Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/5DFDAEF0170F11F185A52DBEDAE4EC9C.roa
File: 5DFDAEF0170F11F185A52DBEDAE4EC9C.roa (raw, json)
Hash identifier: NhDqa9H6FtCW3p9UPE4eS9BhFMI+FjkcrbnXUGJi6mw=
Subject key identifier: 1A:1C:73:90:7C:E9:78:F8:1D:1B:9A:42:AE:C2:D3:81:78:E7:50:85
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01BD40
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/5DFDAEF0170F11F185A52DBEDAE4EC9C.roa
Signing time: Tue 03 Mar 2026 14:43:39 +0000
ROA not before: Tue 03 Mar 2026 14:43:35 +0000
ROA not after: Fri 10 Apr 2026 14:43:35 +0000
asID: 395886
IP address blocks: 154.94.224.0/20 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Wed 25 Mar 2026 10:47:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 113984 (0x1bd40)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Mar 3 14:43:35 2026 GMT
Not After : Apr 10 14:43:35 2026 GMT
Subject: CN=69a6f39b-68df
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:e9:0b:99:9d:48:0a:43:c0:27:2c:7e:99:cb:
4f:ab:f4:08:93:84:3f:7e:52:d6:ae:4b:2a:c2:48:
33:db:cf:17:70:73:05:4b:ad:4f:03:5d:48:b3:fa:
05:cc:94:b5:79:57:73:b8:08:7a:f3:63:2a:6e:d6:
aa:a8:86:da:14:fc:03:70:bb:9e:76:0f:64:46:69:
61:bc:db:91:69:a3:3b:e9:88:bf:05:25:06:86:5e:
84:dc:0d:25:93:c6:61:ae:3c:cc:6c:b9:21:5b:b6:
18:c8:c5:b0:28:10:24:ea:67:6c:10:64:35:8d:aa:
26:e6:d2:4f:95:c1:bc:72:54:9f:91:23:e1:2d:bb:
81:52:87:5a:74:8c:53:22:62:e4:dd:d0:fb:e9:07:
ff:e2:b0:d8:56:40:95:60:b6:3a:82:a9:76:48:d2:
a1:c3:e3:a9:73:2b:21:d5:42:e0:31:62:c9:6f:e0:
d9:24:8f:bf:0b:f1:17:60:b5:ae:23:6d:a4:c6:2e:
4d:9c:c2:ca:97:a8:be:9e:e3:98:51:4c:87:aa:11:
39:b2:38:11:07:19:2a:6c:8d:43:27:63:eb:7e:b8:
a0:66:b1:c6:4a:ed:0f:f5:55:7c:2e:e7:27:ee:2e:
89:b9:41:88:10:29:d3:15:b4:c8:f9:08:87:e6:6f:
12:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:1C:73:90:7C:E9:78:F8:1D:1B:9A:42:AE:C2:D3:81:78:E7:50:85
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/5DFDAEF0170F11F185A52DBEDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.94.224.0/20
Signature Algorithm: sha256WithRSAEncryption
2a:d3:cd:39:e7:31:f8:ef:fd:6e:d5:ce:eb:a4:76:d6:d9:57:
ae:45:01:6d:85:0f:05:df:c7:11:ce:58:91:38:45:74:d0:38:
62:ed:ea:98:d9:de:f4:21:5e:15:1a:52:b9:dc:72:cc:71:6c:
be:a3:ec:d6:c4:a7:2b:15:da:9e:14:96:35:87:e0:96:0f:2f:
8c:26:5d:83:54:c8:1b:47:84:fc:6d:f7:a1:20:75:cb:f7:a0:
d2:d0:99:fa:ca:48:ac:90:6d:fc:54:09:e7:96:65:fe:a4:e8:
94:bf:38:08:57:4b:79:46:93:24:57:67:b9:c3:96:1c:ec:cb:
20:20:ae:a4:1f:73:1f:8a:31:da:2b:e0:60:e8:e5:fe:ba:33:
60:bc:63:92:e0:15:4d:a2:33:e2:12:47:c7:9a:71:6b:d9:bd:
15:d6:31:8f:b5:1c:0b:72:e2:86:5a:34:9c:d0:16:76:0d:57:
48:cb:bf:c2:9f:23:6e:3a:f9:b9:4c:d2:63:bf:b6:aa:df:ba:
56:6b:fd:8c:65:71:23:da:cb:c8:2c:6c:85:3a:ed:45:55:47:
28:97:56:34:8f:1b:81:7f:05:0c:23:83:d6:8d:7a:22:5a:36:
7b:19:8c:35:cc:9e:71:dd:32:18:6a:fe:2d:1f:22:22:8b:fe:
ee:fe:c1:1a
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAb1AMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjYwMzAzMTQ0MzM1WhcNMjYwNDEwMTQ0MzM1WjAYMRYw
FAYDVQQDEw02OWE2ZjM5Yi02OGRmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAwekLmZ1ICkPAJyx+mctPq/QIk4Q/flLWrksqwkgz288XcHMFS61PA11I
s/oFzJS1eVdzuAh682MqbtaqqIbaFPwDcLuedg9kRmlhvNuRaaM76Yi/BSUGhl6E
3A0lk8ZhrjzMbLkhW7YYyMWwKBAk6mdsEGQ1jaom5tJPlcG8clSfkSPhLbuBUoda
dIxTImLk3dD76Qf/4rDYVkCVYLY6gql2SNKhw+Opcysh1ULgMWLJb+DZJI+/C/EX
YLWuI22kxi5NnMLKl6i+nuOYUUyHqhE5sjgRBxkqbI1DJ2PrfrigZrHGSu0P9VV8
Lucn7i6JuUGIECnTFbTI+QiH5m8S+QIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFBoc
c5B86Xj4HRuaQq7C04F451CFMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC81REZEQUVGMDE3MEYxMUYxODVBNTJEQkVEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEml7gMA0GCSqGSIb3DQEB
CwUAA4IBAQAq08055zH47/1u1c7rpHbW2VeuRQFthQ8F38cRzliROEV00Dhi7eqY
2d70IV4VGlK53HLMcWy+o+zWxKcrFdqeFJY1h+CWDy+MJl2DVMgbR4T8bfehIHXL
96DS0Jn6ykiskG38VAnnlmX+pOiUvzgIV0t5RpMkV2e5w5Yc7MsgIK6kH3MfijHa
K+Bg6OX+ujNgvGOS4BVNojPiEkfHmnFr2b0V1jGPtRwLcuKGWjSc0BZ2DVdIy7/C
nyNuOvm5TNJjv7aq37pWa/2MZXEj2svILGyFOu1FVUcol1Y0jxuBfwUMI4PWjXoi
WjZ7GYw1zJ5x3TIYav4tHyIii/7u/sEa
-----END CERTIFICATE-----
Generated at Mon Mar 23 20:17:49 2026 by rpki-client