Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/6AB035B41D2211F1943973A9DAE4EC9C.roa
File: 6AB035B41D2211F1943973A9DAE4EC9C.roa (raw, json)
Hash identifier: 5k3jOHE19j9A1PFW7YpT8nOCYKRj8MVTlfU7DX232tk=
Subject key identifier: 8F:54:81:AB:92:D0:6B:10:D3:EE:9F:2F:46:23:51:E8:BB:A3:96:DC
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01BEE5
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/6AB035B41D2211F1943973A9DAE4EC9C.roa
Signing time: Wed 11 Mar 2026 08:15:09 +0000
ROA not before: Wed 11 Mar 2026 08:15:03 +0000
ROA not after: Sat 18 Apr 2026 08:15:03 +0000
asID: 8796
IP address blocks: 154.200.128.0/24 maxlen: 24
154.200.132.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Thu 26 Mar 2026 08:06:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 114405 (0x1bee5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Mar 11 08:15:03 2026 GMT
Not After : Apr 18 08:15:03 2026 GMT
Subject: CN=69b1248c-2dd2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:d0:29:2f:7f:6f:05:cb:19:e7:e6:76:88:66:
1d:e4:e9:b6:66:23:c1:ce:4f:bc:fa:45:ab:17:08:
fd:36:cb:ba:d4:8b:03:a8:68:1b:ce:1c:cd:41:81:
ab:cb:0e:9d:9f:d0:7d:e1:57:54:50:aa:fb:64:a0:
2f:cc:2e:d7:38:64:6b:b9:b4:67:e4:d6:87:cf:2f:
db:8e:a8:da:50:f5:93:4b:bc:63:2c:21:71:e3:ca:
3e:87:92:24:26:10:7d:2d:5d:b8:02:8c:55:7b:89:
d8:36:9c:75:f5:ba:6e:fa:e5:4e:78:ab:bd:38:4d:
f0:a9:5c:48:0f:74:e5:4e:21:4d:6a:92:3e:8d:eb:
60:70:bc:00:e2:70:e9:3f:e2:69:d5:44:16:de:8d:
ef:d4:7b:f7:6d:24:b0:9a:3d:2f:06:c2:04:f8:80:
df:65:48:98:bb:b6:03:9d:cf:95:84:a1:1a:c1:f9:
29:13:f4:68:01:9c:f4:ee:e5:3f:cf:84:4e:1a:68:
99:04:b4:25:d1:f2:79:32:f0:d8:4a:4c:98:6f:9e:
e3:98:c3:13:93:47:ed:59:f5:aa:e5:7c:0e:d6:13:
e0:a1:16:20:11:15:af:1f:7c:72:1d:44:41:cf:53:
c6:c8:4d:e7:96:c6:84:df:a3:98:93:f5:eb:23:28:
45:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:54:81:AB:92:D0:6B:10:D3:EE:9F:2F:46:23:51:E8:BB:A3:96:DC
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/6AB035B41D2211F1943973A9DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.200.128.0/24
154.200.132.0/24
Signature Algorithm: sha256WithRSAEncryption
5b:df:cf:61:1e:6c:95:1a:e0:28:6f:f9:03:41:c5:76:e6:8f:
8f:30:cb:97:53:99:f4:78:7a:c7:5d:a0:57:8a:07:18:44:5a:
0a:db:cc:ed:6f:bb:e9:7b:c3:01:f6:c6:c0:59:d6:70:eb:09:
3e:ae:31:35:d4:70:73:09:cf:1a:6f:8b:02:37:6e:7a:f3:9a:
36:32:2b:65:04:c3:55:5e:7c:79:a3:43:53:31:87:0b:ae:30:
68:34:79:75:64:db:6a:31:f5:d2:ca:f3:fc:28:5d:ff:7e:50:
2e:4a:a1:05:55:d8:da:34:54:3f:20:18:f0:a5:7b:41:5f:96:
2c:6d:b7:dd:f3:35:28:94:40:5b:0e:e2:f3:70:9b:93:f2:8c:
d3:54:6c:f1:2e:de:19:3e:11:fb:35:66:85:fd:3b:4a:35:47:
c7:b5:81:d7:aa:1b:54:40:a3:da:e3:6f:b5:93:16:85:ab:a0:
43:22:c0:5d:04:db:52:84:02:d9:1f:db:c6:d8:f7:8f:71:17:
17:3a:a2:f4:f8:04:b6:03:ef:23:29:c1:0e:a1:e8:32:56:e9:
0b:5f:c8:f5:e0:6b:5a:ab:30:6f:31:ff:3d:20:ff:15:d8:43:
2d:53:50:fd:00:52:68:90:d0:f4:ea:09:61:84:e5:8c:84:7a:
47:aa:46:bf
-----BEGIN CERTIFICATE-----
MIIFijCCBHKgAwIBAgIDAb7lMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjYwMzExMDgxNTAzWhcNMjYwNDE4MDgxNTAzWjAYMRYw
FAYDVQQDEw02OWIxMjQ4Yy0yZGQyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAq9ApL39vBcsZ5+Z2iGYd5Om2ZiPBzk+8+kWrFwj9Nsu61IsDqGgbzhzN
QYGryw6dn9B94VdUUKr7ZKAvzC7XOGRrubRn5NaHzy/bjqjaUPWTS7xjLCFx48o+
h5IkJhB9LV24AoxVe4nYNpx19bpu+uVOeKu9OE3wqVxID3TlTiFNapI+jetgcLwA
4nDpP+Jp1UQW3o3v1Hv3bSSwmj0vBsIE+IDfZUiYu7YDnc+VhKEawfkpE/RoAZz0
7uU/z4ROGmiZBLQl0fJ5MvDYSkyYb57jmMMTk0ftWfWq5XwO1hPgoRYgERWvH3xy
HURBz1PGyE3nlsaE36OYk/XrIyhFLwIDAQABo4ICqzCCAqcwHQYDVR0OBBYEFI9U
gauS0GsQ0+6fL0YjUei7o5bcMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC82QUIwMzVCNDFEMjIxMUYxOTQzOTczQTlEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAmsiAAwQAmsiEMA0GCSqG
SIb3DQEBCwUAA4IBAQBb389hHmyVGuAob/kDQcV25o+PMMuXU5n0eHrHXaBXigcY
RFoK28ztb7vpe8MB9sbAWdZw6wk+rjE11HBzCc8ab4sCN25685o2MitlBMNVXnx5
o0NTMYcLrjBoNHl1ZNtqMfXSyvP8KF3/flAuSqEFVdjaNFQ/IBjwpXtBX5Ysbbfd
8zUolEBbDuLzcJuT8ozTVGzxLt4ZPhH7NWaF/TtKNUfHtYHXqhtUQKPa42+1kxaF
q6BDIsBdBNtShALZH9vG2PePcRcXOqL0+AS2A+8jKcEOoegyVukLX8j14GtaqzBv
Mf89IP8V2EMtU1D9AFJokND06glhhOWMhHpHqka/
-----END CERTIFICATE-----
Generated at Tue Mar 24 16:14:24 2026 by rpki-client