Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/BCD843E61C8611F1AA0DB895DAE4EC9C.roa
File: BCD843E61C8611F1AA0DB895DAE4EC9C.roa (raw, json)
Hash identifier: 1J2Cw5KjKpYC7Mmxg7nBByXg0SYG/0O0JrBIxh4Yrqs=
Subject key identifier: CF:11:56:59:B7:06:02:65:E1:0A:F4:A8:75:73:8B:86:A9:17:39:7E
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01BEC3
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/BCD843E61C8611F1AA0DB895DAE4EC9C.roa
Signing time: Tue 10 Mar 2026 13:40:45 +0000
ROA not before: Tue 10 Mar 2026 13:40:39 +0000
ROA not after: Fri 17 Apr 2026 13:40:39 +0000
asID: 54801
IP address blocks: 154.81.61.0/24 maxlen: 24
154.81.136.0/24 maxlen: 24
154.81.140.0/24 maxlen: 24
154.81.161.0/24 maxlen: 24
154.81.164.0/24 maxlen: 24
154.81.166.0/24 maxlen: 24
154.81.178.0/24 maxlen: 24
154.82.18.0/24 maxlen: 24
154.82.20.0/24 maxlen: 24
154.83.128.0/24 maxlen: 24
154.83.135.0/24 maxlen: 24
154.83.137.0/24 maxlen: 24
154.83.141.0/24 maxlen: 24
154.83.158.0/24 maxlen: 24
154.83.187.0/24 maxlen: 24
154.83.190.0/24 maxlen: 24
154.83.191.0/24 maxlen: 24
154.83.209.0/24 maxlen: 24
154.83.211.0/24 maxlen: 24
154.83.247.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Thu 26 Mar 2026 08:06:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 114371 (0x1bec3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Mar 10 13:40:39 2026 GMT
Not After : Apr 17 13:40:39 2026 GMT
Subject: CN=69b01f5d-8e63
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:b4:6e:37:bc:21:a5:5e:04:a6:43:56:d2:20:
b0:11:e9:89:38:f2:1d:d2:c0:ce:df:9e:19:9a:c7:
b5:fe:9f:18:18:16:43:37:eb:4f:73:99:22:7f:8b:
0a:34:5d:84:53:d3:07:01:50:e1:66:b8:86:65:1f:
79:21:c8:ad:e7:68:64:54:b4:b4:24:9b:bc:d4:66:
d1:90:36:df:6a:57:7b:fd:44:b7:68:25:dd:aa:89:
e1:25:cf:7b:a3:66:d6:f6:74:bb:bd:c5:41:f1:05:
ab:72:1e:49:7a:fc:c8:36:d8:78:4c:be:ce:4e:82:
d1:d8:82:00:91:d8:bd:3a:50:c2:69:f3:46:b4:09:
46:5d:32:d5:e1:84:69:7c:77:c2:e6:df:3a:d9:44:
e1:6e:fb:55:00:b4:be:9d:d9:4d:55:64:c1:a0:c9:
a2:e0:b8:2a:33:36:ec:38:39:c5:58:51:29:14:1b:
07:9b:77:de:be:95:07:63:c6:9d:cf:44:70:a5:3a:
8b:6f:20:c0:9d:be:7a:9e:50:f5:bb:ff:19:f3:69:
ec:85:62:2e:d0:f8:0e:6a:b6:a0:a8:e7:a3:97:0e:
f9:14:6a:f9:95:9f:54:d5:cf:ec:98:13:15:6f:54:
9f:44:31:65:06:44:1e:fc:ad:56:50:f8:ba:c1:c6:
6c:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:11:56:59:B7:06:02:65:E1:0A:F4:A8:75:73:8B:86:A9:17:39:7E
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/BCD843E61C8611F1AA0DB895DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.81.61.0/24
