Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/40B860A21B8711F1945BA1C3DAE4EC9C.roa
File: 40B860A21B8711F1945BA1C3DAE4EC9C.roa (raw, json)
Hash identifier: +7JvxalLsqrq9olDJyLW27fbnQ018n2sOmyNiGkQ3aM=
Subject key identifier: 6E:B0:20:2A:EE:A1:E5:E1:E9:D9:CC:E2:7A:15:1E:53:CD:1B:48:16
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01BE6A
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/40B860A21B8711F1945BA1C3DAE4EC9C.roa
Signing time: Mon 09 Mar 2026 07:11:55 +0000
ROA not before: Mon 09 Mar 2026 07:11:49 +0000
ROA not after: Thu 16 Apr 2026 07:11:49 +0000
asID: 17497
IP address blocks: 154.197.16.0/21 maxlen: 24
154.197.16.0/24 maxlen: 24
154.197.17.0/24 maxlen: 24
154.197.18.0/24 maxlen: 24
154.197.19.0/24 maxlen: 24
154.197.20.0/24 maxlen: 24
154.197.21.0/24 maxlen: 24
154.197.22.0/24 maxlen: 24
154.197.23.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 14 Mar 2026 00:06:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 114282 (0x1be6a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Mar 9 07:11:49 2026 GMT
Not After : Apr 16 07:11:49 2026 GMT
Subject: CN=69ae72bb-61ca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:df:a7:cf:72:b2:76:85:b9:f5:ba:2a:76:53:
8e:56:7f:8d:cc:17:9e:66:7a:2f:6e:cb:10:e2:8c:
e7:d9:eb:60:51:e7:2e:7e:c5:1e:ce:cd:ca:63:96:
10:e8:a4:2f:67:5e:fa:97:31:de:32:25:4d:89:20:
f9:6b:f8:27:4e:e8:2f:28:ae:e4:88:7b:76:ac:92:
99:6b:5a:f7:b0:ae:38:a7:dc:01:f9:71:42:ae:cd:
a4:86:69:7e:d8:2c:db:fc:81:b9:8c:27:20:8e:6d:
e8:7b:dd:cc:36:94:c7:43:9c:b0:df:62:12:de:06:
85:3d:a1:14:09:6b:07:70:b6:a8:7f:2d:43:6d:a2:
10:12:63:dd:c0:3e:6f:6d:49:65:78:b6:ae:2e:17:
11:89:42:2b:4b:63:6a:25:d1:f5:96:82:6e:0e:02:
dd:74:f5:30:c8:6c:4c:9f:f9:22:af:7d:de:cd:5f:
41:dc:5c:ea:e4:da:2b:42:36:51:69:9e:50:e0:2c:
ff:b5:96:69:78:97:c0:45:4b:0b:f1:90:2d:f2:cc:
3f:9f:f3:5b:be:d1:29:1a:5b:17:06:6e:1a:15:1a:
6b:f3:59:ea:30:67:32:41:21:8b:63:4a:7f:d1:7a:
1a:1f:33:f3:29:28:00:0b:c1:a8:97:e6:a7:32:30:
cc:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:B0:20:2A:EE:A1:E5:E1:E9:D9:CC:E2:7A:15:1E:53:CD:1B:48:16
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/40B860A21B8711F1945BA1C3DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.197.16.0/21
Signature Algorithm: sha256WithRSAEncryption
b2:d7:eb:7a:7a:1e:e0:09:c8:57:50:6f:31:ac:f0:d6:71:51:
fe:d7:47:6f:41:fa:5e:92:b1:8d:03:01:d7:b1:22:70:5c:8d:
b2:3f:ff:39:4d:58:34:71:e4:70:0d:97:8a:2f:03:cc:a6:a5:
d8:bb:42:59:ec:c7:9b:f6:19:79:7f:c6:c0:ff:9f:a7:9e:ce:
bc:e4:4a:06:28:da:c3:ec:80:e4:fe:cf:68:70:42:c0:8d:9a:
78:c1:b1:37:38:4f:16:0d:c7:98:9b:a8:36:e9:c2:be:c7:c7:
55:21:a6:65:94:94:3e:88:9f:67:2c:bc:f1:1e:b1:a9:c2:23:
5b:60:16:8c:11:41:bd:c8:06:ec:04:b9:83:49:69:d8:b7:be:
5b:00:1d:f8:10:21:15:f0:31:ab:83:a9:90:e7:7b:07:66:1d:
ab:28:5b:55:56:13:23:5c:46:8b:49:d2:ac:ce:0a:76:85:c7:
3a:09:86:45:c4:7e:c7:95:d5:f1:8c:d9:ac:ba:a3:f7:a9:3b:
30:b0:c8:5f:ae:bf:a7:4f:2f:86:53:2a:d5:3b:3c:f5:18:6a:
1b:e5:68:cc:72:7b:f7:ad:4a:82:0a:95:a2:94:aa:ad:48:f9:
7d:40:06:58:cf:a5:24:1a:5a:5f:a5:18:28:c0:36:10:80:2f:
a1:a8:07:0b
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAb5qMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjYwMzA5MDcxMTQ5WhcNMjYwNDE2MDcxMTQ5WjAYMRYw
FAYDVQQDEw02OWFlNzJiYi02MWNhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAwN+nz3KydoW59boqdlOOVn+NzBeeZnovbssQ4ozn2etgUecufsUezs3K
Y5YQ6KQvZ176lzHeMiVNiSD5a/gnTugvKK7kiHt2rJKZa1r3sK44p9wB+XFCrs2k
hml+2Czb/IG5jCcgjm3oe93MNpTHQ5yw32IS3gaFPaEUCWsHcLaofy1DbaIQEmPd
wD5vbUlleLauLhcRiUIrS2NqJdH1loJuDgLddPUwyGxMn/kir33ezV9B3Fzq5Nor
QjZRaZ5Q4Cz/tZZpeJfARUsL8ZAt8sw/n/NbvtEpGlsXBm4aFRpr81nqMGcyQSGL
Y0p/0XoaHzPzKSgAC8Gol+anMjDMYwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFG6w
ICruoeXh6dnM4noVHlPNG0gWMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC80MEI4NjBBMjFCODcxMUYxOTQ1QkExQzNEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDmsUQMA0GCSqGSIb3DQEB
CwUAA4IBAQCy1+t6eh7gCchXUG8xrPDWcVH+10dvQfpekrGNAwHXsSJwXI2yP/85
TVg0ceRwDZeKLwPMpqXYu0JZ7Meb9hl5f8bA/5+nns685EoGKNrD7IDk/s9ocELA
jZp4wbE3OE8WDceYm6g26cK+x8dVIaZllJQ+iJ9nLLzxHrGpwiNbYBaMEUG9yAbs
BLmDSWnYt75bAB34ECEV8DGrg6mQ53sHZh2rKFtVVhMjXEaLSdKszgp2hcc6CYZF
xH7HldXxjNmsuqP3qTswsMhfrr+nTy+GUyrVOzz1GGob5WjMcnv3rUqCCpWilKqt
SPl9QAZYz6UkGlpfpRgowDYQgC+hqAcL
-----END CERTIFICATE-----
Generated at Thu Mar 12 09:33:58 2026 by rpki-client