Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/412FD8A41E5B11F1BC3FA3BDDAE4EC9C.roa
File: 412FD8A41E5B11F1BC3FA3BDDAE4EC9C.roa (raw, json)
Hash identifier: XrzpW4exJqagqKhJ1sCpCeLB0TQFksZxiD2zglKH6ho=
Subject key identifier: 15:04:11:A1:3D:1B:39:3C:B2:DB:06:F9:DF:41:41:31:88:4C:B6:41
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01BF3E
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/412FD8A41E5B11F1BC3FA3BDDAE4EC9C.roa
Signing time: Thu 12 Mar 2026 21:34:31 +0000
ROA not before: Thu 12 Mar 2026 21:34:26 +0000
ROA not after: Sat 18 Apr 2026 21:34:26 +0000
asID: 200758
IP address blocks: 154.196.139.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Thu 26 Mar 2026 08:06:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 114494 (0x1bf3e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Mar 12 21:34:26 2026 GMT
Not After : Apr 18 21:34:26 2026 GMT
Subject: CN=69b33167-e990
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:30:d8:f6:d5:e1:47:d9:c7:7c:82:18:dc:71:
6c:32:4f:16:89:b4:9c:5b:44:12:2a:09:f5:a2:ae:
ec:24:6c:76:0a:31:04:ba:2f:46:7b:db:6b:ec:de:
93:1a:10:67:62:c2:63:4b:94:8f:92:c1:e7:da:91:
57:ec:18:b7:ee:14:87:e6:bc:35:09:33:ac:9f:48:
19:54:0f:b3:69:bd:13:79:34:bb:c3:d8:a9:77:8b:
7f:46:f2:0d:87:b4:63:49:51:95:a1:f5:2f:f6:e8:
2f:cf:c5:45:a8:da:e7:9d:f4:f6:02:1d:03:ce:2f:
30:d9:b0:22:00:e3:22:83:77:2e:6e:cf:25:4d:da:
8f:bf:c9:d1:b3:b9:83:67:73:c5:2e:62:ec:ef:a2:
63:56:57:e4:0a:78:10:18:e9:b1:f5:21:f5:53:7f:
ec:fa:24:db:93:b3:63:39:36:4e:49:b2:ce:7c:cc:
ef:f8:83:35:2b:7e:88:ed:d1:8f:7d:3d:e7:f8:2b:
32:26:f4:b2:4c:d2:57:7a:ca:8c:bc:71:93:ba:b1:
dc:47:14:fa:78:8e:be:f2:77:d4:d0:8b:f1:e5:ef:
fe:d7:03:b4:aa:22:68:78:1c:1c:95:17:65:69:8f:
50:50:f8:17:39:96:4e:c8:c8:eb:a0:fe:35:e1:91:
5d:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
15:04:11:A1:3D:1B:39:3C:B2:DB:06:F9:DF:41:41:31:88:4C:B6:41
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/412FD8A41E5B11F1BC3FA3BDDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.196.139.0/24
Signature Algorithm: sha256WithRSAEncryption
18:b8:59:ea:03:7b:dc:41:43:59:2e:be:ae:2b:6d:0c:71:00:
f0:f9:5a:6a:e8:78:23:08:6b:48:57:3f:a0:e7:cd:aa:c3:7a:
6d:a1:b1:0d:01:ca:25:f4:52:76:e1:8c:80:88:15:73:b7:cd:
80:c1:bd:2a:34:99:db:38:99:93:9d:b3:09:d3:86:ca:eb:40:
b9:9a:95:c0:d4:cf:33:d1:5d:04:19:6a:1a:0d:ad:f3:06:99:
a0:39:68:4e:b0:f8:c6:e1:df:70:58:a4:5b:03:9e:b7:ee:62:
b5:7a:97:76:e8:36:7b:89:87:7c:20:b8:8f:ff:43:3e:0f:f7:
20:be:e9:9c:bd:28:30:14:e8:6d:53:c7:04:4a:9c:d5:bc:99:
80:2e:c6:c2:3c:c5:08:9a:cb:75:a2:47:25:ac:8c:2b:87:44:
4c:e6:25:cf:01:6d:04:ae:1b:81:64:bc:b0:07:1e:b2:fc:a8:
58:b6:8f:b9:1b:0b:c5:d2:6b:35:68:d4:fd:87:bd:0b:82:c8:
8b:c1:75:1f:87:59:d8:1a:8a:d2:87:e4:80:71:f4:ab:33:fd:
9a:b7:9c:60:5c:cf:72:9a:d2:a3:e6:0f:5a:0f:af:65:9c:41:
cc:d8:4b:ed:bb:29:7d:20:1a:86:1d:24:56:51:7b:2b:c9:2d:
45:21:bd:e2
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAb8+MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjYwMzEyMjEzNDI2WhcNMjYwNDE4MjEzNDI2WjAYMRYw
FAYDVQQDEw02OWIzMzE2Ny1lOTkwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA0zDY9tXhR9nHfIIY3HFsMk8WibScW0QSKgn1oq7sJGx2CjEEui9Ge9tr
7N6TGhBnYsJjS5SPksHn2pFX7Bi37hSH5rw1CTOsn0gZVA+zab0TeTS7w9ipd4t/
RvINh7RjSVGVofUv9ugvz8VFqNrnnfT2Ah0Dzi8w2bAiAOMig3cubs8lTdqPv8nR
s7mDZ3PFLmLs76JjVlfkCngQGOmx9SH1U3/s+iTbk7NjOTZOSbLOfMzv+IM1K36I
7dGPfT3n+CsyJvSyTNJXesqMvHGTurHcRxT6eI6+8nfU0Ivx5e/+1wO0qiJoeBwc
lRdlaY9QUPgXOZZOyMjroP414ZFdcwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFBUE
EaE9Gzk8stsG+d9BQTGITLZBMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC80MTJGRDhBNDFFNUIxMUYxQkMzRkEzQkREQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmsSLMA0GCSqGSIb3DQEB
CwUAA4IBAQAYuFnqA3vcQUNZLr6uK20McQDw+Vpq6HgjCGtIVz+g582qw3ptobEN
Acol9FJ24YyAiBVzt82Awb0qNJnbOJmTnbMJ04bK60C5mpXA1M8z0V0EGWoaDa3z
BpmgOWhOsPjG4d9wWKRbA5637mK1epd26DZ7iYd8ILiP/0M+D/cgvumcvSgwFOht
U8cESpzVvJmALsbCPMUImst1okclrIwrh0RM5iXPAW0ErhuBZLywBx6y/KhYto+5
GwvF0ms1aNT9h70LgsiLwXUfh1nYGorSh+SAcfSrM/2at5xgXM9ymtKj5g9aD69l
nEHM2Evtuyl9IBqGHSRWUXsryS1FIb3i
-----END CERTIFICATE-----
Generated at Tue Mar 24 16:19:12 2026 by rpki-client