjAYMRYw
FAYDVQQDEw02OWJiYjgxZS0xMDFlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA5dsxnc4HAogB7C+fo8bC90fnjOCs/EmPVz/yXL5rPIjmaJ2YCfLRSoQ5
QVkwcj3WFS4BOAe6U5qkAf2yh6tU+Qc3mF28bNuF1jvgUx9aFsud4FuYtXlBcRlU
LykiGedfgJNyl9rLNoWd0fnDUIGdOwO8JKCOgbRcBDyxFNAzuDhMU7SqWppBd7Rc
2WSZvruGUk2fPpGmkdxn/GZmMd7HkObx7ioRqYLkd9xyJUrIOj2u/RnTt023I3Yo
/Gtry8jq/xQDP+EK6ttHJx5DtvX1Lfwd42EQyjCCbruJIu5KnDmPNazzfP6TKt9S
QZDQFKciVWfTHQfWj0y/e70WxcDtywIDAQABo4ICrTCCAqkwHQYDVR0OBBYEFNj1
BpKxlZlhbzz6zmgH25TcXZZTMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC80MEE4MTIxQTIzNzAxMUYxQTM2RDhGRjJEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBASaWZADBASaWcAwDQYJ
KoZIhvcNAQELBQADggEBAGi7WymzYTuHqEcMegHqRVMWBa9qeiwLyyCx5/hfGGpY
5OQSOLz88CCCmK3g9RMg9JoQZ6xv7b6u1juMKgrFuy0vKYwliac/YYEzPCtN8ieP
UWK576z5NyjFakbefn0NMWnhqwYOXjoIsqgpDLSOkRbf5O4wMd4kcJsJVA0eWpne
qI6+LONowBNckgHS2I4ITupHGJ7rMdNsb358sOELrX6yi3wklEmmPopXsdSg/W4l
RDUI1pUg5TX/WHYOsWEENJiwWm64vWDpibGkCFJadHnOQ9UisE1heEN771wDfBf9
xJtAw2NIEidSszG9dSZSDxucgRqdfjc6DvYWzZqrKY0=
-----END CERTIFICATE-----
Generated at Tue Mar 24 16:15:45 2026 by rpki-client