Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/688A00881D3311F189C85C8ADAE4EC9C.roa
File: 688A00881D3311F189C85C8ADAE4EC9C.roa (raw, json)
Hash identifier: RVcI0zUxOY1R0M43bcgAZRoViIETYO3BrXM+DbNpqDE=
Subject key identifier: 68:2F:A4:21:32:CF:F5:D3:B0:6D:A1:9E:8B:9A:D7:28:39:91:65:CF
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01BEEF
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/688A00881D3311F189C85C8ADAE4EC9C.roa
Signing time: Wed 11 Mar 2026 10:16:46 +0000
ROA not before: Wed 11 Mar 2026 10:16:41 +0000
ROA not after: Sun 11 Mar 2029 10:16:41 +0000
asID: 17561
IP address blocks: 154.199.14.0/24 maxlen: 24
154.199.15.0/24 maxlen: 24
154.213.160.0/24 maxlen: 24
154.213.161.0/24 maxlen: 24
154.213.162.0/24 maxlen: 24
154.213.163.0/24 maxlen: 24
154.213.164.0/24 maxlen: 24
154.213.165.0/24 maxlen: 24
154.213.166.0/24 maxlen: 24
154.213.167.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Thu 26 Mar 2026 08:06:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 114415 (0x1beef)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Mar 11 10:16:41 2026 GMT
Not After : Mar 11 10:16:41 2029 GMT
Subject: CN=69b1410e-4059
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:f2:19:bb:54:7b:00:cb:10:b7:ef:2c:fe:72:
66:eb:b5:ec:b9:28:a8:5e:e2:d8:94:54:7a:4e:03:
76:5a:f2:ab:ed:68:89:e7:e2:15:f4:3c:19:2a:9d:
a4:5e:a7:83:02:47:ab:1a:de:e8:8c:65:4c:6a:a8:
4e:3d:8a:e1:7a:29:92:86:97:db:d3:53:98:2c:d7:
a5:a1:c9:39:06:ff:94:08:04:db:5b:5e:c2:11:98:
dc:02:a4:21:a4:83:bd:a9:2c:d4:1e:62:50:ab:1f:
7d:b7:40:b3:45:39:f1:54:be:e5:e8:d7:fb:92:44:
5e:cd:fe:d1:2a:c6:a6:4c:d1:f6:fb:2c:0d:4d:90:
35:64:32:08:e7:30:6b:c9:10:ff:81:78:0e:95:75:
84:53:36:2a:e5:0c:5b:31:1a:e3:3c:83:54:04:db:
6e:58:f8:42:93:22:59:98:ce:2f:cb:02:64:14:29:
22:ab:97:13:b2:7a:96:e2:cf:b8:a6:bb:ff:95:52:
e5:17:84:cc:0f:6b:78:93:58:f4:ed:9c:a0:95:db:
2b:12:8a:a7:b0:58:b2:1e:a5:d1:43:e3:8c:db:b3:
3f:68:2e:b9:08:7b:95:b1:2b:e2:7f:c7:24:b5:65:
61:2d:64:71:7f:a4:ae:5e:5b:c1:a5:bf:74:2f:8c:
d2:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:2F:A4:21:32:CF:F5:D3:B0:6D:A1:9E:8B:9A:D7:28:39:91:65:CF
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/688A00881D3311F189C85C8ADAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.199.14.0/23
154.213.160.0/21
Signature Algorithm: sha256WithRSAEncryption
9b:30:b3:34:7b:2c:95:6b:97:20:2a:92:80:40:58:98:1b:19:
37:3e:a6:f3:06:31:48:42:c4:37:9d:8e:6e:40:31:89:da:4c:
b5:a2:bc:51:13:7e:6e:f5:e9:7c:b2:c9:12:ef:18:1a:03:77:
50:b1:c6:1a:db:bf:9c:aa:72:e4:41:db:ae:1f:9e:10:05:3e:
df:2e:c6:cd:69:3c:99:a2:8a:42:0c:9e:fa:7c:3f:25:24:05:
c0:e3:86:08:6d:ea:2d:9d:7a:a8:ea:f9:d2:6c:ec:50:88:e6:
9a:9a:47:ad:9c:e1:51:f4:3c:01:08:f7:ca:43:c8:eb:b9:a7:
c8:db:e0:dc:c9:00:00:3f:ad:f8:e8:6e:c6:29:7c:02:fa:b9:
aa:7c:c6:cd:78:ac:76:88:6e:ff:c6:fe:a6:b1:1f:b1:0e:7b:
ab:28:41:59:ab:5e:6b:c1:0a:2d:aa:51:bd:de:31:77:38:5d:
c3:91:09:18:bd:ca:1c:74:2b:09:07:5e:7d:7d:7e:9e:3c:b3:
7f:60:65:97:ca:45:39:b0:0d:12:5a:6c:d1:fb:4e:3f:d6:87:
27:c8:4e:83:a1:85:71:12:cb:f9:01:8e:32:61:f3:be:6c:41:
66:85:ce:a3:e2:16:f0:c6:4c:f7:de:fc:bd:b3:fc:31:98:0e:
9b:5a:97:66
-----BEGIN CERTIFICATE-----
MIIFijCCBHKgAwIBAgIDAb7vMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjYwMzExMTAxNjQxWhcNMjkwMzExMTAxNjQxWjAYMRYw
FAYDVQQDEw02OWIxNDEwZS00MDU5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAlPIZu1R7AMsQt+8s/nJm67XsuSioXuLYlFR6TgN2WvKr7WiJ5+IV9DwZ
Kp2kXqeDAkerGt7ojGVMaqhOPYrheimShpfb01OYLNelock5Bv+UCATbW17CEZjc
AqQhpIO9qSzUHmJQqx99t0CzRTnxVL7l6Nf7kkRezf7RKsamTNH2+ywNTZA1ZDII
5zBryRD/gXgOlXWEUzYq5QxbMRrjPINUBNtuWPhCkyJZmM4vywJkFCkiq5cTsnqW
4s+4prv/lVLlF4TMD2t4k1j07ZygldsrEoqnsFiyHqXRQ+OM27M/aC65CHuVsSvi
f8cktWVhLWRxf6SuXlvBpb90L4zSIQIDAQABo4ICqzCCAqcwHQYDVR0OBBYEFGgv
pCEyz/XTsG2hnoua1yg5kWXPMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC82ODhBMDA4ODFEMzMxMUYxODlDODVDOEFEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBmscOAwQDmtWgMA0GCSqG
SIb3DQEBCwUAA4IBAQCbMLM0eyyVa5cgKpKAQFiYGxk3PqbzBjFIQsQ3nY5uQDGJ
2ky1orxRE35u9el8sskS7xgaA3dQscYa27+cqnLkQduuH54QBT7fLsbNaTyZoopC
DJ76fD8lJAXA44YIbeotnXqo6vnSbOxQiOaamketnOFR9DwBCPfKQ8jruafI2+Dc
yQAAP6346G7GKXwC+rmqfMbNeKx2iG7/xv6msR+xDnurKEFZq15rwQotqlG93jF3
OF3DkQkYvcocdCsJB159fX6ePLN/YGWXykU5sA0SWmzR+04/1ocnyE6DoYVxEsv5
AY4yYfO+bEFmhc6j4hbwxkz33vy9s/wxmA6bWpdm
-----END CERTIFICATE-----
Generated at Tue Mar 24 16:19:47 2026 by rpki-client