Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/6D204BFE1C8711F1932B9999DAE4EC9C.roa
File: 6D204BFE1C8711F1932B9999DAE4EC9C.roa (raw, json)
Hash identifier: BLAZ5jxi44+PxuS6yiNiesZirxLyemvXwIqsok0gyf0=
Subject key identifier: C7:A1:46:96:59:50:FE:9C:A8:BE:5A:9B:25:51:36:30:08:23:DA:EE
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01BEC5
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/6D204BFE1C8711F1932B9999DAE4EC9C.roa
Signing time: Tue 10 Mar 2026 13:45:41 +0000
ROA not before: Tue 10 Mar 2026 13:45:36 +0000
ROA not after: Fri 17 Apr 2026 13:45:36 +0000
asID: 54801
IP address blocks: 154.81.181.0/24 maxlen: 24
154.81.191.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Thu 26 Mar 2026 08:06:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 114373 (0x1bec5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Mar 10 13:45:36 2026 GMT
Not After : Apr 17 13:45:36 2026 GMT
Subject: CN=69b02085-e0b7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:69:ea:fd:1b:43:7b:fb:5e:17:13:15:a3:bf:
06:07:33:90:12:a1:eb:32:0c:15:f7:09:18:e1:e4:
83:7d:6f:cb:af:70:a4:3d:f7:1a:15:77:d2:64:78:
3e:e1:30:34:9e:b1:e5:94:7a:c0:e5:ba:f5:a8:b5:
a3:20:1a:34:1f:eb:77:9e:61:9e:12:e7:65:26:48:
6d:c2:3a:ea:64:ea:85:0d:c8:c3:7c:aa:98:de:6a:
5b:ac:f9:60:aa:a1:5e:d0:a3:1f:33:80:c6:f0:87:
36:ef:48:20:09:08:5e:05:66:ad:14:c3:2f:f4:19:
24:ed:03:6c:fb:85:11:a4:f1:42:30:4a:9e:5c:30:
ca:c0:45:0c:de:06:79:a1:f8:5b:2c:dc:27:06:94:
63:9d:5b:47:45:53:4a:3b:b5:5e:10:d5:f1:5c:d5:
34:cd:ed:69:3a:a3:83:2d:a6:d3:7b:5f:3a:72:8d:
ea:52:8a:00:20:cf:7c:b4:09:5c:90:d1:6f:36:7b:
99:00:24:be:67:b5:d1:b3:fa:70:48:a2:ae:77:4e:
26:af:35:df:a2:60:3d:96:8e:31:b6:15:19:bc:90:
38:bd:1f:ea:71:a5:4f:d4:ce:16:9d:fc:b6:30:de:
b6:21:3b:80:af:17:e3:90:66:ed:7b:2d:e7:d4:be:
c0:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:A1:46:96:59:50:FE:9C:A8:BE:5A:9B:25:51:36:30:08:23:DA:EE
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/6D204BFE1C8711F1932B9999DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.81.181.0/24
154.81.191.0/24
Signature Algorithm: sha256WithRSAEncryption
66:1b:98:9b:a7:b4:10:7e:e7:35:f8:df:4c:03:57:e5:de:75:
b5:87:7e:c3:67:2c:84:8a:d7:d0:1b:5b:99:69:8d:e9:08:a3:
25:eb:0f:75:2b:11:d6:19:18:28:73:52:81:5d:d2:9f:e3:d9:
de:65:40:16:a3:a8:f8:ad:65:bc:5d:bf:3e:82:a8:32:7f:dc:
50:28:37:e3:a1:0a:35:2c:f0:57:e5:d1:f5:1b:41:fe:e1:37:
54:03:09:1a:fe:71:69:52:6d:28:d1:3c:16:d1:e6:84:68:b4:
bb:07:d8:d3:ec:87:ae:a9:1f:9c:1c:d9:18:57:3d:f6:94:ae:
bc:3b:ab:52:7f:9e:13:3d:b6:18:d8:3c:44:06:d5:b1:b0:85:
3e:2c:f1:84:ba:c8:cb:f0:3d:2f:e7:45:61:2f:c1:89:0f:23:
8a:9d:f0:d3:02:43:35:cf:d0:a1:99:9f:24:d0:ab:91:91:ad:
ca:19:42:a6:07:d6:6f:27:5f:67:8d:2a:ee:ce:68:2b:31:4e:
6a:cb:3c:f5:bf:64:8a:97:a4:4b:fa:41:e4:fb:f3:fb:6e:ad:
a4:f5:ad:c9:c1:61:b2:05:9c:92:63:62:3a:a2:4d:5c:5c:db:
d3:e0:0e:9e:07:17:5d:3e:6a:81:6a:ed:0f:34:78:40:03:8c:
c0:09:e0:88
-----BEGIN CERTIFICATE-----
MIIFijCCBHKgAwIBAgIDAb7FMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjYwMzEwMTM0NTM2WhcNMjYwNDE3MTM0NTM2WjAYMRYw
FAYDVQQDEw02OWIwMjA4NS1lMGI3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAwmnq/RtDe/teFxMVo78GBzOQEqHrMgwV9wkY4eSDfW/Lr3CkPfcaFXfS
ZHg+4TA0nrHllHrA5br1qLWjIBo0H+t3nmGeEudlJkhtwjrqZOqFDcjDfKqY3mpb
rPlgqqFe0KMfM4DG8Ic270ggCQheBWatFMMv9Bkk7QNs+4URpPFCMEqeXDDKwEUM
3gZ5ofhbLNwnBpRjnVtHRVNKO7VeENXxXNU0ze1pOqODLabTe186co3qUooAIM98
tAlckNFvNnuZACS+Z7XRs/pwSKKud04mrzXfomA9lo4xthUZvJA4vR/qcaVP1M4W
nfy2MN62ITuArxfjkGbtey3n1L7AOQIDAQABo4ICqzCCAqcwHQYDVR0OBBYEFMeh
RpZZUP6cqL5amyVRNjAII9ruMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC82RDIwNEJGRTFDODcxMUYxOTMyQjk5OTlEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAmlG1AwQAmlG/MA0GCSqG
SIb3DQEBCwUAA4IBAQBmG5ibp7QQfuc1+N9MA1fl3nW1h37DZyyEitfQG1uZaY3p
CKMl6w91KxHWGRgoc1KBXdKf49neZUAWo6j4rWW8Xb8+gqgyf9xQKDfjoQo1LPBX
5dH1G0H+4TdUAwka/nFpUm0o0TwW0eaEaLS7B9jT7IeuqR+cHNkYVz32lK68O6tS
f54TPbYY2DxEBtWxsIU+LPGEusjL8D0v50VhL8GJDyOKnfDTAkM1z9ChmZ8k0KuR
ka3KGUKmB9ZvJ19njSruzmgrMU5qyzz1v2SKl6RL+kHk+/P7bq2k9a3JwWGyBZyS
Y2I6ok1cXNvT4A6eBxddPmqBau0PNHhAA4zACeCI
-----END CERTIFICATE-----
Generated at Tue Mar 24 16:15:46 2026 by rpki-client