Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/B3843D44194E11F1940B3597DAE4EC9C.roa
File: B3843D44194E11F1940B3597DAE4EC9C.roa (raw, json)
Hash identifier: Mlg1BlpN7O3aGseykFT2ADabDMhK7YJ+G+8cqHs8jng=
Subject key identifier: 76:CE:B9:C9:64:44:D6:81:00:67:E5:52:62:1A:8F:C7:43:57:FE:BA
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01BE07
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/B3843D44194E11F1940B3597DAE4EC9C.roa
Signing time: Fri 06 Mar 2026 11:22:03 +0000
ROA not before: Fri 06 Mar 2026 11:22:00 +0000
ROA not after: Sun 05 Apr 2026 11:22:00 +0000
asID: 64126
IP address blocks: 154.88.128.0/17 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Thu 26 Mar 2026 08:06:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 114183 (0x1be07)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Mar 6 11:22:00 2026 GMT
Not After : Apr 5 11:22:00 2026 GMT
Subject: CN=69aab8db-7ee6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:9d:f8:d0:ae:a7:af:2b:cc:69:7f:b1:60:b3:
fb:13:56:47:99:61:4d:4d:bf:37:b1:41:48:cf:59:
d6:c6:a8:87:ad:5b:78:47:95:9d:bd:95:b7:41:06:
15:14:84:7e:35:2e:96:22:77:63:cd:cf:2f:b3:f1:
10:a2:aa:34:8e:18:ac:98:70:2a:a7:42:23:8c:1c:
63:b7:d9:03:87:78:1b:c1:d8:fd:67:c0:47:44:16:
70:fa:64:eb:71:b7:3c:c5:e4:4d:d9:00:f0:d7:9e:
0f:be:48:9e:40:ae:82:c2:b2:70:b3:6c:38:d1:7c:
8d:4e:6c:05:f6:54:45:12:0d:00:a5:9c:02:8d:13:
13:65:d6:f2:7a:47:1a:3f:1e:d1:01:44:3a:33:be:
87:bc:65:94:f5:10:36:62:ce:73:03:cd:b0:4e:92:
04:a6:8a:ae:73:6f:6c:10:67:e0:41:fa:73:dc:03:
7b:a5:68:c5:56:72:ef:79:72:f4:ea:96:54:52:3e:
d8:02:de:07:80:58:bd:f8:d5:5c:e1:43:82:4b:bc:
93:33:ed:91:e8:34:a8:03:5d:eb:90:9e:e2:2b:48:
92:47:6b:30:05:cd:e7:c7:8c:cb:33:2e:dc:64:7b:
7b:1d:f7:41:d5:ff:f1:3d:12:76:91:56:97:59:7f:
48:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:CE:B9:C9:64:44:D6:81:00:67:E5:52:62:1A:8F:C7:43:57:FE:BA
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/B3843D44194E11F1940B3597DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.88.128.0/17
Signature Algorithm: sha256WithRSAEncryption
77:31:9a:e3:3d:0a:f5:af:6b:df:40:c1:ba:9c:55:ee:86:95:
13:86:5b:36:d5:00:82:30:32:fd:38:f7:7f:57:20:b4:90:07:
25:1a:18:e3:7d:74:01:26:77:e1:ce:ad:3f:6f:52:d3:44:e8:
1c:a2:fb:06:9e:3f:46:e2:85:6a:6d:99:18:d1:09:49:11:5e:
b3:05:4f:be:9f:7f:84:3f:06:21:dc:33:e8:e9:86:3d:32:30:
c5:62:c7:b4:03:ea:5a:69:bd:d0:ff:c9:3f:d3:6b:02:75:38:
82:ef:6e:40:47:17:9e:81:26:8e:2f:f2:c9:95:e8:0d:9d:22:
37:95:12:7e:db:cb:d3:85:a8:7a:b3:23:26:c7:77:cd:f6:6b:
01:45:4f:8c:a1:3d:a3:57:0e:63:7c:63:0a:cd:2d:fa:0d:43:
c9:d2:85:7a:e5:27:54:bf:51:cc:b6:94:68:97:fb:15:61:af:
18:bf:e1:01:93:c9:75:c3:f1:88:4f:4b:12:fb:ee:03:2d:05:
51:8a:74:05:34:e1:d7:1b:08:5a:14:83:0e:ec:00:20:15:16:
82:c9:ed:03:09:1b:f1:b3:5d:73:5f:81:c4:ca:81:31:6a:8a:
e4:07:2e:05:4b:7f:5b:32:93:d1:87:cb:fb:73:67:1b:3d:42:
b7:2a:41:4c
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAb4HMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjYwMzA2MTEyMjAwWhcNMjYwNDA1MTEyMjAwWjAYMRYw
FAYDVQQDEw02OWFhYjhkYi03ZWU2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAwJ340K6nryvMaX+xYLP7E1ZHmWFNTb83sUFIz1nWxqiHrVt4R5WdvZW3
QQYVFIR+NS6WIndjzc8vs/EQoqo0jhismHAqp0IjjBxjt9kDh3gbwdj9Z8BHRBZw
+mTrcbc8xeRN2QDw154PvkieQK6CwrJws2w40XyNTmwF9lRFEg0ApZwCjRMTZdby
ekcaPx7RAUQ6M76HvGWU9RA2Ys5zA82wTpIEpoquc29sEGfgQfpz3AN7pWjFVnLv
eXL06pZUUj7YAt4HgFi9+NVc4UOCS7yTM+2R6DSoA13rkJ7iK0iSR2swBc3nx4zL
My7cZHt7HfdB1f/xPRJ2kVaXWX9IGwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFHbO
uclkRNaBAGflUmIaj8dDV/66MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9CMzg0M0Q0NDE5NEUxMUYxOTQwQjM1OTdEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQHmliAMA0GCSqGSIb3DQEB
CwUAA4IBAQB3MZrjPQr1r2vfQMG6nFXuhpUThls21QCCMDL9OPd/VyC0kAclGhjj
fXQBJnfhzq0/b1LTROgcovsGnj9G4oVqbZkY0QlJEV6zBU++n3+EPwYh3DPo6YY9
MjDFYse0A+paab3Q/8k/02sCdTiC725ARxeegSaOL/LJlegNnSI3lRJ+28vThah6
syMmx3fN9msBRU+MoT2jVw5jfGMKzS36DUPJ0oV65SdUv1HMtpRol/sVYa8Yv+EB
k8l1w/GIT0sS++4DLQVRinQFNOHXGwhaFIMO7AAgFRaCye0DCRvxs11zX4HEyoEx
aorkBy4FS39bMpPRh8v7c2cbPUK3KkFM
-----END CERTIFICATE-----
Generated at Tue Mar 24 16:16:39 2026 by rpki-client