Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/6BBC3EFC191311F1B6C79AABDAE4EC9C.roa
File: 6BBC3EFC191311F1B6C79AABDAE4EC9C.roa (raw, json)
Hash identifier: ikRqkYEw+SA9VnUDVxvGvuzE7A9q7ywZ7jY9ICz3Ors=
Subject key identifier: 3D:44:7A:F3:23:FE:15:0E:BC:D8:8A:0C:BE:C2:E4:AC:48:AC:7C:52
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01BDE1
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/6BBC3EFC191311F1B6C79AABDAE4EC9C.roa
Signing time: Fri 06 Mar 2026 04:17:43 +0000
ROA not before: Fri 06 Mar 2026 04:17:39 +0000
ROA not after: Mon 13 Apr 2026 04:17:39 +0000
asID: 17497
IP address blocks: 154.217.232.0/23 maxlen: 24
154.222.128.0/22 maxlen: 24
154.222.140.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 14 Mar 2026 00:06:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 114145 (0x1bde1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Mar 6 04:17:39 2026 GMT
Not After : Apr 13 04:17:39 2026 GMT
Subject: CN=69aa5567-3fdc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:be:57:b0:32:04:78:d4:2d:6e:54:ba:a1:0b:
41:16:c6:7b:ce:34:1e:ac:24:f4:28:d1:ae:d3:0b:
48:84:a7:e6:dd:6c:8f:ce:09:b9:26:fe:3d:11:ea:
3d:08:cf:7c:a4:c9:d4:27:3c:49:01:de:84:ac:e5:
67:89:0a:1a:56:f7:d9:46:2c:09:92:b3:4c:51:3a:
8c:0f:35:3f:ca:37:40:85:51:cf:f7:6b:40:79:b8:
93:65:77:fe:b4:07:47:76:60:b8:00:e5:8c:3d:ee:
6d:eb:3a:26:6b:b2:14:4e:18:b9:0f:90:97:1f:c0:
9c:5a:db:97:79:d0:71:bb:9b:ef:5f:7d:3e:a1:8a:
1b:74:f2:0d:03:23:60:8f:d0:89:fb:97:ef:2f:8a:
a1:76:d1:88:93:e5:02:87:4a:87:da:2e:46:8f:e0:
2b:fc:0c:1e:ff:1a:29:64:fd:55:51:55:4d:db:00:
4a:dd:d7:74:51:d1:aa:32:45:48:e7:26:d3:83:17:
67:d3:b9:eb:4d:f2:77:95:9a:61:28:07:46:ba:dd:
8a:41:5e:4e:94:85:5b:2e:4b:a6:1a:c4:cf:14:37:
a4:2d:da:70:f8:65:d4:fd:12:60:58:bb:d3:ae:54:
65:11:c9:92:1d:d5:90:70:11:78:18:6f:50:8b:79:
17:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:44:7A:F3:23:FE:15:0E:BC:D8:8A:0C:BE:C2:E4:AC:48:AC:7C:52
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/6BBC3EFC191311F1B6C79AABDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.217.232.0/23
154.222.128.0/22
154.222.140.0/22
Signature Algorithm: sha256WithRSAEncryption
15:2d:da:3e:79:39:09:f6:2b:4f:be:02:1d:43:cf:e8:ad:eb:
a7:e7:79:9f:ee:19:63:1a:f1:12:90:83:75:ae:b5:ce:6b:11:
62:78:c7:a0:7f:59:99:af:7b:71:53:87:d1:6b:e6:1c:4b:d0:
78:56:80:80:db:cf:91:3a:ba:fa:c4:17:fe:46:48:35:75:df:
6b:f3:c7:98:14:6c:e4:39:74:51:2f:ee:d5:b1:6a:ec:1a:09:
83:db:36:a0:6b:e0:2f:46:d4:63:8c:e0:83:40:67:f2:96:18:
2e:5c:1e:6d:4a:b8:2b:72:6b:ed:1e:4a:3b:1f:28:85:82:00:
58:30:d7:78:78:96:98:d3:36:6a:89:fc:36:c5:f3:0b:e0:1a:
a3:e8:d2:9e:e8:d7:1c:56:74:83:22:41:7f:09:a3:8a:48:b9:
01:2b:c9:29:56:e7:c4:6f:59:66:d5:90:f4:87:f8:6b:e7:7b:
a9:2e:28:a9:06:ae:99:a6:26:76:2f:bb:93:d7:8c:20:39:21:
2c:df:58:ef:64:c7:f0:4b:52:ab:1e:bc:34:68:80:44:a5:c2:
b6:c3:2b:c7:81:c2:05:ed:76:79:7c:24:11:0b:1d:3c:a3:a0:
a8:77:d1:bc:4f:b9:bc:9b:22:e2:53:d0:50:3a:25:6e:03:8c:
a1:9f:97:5b
-----BEGIN CERTIFICATE-----
MIIFkDCCBHigAwIBAgIDAb3hMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjYwMzA2MDQxNzM5WhcNMjYwNDEzMDQxNzM5WjAYMRYw
FAYDVQQDEw02OWFhNTU2Ny0zZmRjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAq75XsDIEeNQtblS6oQtBFsZ7zjQerCT0KNGu0wtIhKfm3WyPzgm5Jv49
Eeo9CM98pMnUJzxJAd6ErOVniQoaVvfZRiwJkrNMUTqMDzU/yjdAhVHP92tAebiT
ZXf+tAdHdmC4AOWMPe5t6zoma7IUThi5D5CXH8CcWtuXedBxu5vvX30+oYobdPIN
AyNgj9CJ+5fvL4qhdtGIk+UCh0qH2i5Gj+Ar/Awe/xopZP1VUVVN2wBK3dd0UdGq
MkVI5ybTgxdn07nrTfJ3lZphKAdGut2KQV5OlIVbLkumGsTPFDekLdpw+GXU/RJg
WLvTrlRlEcmSHdWQcBF4GG9Qi3kXwQIDAQABo4ICsTCCAq0wHQYDVR0OBBYEFD1E
evMj/hUOvNiKDL7C5KxIrHxSMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC82QkJDM0VGQzE5MTMxMUYxQjZDNzlBQUJEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBmtnoAwQCmt6AAwQCmt6M
MA0GCSqGSIb3DQEBCwUAA4IBAQAVLdo+eTkJ9itPvgIdQ8/oreun53mf7hljGvES
kIN1rrXOaxFieMegf1mZr3txU4fRa+YcS9B4VoCA28+ROrr6xBf+Rkg1dd9r88eY
FGzkOXRRL+7VsWrsGgmD2zaga+AvRtRjjOCDQGfylhguXB5tSrgrcmvtHko7HyiF
ggBYMNd4eJaY0zZqifw2xfML4Bqj6NKe6NccVnSDIkF/CaOKSLkBK8kpVufEb1lm
1ZD0h/hr53upLiipBq6ZpiZ2L7uT14wgOSEs31jvZMfwS1KrHrw0aIBEpcK2wyvH
gcIF7XZ5fCQRCx08o6Cod9G8T7m8myLiU9BQOiVuA4yhn5db
-----END CERTIFICATE-----
Generated at Thu Mar 12 09:28:19 2026 by rpki-client