Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/4901538C1D2011F1AB4CA39BDAE4EC9C.roa
File: 4901538C1D2011F1AB4CA39BDAE4EC9C.roa (raw, json)
Hash identifier: 07n8sUaFZVi8Hd8AxQUL4eRNmTlwLzfmHoMA56uWOg4=
Subject key identifier: 64:AC:30:66:BB:FA:00:93:F0:70:16:3D:A1:E9:44:06:C6:8E:CD:06
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01BEE1
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/4901538C1D2011F1AB4CA39BDAE4EC9C.roa
Signing time: Wed 11 Mar 2026 07:59:53 +0000
ROA not before: Wed 11 Mar 2026 07:59:49 +0000
ROA not after: Tue 24 Mar 2026 07:59:49 +0000
asID: 138456
IP address blocks: 154.213.2.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 15 Mar 2026 13:49:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 114401 (0x1bee1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Mar 11 07:59:49 2026 GMT
Not After : Mar 24 07:59:49 2026 GMT
Subject: CN=69b120f8-6f26
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:da:11:49:cf:13:74:6c:b7:ec:0b:12:97:01:
af:04:ec:53:95:41:48:8d:6b:42:99:6c:84:cf:f7:
6a:15:46:89:a1:af:d6:45:fd:a5:13:93:f8:8d:0b:
66:d9:3a:26:a6:e0:35:9a:2f:70:a3:c1:b8:fd:ad:
e2:6c:40:7a:3d:34:1f:f2:74:3f:96:2f:13:80:a7:
b7:22:5c:89:55:e6:d3:e4:75:3c:9f:b4:d7:51:13:
c3:c3:6b:44:c9:25:36:18:cd:7e:21:86:de:03:4f:
ec:8d:72:9d:4b:52:a9:e9:62:40:ee:11:7c:32:3b:
de:10:68:ff:49:43:b4:da:cb:40:98:e5:2f:04:77:
8c:75:42:ed:30:8f:cc:26:27:52:5d:82:db:fa:13:
7e:45:bb:a3:d7:0f:fe:80:07:3f:f3:49:59:a1:fa:
80:8a:03:5f:f2:5c:e7:7e:8d:4d:c1:f8:0e:28:e4:
75:3d:76:d6:c6:fd:0b:7c:69:e0:8f:3e:57:74:16:
66:ab:90:8b:9f:a9:2b:37:38:3b:71:c0:2c:d5:8f:
76:d5:87:fc:0d:30:ce:b7:a4:d9:ee:f7:ed:fd:7e:
08:b7:f6:2d:05:e9:89:27:3d:70:87:78:94:54:80:
70:e4:10:c3:95:f2:eb:0d:5b:11:a7:d6:28:f2:65:
3d:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:AC:30:66:BB:FA:00:93:F0:70:16:3D:A1:E9:44:06:C6:8E:CD:06
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/4901538C1D2011F1AB4CA39BDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.213.2.0/23
Signature Algorithm: sha256WithRSAEncryption
3a:29:0a:17:10:bf:03:20:d7:75:87:15:b7:aa:18:50:bd:2d:
b9:0f:9d:12:e2:22:3b:b4:46:22:55:69:53:eb:29:fb:42:cd:
61:95:bd:b9:48:93:32:d4:b9:4c:61:bd:5f:9c:18:d3:66:89:
89:c4:80:ea:84:a1:df:44:cd:b4:aa:e0:e1:5b:ef:ee:9e:18:
5f:39:66:42:76:8c:ee:a0:97:23:9b:58:e1:99:6e:0b:14:a1:
06:17:ea:74:d6:9c:21:fd:81:c5:9e:c1:eb:30:e4:23:78:39:
1d:01:f8:ee:32:e1:7f:3b:7d:df:e8:65:f2:e7:f4:e5:13:79:
60:46:1f:68:49:b1:93:a0:d9:1a:3a:65:d4:0a:f3:f0:54:87:
c8:6f:d8:eb:89:0f:57:e8:d4:02:51:32:e4:4c:f4:67:fc:99:
d2:a7:ec:27:ea:07:f9:8d:1b:70:e2:b0:73:e8:6f:41:5d:8b:
b8:b9:6a:3a:bc:0b:a8:94:7a:95:e7:31:29:18:4e:21:15:a2:
43:14:09:c0:65:62:25:a5:f7:07:b4:8b:75:8e:f8:f7:47:fa:
92:98:d2:54:0a:f8:96:12:0a:08:24:26:a1:f0:52:27:3e:28:
87:e9:7b:9f:ea:7a:27:3c:0c:97:65:fe:82:93:f6:47:2b:de:
5c:f4:a0:43
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAb7hMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjYwMzExMDc1OTQ5WhcNMjYwMzI0MDc1OTQ5WjAYMRYw
FAYDVQQDEw02OWIxMjBmOC02ZjI2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA0toRSc8TdGy37AsSlwGvBOxTlUFIjWtCmWyEz/dqFUaJoa/WRf2lE5P4
jQtm2TompuA1mi9wo8G4/a3ibEB6PTQf8nQ/li8TgKe3IlyJVebT5HU8n7TXURPD
w2tEySU2GM1+IYbeA0/sjXKdS1Kp6WJA7hF8MjveEGj/SUO02stAmOUvBHeMdULt
MI/MJidSXYLb+hN+Rbuj1w/+gAc/80lZofqAigNf8lznfo1NwfgOKOR1PXbWxv0L
fGngjz5XdBZmq5CLn6krNzg7ccAs1Y921Yf8DTDOt6TZ7vft/X4It/YtBemJJz1w
h3iUVIBw5BDDlfLrDVsRp9Yo8mU9hQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFGSs
MGa7+gCT8HAWPaHpRAbGjs0GMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC80OTAxNTM4QzFEMjAxMUYxQUI0Q0EzOUJEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBmtUCMA0GCSqGSIb3DQEB
CwUAA4IBAQA6KQoXEL8DINd1hxW3qhhQvS25D50S4iI7tEYiVWlT6yn7Qs1hlb25
SJMy1LlMYb1fnBjTZomJxIDqhKHfRM20quDhW+/unhhfOWZCdozuoJcjm1jhmW4L
FKEGF+p01pwh/YHFnsHrMOQjeDkdAfjuMuF/O33f6GXy5/TlE3lgRh9oSbGToNka
OmXUCvPwVIfIb9jriQ9X6NQCUTLkTPRn/JnSp+wn6gf5jRtw4rBz6G9BXYu4uWo6
vAuolHqV5zEpGE4hFaJDFAnAZWIlpfcHtIt1jvj3R/qSmNJUCviWEgoIJCah8FIn
PiiH6Xuf6nonPAyXZf6Ck/ZHK95c9KBD
-----END CERTIFICATE-----
Generated at Fri Mar 13 20:05:10 2026 by rpki-client