Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/8E84B08A1E1911F195BEF0C5DAE4EC9C.roa
File: 8E84B08A1E1911F195BEF0C5DAE4EC9C.roa (raw, json)
Hash identifier: fyBrxSiZPlDOVU7xCMnccXv5ReKVkkdMbB2jxdyOwPI=
Subject key identifier: EF:35:6A:01:BF:6B:FA:4D:CC:7B:6F:B6:9D:EC:F8:45:C8:C7:3B:78
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01BF1C
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/8E84B08A1E1911F195BEF0C5DAE4EC9C.roa
Signing time: Thu 12 Mar 2026 13:44:14 +0000
ROA not before: Thu 12 Mar 2026 13:44:10 +0000
ROA not after: Sun 19 Apr 2026 13:44:10 +0000
asID: 11404
IP address blocks: 154.223.96.0/19 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Thu 26 Mar 2026 08:06:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 114460 (0x1bf1c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Mar 12 13:44:10 2026 GMT
Not After : Apr 19 13:44:10 2026 GMT
Subject: CN=69b2c32e-7e81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:09:75:31:df:d6:36:0a:22:31:08:55:f4:f7:
42:2a:42:72:eb:13:68:dc:af:d8:be:30:55:fb:a5:
ee:43:98:a1:3e:d9:c5:23:54:f9:78:30:0e:d8:40:
dc:61:0f:dd:3e:79:a3:60:d1:61:e8:a8:05:71:72:
a1:7e:05:21:46:64:94:2d:f5:8e:a7:52:08:e3:0d:
3c:e0:78:fd:72:30:b1:db:45:98:33:3b:a1:5e:0f:
38:07:92:38:57:3d:b0:16:f1:95:18:b1:f7:0d:d3:
b5:d6:74:c7:f6:f9:64:88:50:24:1b:8e:ed:45:c7:
23:ea:cf:9d:18:b5:fd:4b:37:42:5e:b4:01:59:eb:
e5:7c:c3:ad:44:93:fa:1e:98:b5:1c:95:a2:ff:39:
02:2d:24:85:63:22:9b:2f:12:23:b5:7f:e6:e3:cc:
e4:0c:ee:f4:4b:44:7d:53:4e:79:44:0d:8d:aa:d7:
eb:84:b2:be:8b:ed:aa:e5:da:58:6c:b5:bb:7f:d5:
d4:dc:e1:61:1a:1c:c6:0e:99:73:aa:59:db:8e:b8:
03:42:91:13:59:69:45:d1:ef:00:73:91:78:1b:70:
4b:6e:f8:04:6d:ae:a2:ec:b1:2e:d2:d2:ef:84:78:
ff:8e:ba:4e:99:7c:30:92:d1:1d:64:07:39:ed:9e:
e6:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EF:35:6A:01:BF:6B:FA:4D:CC:7B:6F:B6:9D:EC:F8:45:C8:C7:3B:78
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/8E84B08A1E1911F195BEF0C5DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.223.96.0/19
Signature Algorithm: sha256WithRSAEncryption
cc:08:4c:d7:c1:b6:67:61:d5:bb:70:80:ee:8a:26:94:09:d0:
d6:bd:cc:c1:9c:f2:62:8b:b9:4f:c4:b5:d7:ee:0d:7c:ea:1d:
f7:51:8b:49:f2:89:ae:9b:ae:c0:4a:2c:ac:f1:37:e6:b0:ed:
13:71:2a:a9:a6:79:8d:e4:e9:68:29:81:3a:13:b4:45:35:96:
47:84:d6:8d:d4:d1:b3:90:8b:d7:2a:38:b8:7c:93:20:3a:91:
81:9e:20:f4:53:17:8f:fa:9c:52:9a:38:95:6f:65:dd:c9:62:
84:30:77:06:a3:20:20:56:01:8c:57:0f:1e:93:8d:8f:b4:7b:
33:81:bd:fe:92:90:e8:c0:02:a9:17:17:13:54:60:97:76:d2:
1d:d0:68:97:9d:7b:de:6e:8d:34:32:e8:fd:a2:20:91:4e:3a:
2a:32:4e:98:ed:86:4d:fb:20:e1:2b:5f:f6:7d:b0:8e:b6:b4:
e7:2b:60:3d:58:0e:71:c9:8f:c7:da:eb:a7:17:22:42:19:49:
68:bc:8e:72:29:09:23:14:87:7c:e7:5a:27:a7:ea:53:6a:d4:
8a:a5:19:2b:4d:80:5b:de:ae:b0:a3:60:8b:f4:94:e7:04:27:
e9:79:8e:c6:25:c3:a1:80:7d:ef:a8:45:6d:07:68:5c:2a:a0:
3f:dc:51:b1
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAb8cMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjYwMzEyMTM0NDEwWhcNMjYwNDE5MTM0NDEwWjAYMRYw
FAYDVQQDEw02OWIyYzMyZS03ZTgxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA5wl1Md/WNgoiMQhV9PdCKkJy6xNo3K/YvjBV+6XuQ5ihPtnFI1T5eDAO
2EDcYQ/dPnmjYNFh6KgFcXKhfgUhRmSULfWOp1II4w084Hj9cjCx20WYMzuhXg84
B5I4Vz2wFvGVGLH3DdO11nTH9vlkiFAkG47tRccj6s+dGLX9SzdCXrQBWevlfMOt
RJP6Hpi1HJWi/zkCLSSFYyKbLxIjtX/m48zkDO70S0R9U055RA2NqtfrhLK+i+2q
5dpYbLW7f9XU3OFhGhzGDplzqlnbjrgDQpETWWlF0e8Ac5F4G3BLbvgEba6i7LEu
0tLvhHj/jrpOmXwwktEdZAc57Z7mcQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFO81
agG/a/pNzHtvtp3s+EXIxzt4MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC84RTg0QjA4QTFFMTkxMUYxOTVCRUYwQzVEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQFmt9gMA0GCSqGSIb3DQEB
CwUAA4IBAQDMCEzXwbZnYdW7cIDuiiaUCdDWvczBnPJii7lPxLXX7g186h33UYtJ
8omum67ASiys8TfmsO0TcSqppnmN5OloKYE6E7RFNZZHhNaN1NGzkIvXKji4fJMg
OpGBniD0UxeP+pxSmjiVb2XdyWKEMHcGoyAgVgGMVw8ek42PtHszgb3+kpDowAKp
FxcTVGCXdtId0GiXnXvebo00Muj9oiCRTjoqMk6Y7YZN+yDhK1/2fbCOtrTnK2A9
WA5xyY/H2uunFyJCGUlovI5yKQkjFId851onp+pTatSKpRkrTYBb3q6wo2CL9JTn
BCfpeY7GJcOhgH3vqEVtB2hcKqA/3FGx
-----END CERTIFICATE-----
Generated at Tue Mar 24 16:16:39 2026 by rpki-client