Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/8474D69E210A11F18FFEB0F5DAE4EC9C.roa
File: 8474D69E210A11F18FFEB0F5DAE4EC9C.roa (raw, json)
Hash identifier: HV/HCQMgMPlH0vqCRORbsRHtG6szLnJJXTiUtDGuQVU=
Subject key identifier: 90:B3:E5:63:44:EF:7E:15:AF:0C:66:86:EE:5F:64:86:E7:D5:D6:98
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01BF81
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/8474D69E210A11F18FFEB0F5DAE4EC9C.roa
Signing time: Mon 16 Mar 2026 07:34:09 +0000
ROA not before: Mon 16 Mar 2026 07:34:03 +0000
ROA not after: Thu 23 Apr 2026 07:34:03 +0000
asID: 63969
IP address blocks: 154.89.7.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Thu 26 Mar 2026 08:06:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 114561 (0x1bf81)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Mar 16 07:34:03 2026 GMT
Not After : Apr 23 07:34:03 2026 GMT
Subject: CN=69b7b270-df67
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:c7:27:14:07:f3:38:7e:5b:3e:41:51:d3:70:
da:c9:d2:0d:c0:26:07:4c:e3:1d:02:62:74:15:91:
e0:0c:2f:18:2c:bd:67:d2:31:bc:6b:31:da:0d:ad:
ad:43:42:e0:3b:57:7d:e8:8c:c2:b9:72:7d:b0:5b:
fd:22:a6:b0:73:49:bb:eb:f3:70:13:c4:65:ff:82:
a8:70:5b:ff:86:f8:12:e0:f3:05:79:8c:a6:d8:cb:
1a:bc:16:e6:ef:e4:7c:a3:d3:25:68:16:d6:21:d7:
ba:ae:cd:c9:01:8e:a1:40:48:11:78:5a:cf:ea:08:
b0:ea:91:b3:37:1b:1a:f0:31:3b:95:af:c1:e4:21:
5e:b4:6c:3f:2b:77:87:dd:5f:18:68:53:d1:4a:9a:
f4:60:9d:40:4d:0f:ac:23:28:46:7f:cd:99:00:e1:
82:d8:94:f2:c7:85:99:b7:dc:d1:62:c2:ed:26:47:
a6:81:9c:f4:5c:9c:32:8f:79:f0:49:fa:12:13:bd:
f2:de:90:36:4f:bd:75:24:17:75:0c:6e:bb:9b:80:
b2:bf:c6:25:1f:4a:bd:d4:e7:ab:ae:c4:c2:ce:f5:
35:d5:84:5b:1d:85:31:c8:54:a2:1f:3e:17:1a:a1:
f9:f4:55:9a:76:d3:f8:de:e9:6a:c6:c5:3e:b3:b9:
d3:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:B3:E5:63:44:EF:7E:15:AF:0C:66:86:EE:5F:64:86:E7:D5:D6:98
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/8474D69E210A11F18FFEB0F5DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.89.7.0/24
Signature Algorithm: sha256WithRSAEncryption
ac:61:f8:ee:0c:1a:60:c9:79:1a:28:96:2f:9d:d1:40:b2:ee:
ea:17:6c:87:9a:1c:be:0a:2f:c4:35:e4:e0:e0:71:ec:63:18:
2b:a9:af:a6:72:d2:37:3b:91:0e:a8:20:c8:dc:57:aa:8f:94:
a6:3a:9c:b4:b1:bd:58:6a:05:9e:7b:63:85:eb:ce:19:ea:fc:
32:d1:e7:97:29:8d:71:c3:cb:59:0f:5f:a5:6a:1f:43:42:4c:
7c:92:5f:e1:97:e6:31:c7:0f:a4:da:fb:56:ab:d1:53:f7:3a:
fd:0c:78:1f:2a:89:41:16:45:3e:48:a8:1a:82:79:12:71:67:
36:71:b9:06:57:a4:a8:c0:08:53:41:6e:ce:bd:60:15:3e:3f:
32:ae:b7:da:3e:c2:8f:0c:ea:34:6b:1d:b6:76:dd:30:6a:5d:
e8:45:6b:2c:c5:ee:2f:95:25:0a:35:f7:9d:ee:41:7e:3b:62:
4f:8c:12:43:3d:89:e6:c0:0c:e8:e4:6c:51:8f:a2:9e:7d:83:
20:5f:64:8c:50:50:72:4c:4b:9b:5e:36:19:ae:4a:25:12:a3:
e5:a5:ac:54:bf:c2:0e:88:0f:2d:78:2f:c3:cc:c8:7e:8c:89:
ee:3f:fa:16:7e:c6:91:7b:0e:a9:65:c1:3b:43:4a:84:13:78:
af:12:2d:2a
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAb+BMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjYwMzE2MDczNDAzWhcNMjYwNDIzMDczNDAzWjAYMRYw
FAYDVQQDEw02OWI3YjI3MC1kZjY3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA3ccnFAfzOH5bPkFR03DaydINwCYHTOMdAmJ0FZHgDC8YLL1n0jG8azHa
Da2tQ0LgO1d96IzCuXJ9sFv9Iqawc0m76/NwE8Rl/4KocFv/hvgS4PMFeYym2Msa
vBbm7+R8o9MlaBbWIde6rs3JAY6hQEgReFrP6giw6pGzNxsa8DE7la/B5CFetGw/
K3eH3V8YaFPRSpr0YJ1ATQ+sIyhGf82ZAOGC2JTyx4WZt9zRYsLtJkemgZz0XJwy
j3nwSfoSE73y3pA2T711JBd1DG67m4Cyv8YlH0q91OerrsTCzvU11YRbHYUxyFSi
Hz4XGqH59FWadtP43ulqxsU+s7nTuwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFJCz
5WNE734Vrwxmhu5fZIbn1daYMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC84NDc0RDY5RTIxMEExMUYxOEZGRUIwRjVEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmlkHMA0GCSqGSIb3DQEB
CwUAA4IBAQCsYfjuDBpgyXkaKJYvndFAsu7qF2yHmhy+Ci/ENeTg4HHsYxgrqa+m
ctI3O5EOqCDI3Feqj5SmOpy0sb1YagWee2OF684Z6vwy0eeXKY1xw8tZD1+lah9D
Qkx8kl/hl+Yxxw+k2vtWq9FT9zr9DHgfKolBFkU+SKgagnkScWc2cbkGV6SowAhT
QW7OvWAVPj8yrrfaPsKPDOo0ax22dt0wal3oRWssxe4vlSUKNfed7kF+O2JPjBJD
PYnmwAzo5GxRj6KefYMgX2SMUFByTEubXjYZrkolEqPlpaxUv8IOiA8teC/DzMh+
jInuP/oWfsaRew6pZcE7Q0qEE3ivEi0q
-----END CERTIFICATE-----
Generated at Tue Mar 24 16:20:34 2026 by rpki-client