Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/616C800020E911F185547DB0DAE4EC9C.roa
File: 616C800020E911F185547DB0DAE4EC9C.roa (raw, json)
Hash identifier: /h+G/PGonVrNgla6czeYWGYYM9TtFGJcHam84C8SC6Y=
Subject key identifier: 8C:82:22:0B:0C:82:BE:6B:5A:7D:7D:E4:A4:A0:02:D4:F4:A7:17:C1
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01BF7F
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/616C800020E911F185547DB0DAE4EC9C.roa
Signing time: Mon 16 Mar 2026 03:36:56 +0000
ROA not before: Mon 16 Mar 2026 03:36:51 +0000
ROA not after: Thu 16 Apr 2026 03:36:51 +0000
asID: 17497
IP address blocks: 154.217.192.0/20 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Thu 26 Mar 2026 08:06:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 114559 (0x1bf7f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Mar 16 03:36:51 2026 GMT
Not After : Apr 16 03:36:51 2026 GMT
Subject: CN=69b77ad8-83e1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:52:e2:a9:f2:0c:34:05:6c:de:b5:df:6e:e2:
22:f2:37:52:c8:c2:ae:bb:09:5f:52:61:4e:4e:58:
ba:4c:2a:e0:ed:2c:b0:d5:ad:0c:d8:b3:f8:d1:99:
69:6e:e2:20:80:2e:e2:6e:66:09:67:1e:18:03:2d:
93:8b:ab:3e:a9:4d:08:c9:e6:65:f8:23:56:dd:08:
c4:71:fa:47:46:e0:c9:79:fa:44:a6:40:d9:f1:ac:
ab:5b:9e:8c:71:da:7f:72:c4:68:16:51:cc:67:79:
75:1a:ef:64:01:e9:57:b8:2f:e8:95:c7:d6:40:ab:
eb:29:96:7f:45:df:51:8e:18:6a:8e:72:4f:00:2a:
c1:3b:37:31:34:43:91:f6:98:a9:ed:7c:1e:c4:ef:
3c:af:91:72:ac:6d:ad:38:86:59:c0:2f:f0:89:33:
62:8f:e7:27:dd:29:e5:35:0a:ae:fb:99:92:0e:57:
c6:0e:e2:90:3b:f0:b7:63:11:8f:93:8c:9f:73:62:
3a:36:f3:65:47:69:1b:54:3c:1a:d4:88:b9:72:ec:
1d:d3:c6:dc:75:8e:73:a4:bd:b9:33:04:38:9e:52:
1d:cf:60:be:6a:64:da:1d:1a:70:94:7d:7a:d1:66:
79:c7:e5:9e:5e:f9:bc:9e:d7:b2:43:c2:54:8b:1a:
7b:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:82:22:0B:0C:82:BE:6B:5A:7D:7D:E4:A4:A0:02:D4:F4:A7:17:C1
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/616C800020E911F185547DB0DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.217.192.0/20
Signature Algorithm: sha256WithRSAEncryption
b2:45:08:ec:07:7b:3e:bf:7f:79:f1:b2:4b:ec:ac:90:9b:6a:
7c:64:2a:47:4e:8b:f8:88:60:8b:f4:fe:8b:51:c0:1e:07:f7:
18:fd:4e:5e:70:24:0b:8b:00:42:4b:e5:f4:0d:98:a1:3e:c6:
40:e5:1a:25:e7:16:e3:90:75:b7:70:9c:9c:af:f0:4b:8b:0b:
12:11:6c:3b:4a:d1:62:a1:38:dc:bf:57:45:c8:9d:8a:f6:d1:
7c:d6:56:b1:35:2f:dd:22:40:42:f6:01:5c:78:b3:5b:e9:4b:
fd:3c:eb:8d:5e:f4:9a:7f:79:7f:85:a6:ab:69:03:ac:5c:c9:
a6:d5:8f:37:e2:0f:34:78:20:2e:ce:0a:e9:43:7c:e3:58:f6:
16:b4:a2:2d:26:61:72:bf:0c:f4:1f:89:77:fb:db:00:e7:77:
a1:ed:ac:3a:38:11:00:03:36:e1:90:a7:7d:c4:ec:a4:d6:a1:
8f:d5:4a:93:38:d0:61:03:9e:a8:69:5a:56:5e:a7:62:9e:56:
3f:4c:05:f7:77:55:1e:78:4a:47:87:5a:f4:4e:89:ed:25:c5:
30:46:d5:53:a3:4e:97:61:11:59:12:6f:60:5f:de:6c:77:12:
6e:86:da:26:ab:1e:d2:2e:69:1d:a4:6f:a9:ba:24:b0:3d:a6:
bd:94:bd:67
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAb9/MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjYwMzE2MDMzNjUxWhcNMjYwNDE2MDMzNjUxWjAYMRYw
FAYDVQQDEw02OWI3N2FkOC04M2UxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA51LiqfIMNAVs3rXfbuIi8jdSyMKuuwlfUmFOTli6TCrg7Syw1a0M2LP4
0ZlpbuIggC7ibmYJZx4YAy2Ti6s+qU0IyeZl+CNW3QjEcfpHRuDJefpEpkDZ8ayr
W56Mcdp/csRoFlHMZ3l1Gu9kAelXuC/olcfWQKvrKZZ/Rd9RjhhqjnJPACrBOzcx
NEOR9pip7XwexO88r5FyrG2tOIZZwC/wiTNij+cn3SnlNQqu+5mSDlfGDuKQO/C3
YxGPk4yfc2I6NvNlR2kbVDwa1Ii5cuwd08bcdY5zpL25MwQ4nlIdz2C+amTaHRpw
lH160WZ5x+WeXvm8nteyQ8JUixp7wwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFIyC
IgsMgr5rWn195KSgAtT0pxfBMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC82MTZDODAwMDIwRTkxMUYxODU1NDdEQjBEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEmtnAMA0GCSqGSIb3DQEB
CwUAA4IBAQCyRQjsB3s+v3958bJL7KyQm2p8ZCpHTov4iGCL9P6LUcAeB/cY/U5e
cCQLiwBCS+X0DZihPsZA5Rol5xbjkHW3cJycr/BLiwsSEWw7StFioTjcv1dFyJ2K
9tF81laxNS/dIkBC9gFceLNb6Uv9POuNXvSaf3l/haaraQOsXMmm1Y834g80eCAu
zgrpQ3zjWPYWtKItJmFyvwz0H4l3+9sA53eh7aw6OBEAAzbhkKd9xOyk1qGP1UqT
ONBhA56oaVpWXqdinlY/TAX3d1UeeEpHh1r0TontJcUwRtVTo06XYRFZEm9gX95s
dxJuhtomqx7SLmkdpG+puiSwPaa9lL1n
-----END CERTIFICATE-----
Generated at Tue Mar 24 16:15:45 2026 by rpki-client