Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/87ECEAC422A811F18493C2E4DAE4EC9C.roa
File: 87ECEAC422A811F18493C2E4DAE4EC9C.roa (raw, json)
Hash identifier: wXYrFjn0DABe0MZedmAMNk5HdagPJ6OgczM6CdO9muU=
Subject key identifier: ED:AC:DC:89:C8:46:A5:8F:86:27:EE:42:09:94:4C:85:0A:DC:C5:F7
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01BFAC
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/87ECEAC422A811F18493C2E4DAE4EC9C.roa
Signing time: Wed 18 Mar 2026 08:57:46 +0000
ROA not before: Wed 18 Mar 2026 08:56:11 +0000
ROA not after: Tue 31 Mar 2026 08:56:11 +0000
asID: 139880
IP address blocks: 154.82.32.0/19 maxlen: 24
154.206.128.0/18 maxlen: 24
154.209.160.0/19 maxlen: 24
154.214.64.0/18 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Thu 26 Mar 2026 08:06:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 114604 (0x1bfac)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Mar 18 08:56:11 2026 GMT
Not After : Mar 31 08:56:11 2026 GMT
Subject: CN=69ba690a-07b9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:76:6a:8e:8f:57:98:a7:82:4d:2a:f1:a3:58:
76:a0:40:27:e4:76:d2:e1:8c:2f:9c:6c:5f:2b:25:
10:72:f9:d8:26:76:a9:8d:bd:a8:57:3a:c6:b2:04:
1e:8b:87:d2:12:a3:72:76:21:06:0b:69:2f:62:46:
b4:4d:17:1a:56:97:c5:4b:1b:3d:d0:73:a9:e7:76:
a6:28:ea:2c:bb:fe:ca:98:e2:b6:a2:c8:73:32:d6:
b0:ad:8d:f8:53:67:3d:7e:a5:21:ba:9a:ec:2b:0b:
6a:e4:49:dd:ce:c5:2a:37:83:21:25:ef:9e:ba:26:
8b:9f:e5:3d:96:99:1b:bd:c2:47:3c:a0:cb:bd:0c:
ab:45:5a:3a:44:fa:4a:a6:ae:6e:d0:a5:1f:55:58:
1d:a7:ca:f4:09:54:ec:16:73:39:10:d1:a0:ea:45:
2c:88:b0:2d:d1:e1:ff:69:e5:ce:e3:70:03:8d:71:
0b:89:58:29:05:e6:08:c6:ac:2b:bd:e2:d8:79:ff:
56:be:29:4f:d0:5c:ca:a7:ba:0e:b5:e5:6b:df:50:
29:98:fc:a3:1c:b6:e9:3a:94:1c:bf:9f:04:95:27:
48:00:a8:2a:a5:ce:69:2b:5c:0c:b6:b6:b3:0b:e5:
49:be:d9:e5:50:d8:dc:34:ff:58:25:d0:63:87:ac:
e6:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:AC:DC:89:C8:46:A5:8F:86:27:EE:42:09:94:4C:85:0A:DC:C5:F7
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/87ECEAC422A811F18493C2E4DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.82.32.0/19
154.206.128.0/18
154.209.160.0/19
154.214.64.0/18
Signature Algorithm: sha256WithRSAEncryption
05:ad:35:3a:8d:e5:cd:2f:26:50:da:34:64:2d:11:de:38:8c:
49:1f:6d:4e:0c:1e:76:68:9f:0b:5c:14:27:56:4e:c8:b0:a5:
9b:52:70:72:03:8c:46:33:ba:2f:90:71:64:d9:59:c8:e8:c1:
6c:38:d1:76:4a:bd:b2:53:32:69:5d:fd:38:41:ef:5d:7f:61:
cc:aa:3f:17:ca:2d:94:5d:dc:5f:9a:4b:9b:eb:ef:36:e5:f6:
91:6f:61:ea:ca:c1:9c:be:3e:19:c7:85:d4:32:90:82:c4:58:
60:11:64:16:ae:70:18:05:e6:20:d7:64:2b:5a:08:9b:c9:09:
f0:ab:c9:7a:05:57:1c:8b:10:f0:e7:93:7e:b9:7c:72:c7:e2:
fd:b5:ff:c5:c7:4e:52:bc:0d:87:d3:af:2f:80:ae:32:86:c1:
42:f4:0a:4f:f0:36:a9:c3:bf:d7:ef:27:41:73:13:d8:96:9b:
85:82:7b:a2:71:35:24:a3:cf:17:24:53:a0:89:64:ec:a7:d2:
92:d7:15:ba:22:1d:9c:89:2f:49:1b:13:07:d4:2d:c0:cd:c4:
bf:62:bf:79:ea:4e:0b:c8:34:cb:5e:ce:52:a0:59:bf:67:68:
63:8a:9b:c4:f0:d3:b7:01:3a:12:87:13:64:4f:e1:f1:e1:68:
50:6c:7a:a6
-----BEGIN CERTIFICATE-----
MIIFljCCBH6gAwIBAgIDAb+sMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjYwMzE4MDg1NjExWhcNMjYwMzMxMDg1NjExWjAYMRYw
FAYDVQQDEw02OWJhNjkwYS0wN2I5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAsHZqjo9XmKeCTSrxo1h2oEAn5HbS4YwvnGxfKyUQcvnYJnapjb2oVzrG
sgQei4fSEqNydiEGC2kvYka0TRcaVpfFSxs90HOp53amKOosu/7KmOK2oshzMtaw
rY34U2c9fqUhuprsKwtq5EndzsUqN4MhJe+euiaLn+U9lpkbvcJHPKDLvQyrRVo6
RPpKpq5u0KUfVVgdp8r0CVTsFnM5ENGg6kUsiLAt0eH/aeXO43ADjXELiVgpBeYI
xqwrveLYef9WvilP0FzKp7oOteVr31ApmPyjHLbpOpQcv58ElSdIAKgqpc5pK1wM
trazC+VJvtnlUNjcNP9YJdBjh6zmGQIDAQABo4ICtzCCArMwHQYDVR0OBBYEFO2s
3InIRqWPhifuQgmUTIUK3MX3MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC84N0VDRUFDNDIyQTgxMUYxODQ5M0MyRTREQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQFmlIgAwQGms6AAwQFmtGg
AwQGmtZAMA0GCSqGSIb3DQEBCwUAA4IBAQAFrTU6jeXNLyZQ2jRkLRHeOIxJH21O
DB52aJ8LXBQnVk7IsKWbUnByA4xGM7ovkHFk2VnI6MFsONF2Sr2yUzJpXf04Qe9d
f2HMqj8Xyi2UXdxfmkub6+825faRb2HqysGcvj4Zx4XUMpCCxFhgEWQWrnAYBeYg
12QrWgibyQnwq8l6BVccixDw55N+uXxyx+L9tf/Fx05SvA2H068vgK4yhsFC9ApP
8Dapw7/X7ydBcxPYlpuFgnuicTUko88XJFOgiWTsp9KS1xW6Ih2ciS9JGxMH1C3A
zcS/Yr956k4LyDTLXs5SoFm/Z2hjipvE8NO3AToShxNkT+Hx4WhQbHqm
-----END CERTIFICATE-----
Generated at Tue Mar 24 16:14:33 2026 by rpki-client