Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/4D01CCBA21E311F196A310E5DAE4EC9C.roa
File: 4D01CCBA21E311F196A310E5DAE4EC9C.roa (raw, json)
Hash identifier: LccawOoyM0AP5iw6vr2COwsxShTXX2Wc8KVJWrQNAyw=
Subject key identifier: 67:F2:B9:76:16:77:05:77:67:06:41:4E:92:22:F6:F1:65:21:27:6D
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01BF97
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/4D01CCBA21E311F196A310E5DAE4EC9C.roa
Signing time: Tue 17 Mar 2026 09:25:56 +0000
ROA not before: Tue 17 Mar 2026 09:25:51 +0000
ROA not after: Mon 08 Mar 2027 09:25:51 +0000
asID: 60171
IP address blocks: 154.197.123.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Thu 26 Mar 2026 08:06:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 114583 (0x1bf97)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Mar 17 09:25:51 2026 GMT
Not After : Mar 8 09:25:51 2027 GMT
Subject: CN=69b91e24-453a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:75:8d:3c:40:1e:76:10:54:b2:ef:81:9c:1f:
fb:39:53:a0:44:fd:93:8c:58:ba:80:52:23:23:e5:
36:a2:a7:cc:14:10:65:da:cf:6b:86:ff:70:ea:9c:
69:d3:d6:a1:22:09:7d:03:41:49:12:5d:b7:66:29:
ba:35:92:7d:91:f9:e7:27:5e:d8:c9:80:8f:8f:62:
01:99:c5:2e:f7:02:eb:77:32:c5:1f:00:4e:19:63:
ff:21:39:49:91:cb:67:89:71:e1:2a:e1:9d:50:88:
10:b4:f9:2f:28:52:78:0a:85:bd:75:c4:69:10:a2:
06:05:e7:d3:13:40:3e:0e:05:a5:bb:c8:59:a4:2a:
82:49:18:27:e4:74:5f:77:16:40:f3:03:13:c2:4b:
d7:4b:0c:58:6e:9e:11:40:a3:d9:b1:d3:f7:dd:22:
11:b8:2a:97:0c:da:e4:08:82:52:ef:a3:ab:fe:8a:
a1:6f:96:19:f2:ee:71:ef:a6:c0:0c:4b:a5:b4:ea:
2c:9a:80:fb:6f:7a:04:17:b9:93:2b:4b:b0:f9:f3:
26:69:5a:27:07:2d:28:cf:c4:34:59:bb:64:d8:8c:
68:25:83:62:81:e8:67:ea:63:d9:7c:6a:58:7f:ba:
c8:78:52:0f:71:1c:ec:16:a1:b6:94:d9:42:b4:20:
03:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:F2:B9:76:16:77:05:77:67:06:41:4E:92:22:F6:F1:65:21:27:6D
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/4D01CCBA21E311F196A310E5DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.197.123.0/24
Signature Algorithm: sha256WithRSAEncryption
72:19:c5:f3:4d:45:3c:94:55:1c:29:cf:fb:7c:85:c5:39:65:
d6:1b:82:b4:79:2e:ad:a8:06:81:3c:27:58:fe:32:5f:aa:28:
71:81:86:dd:57:eb:bf:7d:f8:a5:05:12:68:3d:70:b9:1d:7c:
63:72:a8:d3:30:fd:20:fa:fa:4d:2b:55:12:ab:fc:d3:75:3e:
08:d1:7c:51:2a:03:0d:81:63:c8:7d:8a:a1:16:bd:a7:76:68:
d7:74:9e:2f:5d:c0:23:1a:12:6a:9e:6a:0c:15:03:f6:44:bb:
4e:de:6f:2d:a9:a0:f2:c1:31:97:8a:40:93:a0:fe:5c:52:bb:
5a:ed:c5:47:8e:c9:96:85:43:9d:99:92:7b:81:cf:f2:24:5e:
ae:63:c5:88:87:24:c5:ae:d8:07:29:05:78:16:f8:ab:d5:aa:
6e:2f:11:84:38:13:5f:0c:cc:c1:5e:28:71:77:77:36:bb:b5:
66:3a:07:8d:0d:e7:4a:18:52:e2:c0:5f:fd:a5:33:05:3e:ee:
20:2d:3d:6e:93:30:51:af:9a:52:fa:bc:79:04:af:bd:d3:1f:
62:9f:12:49:83:9d:2e:6d:65:d9:80:f0:f7:a1:3d:8a:04:dc:
6c:5b:94:d4:62:38:29:5e:01:75:90:f0:c5:42:09:fb:07:9c:
a5:98:73:61
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAb+XMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjYwMzE3MDkyNTUxWhcNMjcwMzA4MDkyNTUxWjAYMRYw
FAYDVQQDEw02OWI5MWUyNC00NTNhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAuXWNPEAedhBUsu+BnB/7OVOgRP2TjFi6gFIjI+U2oqfMFBBl2s9rhv9w
6pxp09ahIgl9A0FJEl23Zim6NZJ9kfnnJ17YyYCPj2IBmcUu9wLrdzLFHwBOGWP/
ITlJkctniXHhKuGdUIgQtPkvKFJ4CoW9dcRpEKIGBefTE0A+DgWlu8hZpCqCSRgn
5HRfdxZA8wMTwkvXSwxYbp4RQKPZsdP33SIRuCqXDNrkCIJS76Or/oqhb5YZ8u5x
76bADEultOosmoD7b3oEF7mTK0uw+fMmaVonBy0oz8Q0Wbtk2IxoJYNigehn6mPZ
fGpYf7rIeFIPcRzsFqG2lNlCtCADTQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFGfy
uXYWdwV3ZwZBTpIi9vFlISdtMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC80RDAxQ0NCQTIxRTMxMUYxOTZBMzEwRTVEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmsV7MA0GCSqGSIb3DQEB
CwUAA4IBAQByGcXzTUU8lFUcKc/7fIXFOWXWG4K0eS6tqAaBPCdY/jJfqihxgYbd
V+u/ffilBRJoPXC5HXxjcqjTMP0g+vpNK1USq/zTdT4I0XxRKgMNgWPIfYqhFr2n
dmjXdJ4vXcAjGhJqnmoMFQP2RLtO3m8tqaDywTGXikCToP5cUrta7cVHjsmWhUOd
mZJ7gc/yJF6uY8WIhyTFrtgHKQV4Fvir1apuLxGEOBNfDMzBXihxd3c2u7VmOgeN
DedKGFLiwF/9pTMFPu4gLT1ukzBRr5pS+rx5BK+90x9inxJJg50ubWXZgPD3oT2K
BNxsW5TUYjgpXgF1kPDFQgn7B5ylmHNh
-----END CERTIFICATE-----
Generated at Tue Mar 24 16:19:13 2026 by rpki-client