Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/4F39A84825D711F19D8877EDDAE4EC9C.roa
File: 4F39A84825D711F19D8877EDDAE4EC9C.roa (raw, json)
Hash identifier: iPgsZNhUUZ+WLjet6DE/vGjrhrBd/quBAfhI+s/2IoI=
Subject key identifier: 24:7D:8F:0E:F8:EC:9D:08:CF:F7:00:5D:03:6D:16:F9:9C:46:C1:0E
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01C052
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/4F39A84825D711F19D8877EDDAE4EC9C.roa
Signing time: Sun 22 Mar 2026 10:10:11 +0000
ROA not before: Sun 22 Mar 2026 10:10:06 +0000
ROA not after: Sun 01 Aug 2027 10:10:06 +0000
asID: 47890
IP address blocks: 154.214.198.0/24 maxlen: 24
154.214.213.0/24 maxlen: 24
154.214.215.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Thu 26 Mar 2026 08:06:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 114770 (0x1c052)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Mar 22 10:10:06 2026 GMT
Not After : Aug 1 10:10:06 2027 GMT
Subject: CN=69bfc003-4d33
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:49:19:50:64:b2:6c:26:5a:dd:fd:0e:fa:1b:
ac:67:4d:1e:86:45:de:0f:1d:a8:bf:97:5b:c8:11:
d4:48:ab:70:12:e8:8c:7b:59:89:cc:24:f0:e5:eb:
23:2d:b6:0f:78:63:e7:19:f1:37:d9:73:20:a5:61:
2a:05:51:78:96:04:bf:f7:b7:d6:82:ac:54:60:99:
55:96:84:22:59:cb:2f:88:0e:02:0a:7e:69:05:75:
29:87:dc:4a:06:23:d9:1b:76:e1:02:be:af:29:5d:
3a:de:5e:08:a3:5e:3d:85:0c:8d:a6:36:c9:56:7b:
60:e1:5c:1e:03:8d:4b:d3:96:7a:40:a5:3e:b8:85:
e6:7b:30:32:9a:57:c6:46:f2:19:13:51:6e:58:12:
71:47:2e:29:c8:33:e7:b7:a2:ca:25:e4:0e:f2:5f:
40:29:e7:18:c7:7f:b1:d5:84:87:a0:93:14:ca:52:
df:88:ff:1e:b2:10:c7:aa:57:9b:d7:60:a7:5d:f1:
d7:30:20:4b:5e:5e:cc:ec:51:64:70:3c:ef:a7:f6:
65:02:71:f7:d3:4d:d3:31:01:69:2a:37:75:a1:b3:
48:4e:c7:f6:74:84:bc:d6:2e:e2:33:10:2a:5c:52:
75:4f:f0:99:50:42:6a:40:1f:f9:99:d4:70:fd:20:
9e:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:7D:8F:0E:F8:EC:9D:08:CF:F7:00:5D:03:6D:16:F9:9C:46:C1:0E
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/4F39A84825D711F19D8877EDDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.214.198.0/24
154.214.213.0/24
154.214.215.0/24
Signature Algorithm: sha256WithRSAEncryption
c6:9f:6e:9e:b1:a7:3c:7e:a1:88:dc:12:3e:03:be:f2:36:8a:
a6:5d:df:9b:80:7e:4a:21:ca:59:69:ed:04:78:27:08:3e:42:
89:ca:99:46:ba:3b:e2:db:45:31:f1:69:2a:ad:30:36:50:31:
56:fb:c8:d5:c6:2a:4e:87:76:f2:07:44:08:f6:a7:da:29:08:
e5:a5:a7:cf:8c:c4:e6:a8:59:7a:a8:68:74:40:24:a3:9b:07:
6c:9c:8f:d3:07:6b:e6:28:37:67:0c:ba:c5:04:ad:ac:05:3b:
c7:a0:4e:8e:28:8d:30:87:35:d7:bb:82:1e:85:bf:42:e3:d7:
1a:aa:8b:a4:43:39:95:e0:a8:1b:1f:8b:94:b9:6f:de:64:f1:
06:c5:7b:b9:c3:6a:88:a1:c8:64:a3:81:49:2a:15:84:d0:04:
34:d6:1c:41:5f:67:87:5d:ab:cd:f0:6d:6d:eb:71:25:39:ef:
01:81:dd:41:dc:8d:01:3f:0d:c3:d0:fd:38:a6:0d:1a:25:07:
0e:c6:4b:27:48:79:8e:09:71:3a:8a:05:4c:49:97:8a:d1:e6:
86:14:9b:cb:b9:b8:27:dc:d2:61:14:b4:2b:e6:b2:5f:84:61:
31:44:c6:03:89:c5:0b:10:07:04:0c:00:ec:7c:d3:18:94:41:
e5:92:32:a4
-----BEGIN CERTIFICATE-----
MIIFkDCCBHigAwIBAgIDAcBSMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjYwMzIyMTAxMDA2WhcNMjcwODAxMTAxMDA2WjAYMRYw
FAYDVQQDEw02OWJmYzAwMy00ZDMzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAvkkZUGSybCZa3f0O+husZ00ehkXeDx2ov5dbyBHUSKtwEuiMe1mJzCTw
5esjLbYPeGPnGfE32XMgpWEqBVF4lgS/97fWgqxUYJlVloQiWcsviA4CCn5pBXUp
h9xKBiPZG3bhAr6vKV063l4Io149hQyNpjbJVntg4VweA41L05Z6QKU+uIXmezAy
mlfGRvIZE1FuWBJxRy4pyDPnt6LKJeQO8l9AKecYx3+x1YSHoJMUylLfiP8eshDH
qleb12CnXfHXMCBLXl7M7FFkcDzvp/ZlAnH3003TMQFpKjd1obNITsf2dIS81i7i
MxAqXFJ1T/CZUEJqQB/5mdRw/SCe3wIDAQABo4ICsTCCAq0wHQYDVR0OBBYEFCR9
jw747J0Iz/cAXQNtFvmcRsEOMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC80RjM5QTg0ODI1RDcxMUYxOUQ4ODc3RUREQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAmtbGAwQAmtbVAwQAmtbX
MA0GCSqGSIb3DQEBCwUAA4IBAQDGn26esac8fqGI3BI+A77yNoqmXd+bgH5KIcpZ
ae0EeCcIPkKJyplGujvi20Ux8WkqrTA2UDFW+8jVxipOh3byB0QI9qfaKQjlpafP
jMTmqFl6qGh0QCSjmwdsnI/TB2vmKDdnDLrFBK2sBTvHoE6OKI0whzXXu4Iehb9C
49caqoukQzmV4KgbH4uUuW/eZPEGxXu5w2qIochko4FJKhWE0AQ01hxBX2eHXavN
8G1t63ElOe8Bgd1B3I0BPw3D0P04pg0aJQcOxksnSHmOCXE6igVMSZeK0eaGFJvL
ubgn3NJhFLQr5rJfhGExRMYDicULEAcEDADsfNMYlEHlkjKk
-----END CERTIFICATE-----
Generated at Tue Mar 24 16:14:50 2026 by rpki-client