Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/AEBA725816E511F19E6678C5DAE4EC9C.roa
File: AEBA725816E511F19E6678C5DAE4EC9C.roa (raw, json)
Hash identifier: 9G/XWr+SHW7evq8e3Ryb2naHYoatItqzhmL4rcPnQu8=
Subject key identifier: 3C:C3:49:88:E5:F7:99:8F:9C:1D:5C:CB:0F:9A:32:8A:FD:F9:E4:5B
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01BD24
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/AEBA725816E511F19E6678C5DAE4EC9C.roa
Signing time: Tue 03 Mar 2026 09:45:16 +0000
ROA not before: Tue 03 Mar 2026 09:45:12 +0000
ROA not after: Mon 16 Mar 2026 09:45:12 +0000
asID: 137899
IP address blocks: 154.219.96.0/19 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 06 Mar 2026 00:06:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 113956 (0x1bd24)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Mar 3 09:45:12 2026 GMT
Not After : Mar 16 09:45:12 2026 GMT
Subject: CN=69a6adac-1936
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:7e:ff:f7:db:65:fe:e1:82:39:5f:dd:18:0a:
ff:c1:36:74:72:ce:d5:d5:8c:0f:43:3e:56:e8:6e:
8c:60:e8:dd:ca:e3:77:ae:6a:9f:65:b8:69:3e:da:
25:c6:93:ae:c7:92:a9:5c:39:e7:51:2b:49:1b:ff:
f7:6b:4f:30:44:fb:80:12:3b:20:9a:8a:78:ee:4a:
97:10:66:e6:57:23:54:25:f1:12:ba:82:c0:a3:4b:
67:de:63:be:ba:b1:7c:e9:51:7d:0e:58:c5:19:1f:
c2:01:dd:d0:76:8d:9a:b0:e5:88:f9:74:ed:b2:f5:
53:95:22:c5:4d:ce:3d:90:93:d6:d7:5a:86:da:a4:
cf:c3:f9:c3:4e:26:f3:02:e7:c4:9a:a8:cb:15:10:
c8:c7:03:4b:84:53:38:1a:39:18:89:8b:9c:86:3f:
39:b6:0d:3f:64:aa:a5:44:f8:e4:ee:d2:e0:e6:1c:
bb:ad:07:f3:89:57:fc:55:ac:a0:9a:05:a8:da:51:
ab:76:a5:07:46:da:46:0b:82:9c:64:7c:1f:ed:5a:
45:a0:00:89:a8:e4:37:50:59:63:5e:3b:c2:1d:8c:
f6:87:94:bc:84:86:ad:3f:85:10:e6:34:1d:77:f5:
e1:f5:39:07:18:82:dd:6d:08:dd:8e:0b:5a:da:5d:
b1:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:C3:49:88:E5:F7:99:8F:9C:1D:5C:CB:0F:9A:32:8A:FD:F9:E4:5B
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/AEBA725816E511F19E6678C5DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.219.96.0/19
Signature Algorithm: sha256WithRSAEncryption
cf:85:f1:b7:d7:ab:fd:ca:20:7c:93:86:01:00:9c:73:f2:67:
19:36:83:24:7a:5f:1d:d1:ff:2d:f0:87:3b:d9:db:4f:00:35:
de:5c:a5:09:79:02:6d:89:dd:8b:c9:75:22:84:63:1f:24:5b:
86:72:2d:f6:8e:a6:9b:72:81:bd:66:54:13:d4:b3:03:8c:18:
ab:e8:7d:70:12:f5:18:e7:ae:ef:79:58:a4:c5:83:8a:5c:fd:
f8:6c:7e:a6:ca:ce:ed:ea:7e:8d:31:22:2d:8d:9c:bb:50:6c:
46:4b:2f:f1:44:70:56:87:7e:73:d9:67:de:97:1d:eb:cd:19:
b9:cb:ba:de:82:0b:c7:0d:7c:f1:25:ca:41:99:6d:8a:b6:9a:
d2:ef:c5:ff:55:4c:f5:2b:56:3a:0a:3d:a9:24:10:03:a5:ad:
74:34:4b:46:a8:be:8d:8f:4e:39:15:fe:ec:b7:60:a5:4e:f7:
6b:97:4c:2b:5e:4e:83:45:79:cd:e8:29:13:d0:6b:be:f1:03:
f8:4f:20:69:64:d6:33:cf:64:b5:f0:b5:8f:df:4a:92:91:a7:
90:79:7d:a1:87:6a:2f:99:47:8e:60:e2:1d:3f:04:8d:8f:33:
17:96:9c:b4:75:d9:e6:4b:45:43:62:bc:0e:3f:5c:a7:2a:a4:
a5:08:73:42
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAb0kMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjYwMzAzMDk0NTEyWhcNMjYwMzE2MDk0NTEyWjAYMRYw
FAYDVQQDEw02OWE2YWRhYy0xOTM2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAo37/99tl/uGCOV/dGAr/wTZ0cs7V1YwPQz5W6G6MYOjdyuN3rmqfZbhp
PtolxpOux5KpXDnnUStJG//3a08wRPuAEjsgmop47kqXEGbmVyNUJfESuoLAo0tn
3mO+urF86VF9DljFGR/CAd3Qdo2asOWI+XTtsvVTlSLFTc49kJPW11qG2qTPw/nD
TibzAufEmqjLFRDIxwNLhFM4GjkYiYuchj85tg0/ZKqlRPjk7tLg5hy7rQfziVf8
VaygmgWo2lGrdqUHRtpGC4KcZHwf7VpFoACJqOQ3UFljXjvCHYz2h5S8hIatP4UQ
5jQdd/Xh9TkHGILdbQjdjgta2l2xjQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFDzD
SYjl95mPnB1cyw+aMor9+eRbMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9BRUJBNzI1ODE2RTUxMUYxOUU2Njc4QzVEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQFmttgMA0GCSqGSIb3DQEB
CwUAA4IBAQDPhfG316v9yiB8k4YBAJxz8mcZNoMkel8d0f8t8Ic72dtPADXeXKUJ
eQJtid2LyXUihGMfJFuGci32jqabcoG9ZlQT1LMDjBir6H1wEvUY567veVikxYOK
XP34bH6mys7t6n6NMSItjZy7UGxGSy/xRHBWh35z2Wfelx3rzRm5y7reggvHDXzx
JcpBmW2KtprS78X/VUz1K1Y6Cj2pJBADpa10NEtGqL6Nj045Ff7st2ClTvdrl0wr
Xk6DRXnN6CkT0Gu+8QP4TyBpZNYzz2S18LWP30qSkaeQeX2hh2ovmUeOYOIdPwSN
jzMXlpy0ddnmS0VDYrwOP1ynKqSlCHNC
-----END CERTIFICATE-----
Generated at Wed Mar 4 13:54:10 2026 by rpki-client