Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/7D7E844C245811F1AB52D9B2DAE4EC9C.roa
File: 7D7E844C245811F1AB52D9B2DAE4EC9C.roa (raw, json)
Hash identifier: bju8QfI+rEum/j6foyofCR4Buq8zOmQha3bNTQGGC/8=
Subject key identifier: 99:18:68:DD:0D:B0:88:E5:6E:01:64:29:E8:47:AA:F2:D2:E4:A0:83
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01C03A
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/7D7E844C245811F1AB52D9B2DAE4EC9C.roa
Signing time: Fri 20 Mar 2026 12:29:51 +0000
ROA not before: Fri 20 Mar 2026 12:29:46 +0000
ROA not after: Thu 08 Jul 2027 12:29:46 +0000
asID: 60171
IP address blocks: 154.197.123.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Thu 26 Mar 2026 08:06:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 114746 (0x1c03a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Mar 20 12:29:46 2026 GMT
Not After : Jul 8 12:29:46 2027 GMT
Subject: CN=69bd3dbf-039e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:22:58:99:7b:4a:f2:76:60:c4:04:00:05:8c:
fa:c1:fd:a3:a8:c1:a4:fb:ee:a1:86:d8:a7:59:d9:
3f:ed:44:31:66:c5:58:f6:3e:ac:4b:22:39:c0:ed:
aa:c6:5e:b0:82:ae:07:83:31:5a:93:a3:d8:03:5e:
6d:4b:ff:17:7b:61:0d:75:ef:f9:bd:1b:fb:35:5c:
a2:d2:53:8b:2d:38:e1:b9:fd:bc:c5:43:81:a1:ea:
50:19:d8:2c:00:52:c0:a0:c4:69:d9:60:4b:0b:a3:
b9:2c:38:24:31:89:74:cc:e4:8f:c6:b6:4c:07:89:
cd:8a:0c:50:ca:3a:9a:25:ee:f3:9a:e6:01:fb:fa:
f5:35:dc:cc:f7:15:58:53:d9:c3:a8:23:9a:05:bb:
45:be:62:a1:3c:f7:d8:e2:b4:b1:6c:53:47:e0:43:
28:8c:24:16:75:aa:69:d5:69:1f:78:e9:d9:64:3d:
d9:d8:55:0f:4a:4d:b8:c8:0e:25:c5:c8:5d:8d:93:
17:80:73:07:da:31:44:fc:38:82:ee:28:1d:5c:28:
66:17:2b:e0:cb:27:f7:6b:52:08:78:b6:80:b1:d1:
cf:c1:b8:fe:90:8d:d7:f7:8c:ef:ae:0d:d7:02:4e:
6f:f4:dd:72:5f:55:f7:94:86:47:a2:ee:80:31:12:
75:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:18:68:DD:0D:B0:88:E5:6E:01:64:29:E8:47:AA:F2:D2:E4:A0:83
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/7D7E844C245811F1AB52D9B2DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.197.123.0/24
Signature Algorithm: sha256WithRSAEncryption
b5:f4:63:38:66:8d:f9:d2:94:46:0a:d4:59:d6:a4:fa:44:0d:
b7:b5:d1:ae:76:b8:cb:5b:00:05:f4:ad:84:9a:73:0a:3b:72:
ca:72:c4:34:2c:bc:4e:31:dd:69:fd:08:ec:61:ec:51:cc:d8:
6b:35:ac:62:b0:ba:7f:23:de:4d:20:e9:81:71:1f:77:eb:bb:
f5:86:d0:c3:8d:33:f0:20:b5:93:c1:f0:75:b9:9f:ef:a9:39:
fc:e3:c7:b4:26:fd:c5:2c:2f:d0:64:7e:19:02:0b:a2:24:2d:
f5:f2:8e:e0:5c:fe:01:24:67:7d:1e:b0:54:00:a3:8e:db:b7:
db:4b:30:6e:d8:e2:6a:cc:a9:9f:07:4b:36:53:22:8e:6c:b5:
55:4a:0d:21:7f:62:53:d8:55:11:85:56:1b:16:ac:33:b6:f1:
13:50:11:dc:3c:d4:79:0c:c5:37:ab:63:2d:de:ee:fb:40:8d:
78:fb:54:a2:e2:bc:33:50:58:bc:f6:47:31:47:60:ab:95:33:
42:0c:2b:9e:d6:96:d9:ff:fd:89:16:16:3c:17:0e:23:03:c6:
21:1d:b2:f2:df:29:9c:a4:63:2c:40:02:8d:b2:4c:6a:a9:68:
04:4d:47:52:92:b1:51:e8:d7:77:1c:a7:61:5a:64:53:88:52:
c6:8b:cb:50
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAcA6MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjYwMzIwMTIyOTQ2WhcNMjcwNzA4MTIyOTQ2WjAYMRYw
FAYDVQQDEw02OWJkM2RiZi0wMzllMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAuiJYmXtK8nZgxAQABYz6wf2jqMGk++6hhtinWdk/7UQxZsVY9j6sSyI5
wO2qxl6wgq4HgzFak6PYA15tS/8Xe2ENde/5vRv7NVyi0lOLLTjhuf28xUOBoepQ
GdgsAFLAoMRp2WBLC6O5LDgkMYl0zOSPxrZMB4nNigxQyjqaJe7zmuYB+/r1NdzM
9xVYU9nDqCOaBbtFvmKhPPfY4rSxbFNH4EMojCQWdapp1WkfeOnZZD3Z2FUPSk24
yA4lxchdjZMXgHMH2jFE/DiC7igdXChmFyvgyyf3a1IIeLaAsdHPwbj+kI3X94zv
rg3XAk5v9N1yX1X3lIZHou6AMRJ1iwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFJkY
aN0NsIjlbgFkKehHqvLS5KCDMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC83RDdFODQ0QzI0NTgxMUYxQUI1MkQ5QjJEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmsV7MA0GCSqGSIb3DQEB
CwUAA4IBAQC19GM4Zo350pRGCtRZ1qT6RA23tdGudrjLWwAF9K2EmnMKO3LKcsQ0
LLxOMd1p/QjsYexRzNhrNaxisLp/I95NIOmBcR9367v1htDDjTPwILWTwfB1uZ/v
qTn848e0Jv3FLC/QZH4ZAguiJC318o7gXP4BJGd9HrBUAKOO27fbSzBu2OJqzKmf
B0s2UyKObLVVSg0hf2JT2FURhVYbFqwztvETUBHcPNR5DMU3q2Mt3u77QI14+1Si
4rwzUFi89kcxR2CrlTNCDCue1pbZ//2JFhY8Fw4jA8YhHbLy3ymcpGMsQAKNskxq
qWgETUdSkrFR6Nd3HKdhWmRTiFLGi8tQ
-----END CERTIFICATE-----
Generated at Tue Mar 24 16:14:49 2026 by rpki-client