Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/6CD71A4E268A11F1AAD8DC87DAE4EC9C.roa
File: 6CD71A4E268A11F1AAD8DC87DAE4EC9C.roa (raw, json)
Hash identifier: wuUXA2k8WXusb9tqnD1qBvzcnkqNml6GWHWBr1xo1Lk=
Subject key identifier: 0F:E0:3D:07:A4:83:C3:02:9A:83:31:FA:DF:15:BB:14:DE:E5:F4:ED
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01C065
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/6CD71A4E268A11F1AAD8DC87DAE4EC9C.roa
Signing time: Mon 23 Mar 2026 07:32:20 +0000
ROA not before: Mon 23 Mar 2026 07:32:15 +0000
ROA not after: Fri 17 Apr 2026 07:32:15 +0000
asID: 153671
IP address blocks: 154.81.152.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Thu 26 Mar 2026 08:06:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 114789 (0x1c065)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Mar 23 07:32:15 2026 GMT
Not After : Apr 17 07:32:15 2026 GMT
Subject: CN=69c0ec84-9aa1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:9b:43:dc:10:96:1f:28:54:5d:85:67:2b:d8:
02:cb:10:3f:ee:4f:26:b5:76:39:6e:7b:06:2b:3d:
d8:3e:08:d4:0b:f9:21:7e:e0:1e:4f:10:a3:7a:ee:
d4:2c:11:56:ff:b4:29:a2:a5:79:8e:6d:a0:08:15:
f8:1a:b6:8b:49:98:a5:43:33:4e:da:a8:d9:c6:76:
92:6a:73:31:02:9a:68:ad:6c:61:5f:c5:d4:7a:ab:
6b:31:a3:32:b6:f4:d2:fc:cf:fe:52:42:cc:fe:8b:
22:80:c3:d8:2c:64:0e:76:71:3c:06:84:9f:96:71:
97:ea:db:72:ad:77:e1:c6:86:a3:25:71:1d:47:b5:
e0:3a:6c:e5:91:a0:7c:68:c9:b2:32:06:27:86:c0:
98:c2:77:4c:1f:da:01:8f:54:32:3b:97:ff:c9:de:
36:92:e2:fc:4f:b8:6a:3c:1c:e2:b6:4a:77:91:fb:
fc:e3:0a:04:be:59:ff:d4:10:2b:90:56:c3:40:e0:
bf:42:23:87:20:d7:c6:01:ca:87:fa:47:ba:cc:15:
0b:c7:a1:f6:fd:41:44:f9:e7:06:62:f2:16:20:b5:
6a:54:52:22:0b:f2:df:7e:56:2c:46:c8:3d:4b:7f:
d2:f1:94:38:ec:88:e9:ef:9c:a2:50:b2:52:cd:2c:
f7:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:E0:3D:07:A4:83:C3:02:9A:83:31:FA:DF:15:BB:14:DE:E5:F4:ED
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/6CD71A4E268A11F1AAD8DC87DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.81.152.0/22
Signature Algorithm: sha256WithRSAEncryption
c6:8d:e2:0e:a6:52:e6:84:2a:94:3b:0b:89:44:b4:e2:e4:05:
61:f6:71:20:e6:f0:33:49:9c:8c:e1:a8:c9:59:9f:c7:d3:ce:
1b:60:13:3f:bf:20:fa:75:fe:49:a8:b9:dc:f2:53:ad:e2:01:
af:7d:2f:1d:89:7a:93:79:e1:e3:e9:3a:21:a7:54:39:0e:21:
68:2e:35:b9:bb:e3:12:a9:fb:0d:d3:9a:09:ae:a1:22:31:00:
89:cd:ff:6d:46:80:fc:e1:f9:c7:22:4d:12:21:ff:8e:e2:b5:
01:33:bc:71:8e:e1:94:8a:8b:82:3b:84:52:d0:ef:62:f4:60:
a7:eb:3d:39:45:9b:37:2e:77:bf:a7:9c:64:b6:e0:dd:d7:d4:
5c:44:1a:d2:10:c5:25:60:02:d3:f3:b4:b6:ab:97:b4:09:58:
2e:83:4a:72:cb:e2:0e:53:f6:e1:81:67:45:9d:ef:e5:b5:7a:
e7:3b:8a:61:12:0e:fd:ab:e8:c8:fc:8f:2d:f9:be:ea:77:b7:
1d:d0:db:9f:83:df:76:c1:9a:f5:71:cb:2e:7b:e7:56:eb:03:
69:92:0d:48:a3:6c:ac:fe:7a:7a:31:76:5a:7f:95:5a:84:f1:
cf:ee:da:95:bf:2c:bb:58:6f:b4:06:2f:c8:05:99:51:00:fd:
bf:8d:02:4d
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAcBlMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjYwMzIzMDczMjE1WhcNMjYwNDE3MDczMjE1WjAYMRYw
FAYDVQQDEw02OWMwZWM4NC05YWExMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA35tD3BCWHyhUXYVnK9gCyxA/7k8mtXY5bnsGKz3YPgjUC/khfuAeTxCj
eu7ULBFW/7QpoqV5jm2gCBX4GraLSZilQzNO2qjZxnaSanMxApporWxhX8XUeqtr
MaMytvTS/M/+UkLM/osigMPYLGQOdnE8BoSflnGX6ttyrXfhxoajJXEdR7XgOmzl
kaB8aMmyMgYnhsCYwndMH9oBj1QyO5f/yd42kuL8T7hqPBzitkp3kfv84woEvln/
1BArkFbDQOC/QiOHINfGAcqH+ke6zBULx6H2/UFE+ecGYvIWILVqVFIiC/LfflYs
Rsg9S3/S8ZQ47Ijp75yiULJSzSz3MQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFA/g
PQekg8MCmoMx+t8VuxTe5fTtMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC82Q0Q3MUE0RTI2OEExMUYxQUFEOERDODdEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCmlGYMA0GCSqGSIb3DQEB
CwUAA4IBAQDGjeIOplLmhCqUOwuJRLTi5AVh9nEg5vAzSZyM4ajJWZ/H084bYBM/
vyD6df5JqLnc8lOt4gGvfS8diXqTeeHj6Tohp1Q5DiFoLjW5u+MSqfsN05oJrqEi
MQCJzf9tRoD84fnHIk0SIf+O4rUBM7xxjuGUiouCO4RS0O9i9GCn6z05RZs3Lne/
p5xktuDd19RcRBrSEMUlYALT87S2q5e0CVgug0pyy+IOU/bhgWdFne/ltXrnO4ph
Eg79q+jI/I8t+b7qd7cd0Nufg992wZr1ccsue+dW6wNpkg1Io2ys/np6MXZaf5Va
hPHP7tqVvyy7WG+0Bi/IBZlRAP2/jQJN
-----END CERTIFICATE-----
Generated at Tue Mar 24 16:14:24 2026 by rpki-client