154.81.136.0/24
154.81.140.0/24
154.81.161.0/24
154.81.164.0/24
154.81.166.0/24
154.81.178.0/24
154.82.18.0/24
154.82.20.0/24
154.83.128.0/24
154.83.135.0/24
154.83.137.0/24
154.83.141.0/24
154.83.158.0/24
154.83.187.0/24
154.83.190.0/23
154.83.209.0/24
154.83.211.0/24
154.83.247.0/24
Signature Algorithm: sha256WithRSAEncryption
08:6d:66:f9:23:fc:dc:8f:1e:4a:89:90:93:87:69:50:ee:61:
4a:0b:47:99:65:15:45:ce:7e:0f:65:6c:eb:eb:1d:af:2f:df:
02:0f:af:0a:75:9d:6e:65:1b:ba:0b:c8:f4:10:d0:c4:53:c5:
93:e9:0b:a1:82:c6:8e:1e:3e:b8:64:5c:cf:54:ff:52:30:af:
60:59:20:f7:dc:6b:a2:86:f4:18:5c:b7:01:7f:b9:60:70:34:
9f:bb:f3:eb:34:bd:51:33:2b:3e:2d:ef:96:0f:1c:00:54:28:
38:e6:b7:2e:bd:50:22:2c:bc:49:e7:4e:fd:d2:1f:08:d9:78:
34:7b:18:ca:4b:c1:9e:e9:3d:23:b6:ac:68:21:72:7c:f2:f3:
80:c1:e0:f1:80:be:dc:a4:05:ec:f1:e8:65:ba:6c:dd:e7:42:
ca:ea:71:47:2b:b8:d8:a5:32:0b:f1:d6:54:09:6e:23:8d:d3:
78:77:50:1a:bf:04:fb:34:4e:8a:7b:df:06:ff:de:c4:76:1f:
91:cb:b2:50:dd:77:88:91:29:fd:bd:26:69:db:bc:eb:d5:4c:
5d:77:01:b5:50:8e:e5:14:28:61:fe:db:f2:c2:94:74:85:56:
02:dc:82:02:43:7e:b7:b5:df:59:fc:f0:b7:69:33:87:95:5d:
65:5e:7a:e3
-----BEGIN CERTIFICATE-----
MIIF8TCCBNmgAwIBAgIDAb7DMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjYwMzEwMTM0MDM5WhcNMjYwNDE3MTM0MDM5WjAYMRYw
FAYDVQQDEw02OWIwMWY1ZC04ZTYzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAs7RuN7whpV4EpkNW0iCwEemJOPId0sDO354Zmse1/p8YGBZDN+tPc5ki
f4sKNF2EU9MHAVDhZriGZR95Icit52hkVLS0JJu81GbRkDbfald7/US3aCXdqonh
Jc97o2bW9nS7vcVB8QWrch5JevzINth4TL7OToLR2IIAkdi9OlDCafNGtAlGXTLV
4YRpfHfC5t862UThbvtVALS+ndlNVWTBoMmi4LgqMzbsODnFWFEpFBsHm3fevpUH
Y8adz0RwpTqLbyDAnb56nlD1u/8Z82nshWIu0PgOaragqOejlw75FGr5lZ9U1c/s
mBMVb1SfRDFlBkQe/K1WUPi6wcZsLQIDAQABo4IDEjCCAw4wHQYDVR0OBBYEFM8R
Vlm3BgJl4Qr0qHVzi4apFzl+MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9CQ0Q4NDNFNjFDODYxMUYxQUEwREI4OTVEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMIGLBggrBgEFBQcBBwEB/wR8MHoweAQCAAEwcgMEAJpRPQMEAJpRiAMEAJpR
jAMEAJpRoQMEAJpRpAMEAJpRpgMEAJpRsgMEAJpSEgMEAJpSFAMEAJpTgAMEAJpT
hwMEAJpTiQMEAJpTjQMEAJpTngMEAJpTuwMEAZpTvgMEAJpT0QMEAJpT0wMEAJpT
9zANBgkqhkiG9w0BAQsFAAOCAQEACG1m+SP83I8eSomQk4dpUO5hSgtHmWUVRc5+
D2Vs6+sdry/fAg+vCnWdbmUbugvI9BDQxFPFk+kLoYLGjh4+uGRcz1T/UjCvYFkg
99xroob0GFy3AX+5YHA0n7vz6zS9UTMrPi3vlg8cAFQoOOa3Lr1QIiy8SedO/dIf
CNl4NHsYykvBnuk9I7asaCFyfPLzgMHg8YC+3KQF7PHoZbps3edCyupxRyu42KUy
C/HWVAluI43TeHdQGr8E+zROinvfBv/exHYfkcuyUN13iJEp/b0madu869VMXXcB
tVCO5RQoYf7b8sKUdIVWAtyCAkN+t7XfWfzwt2kzh5VdZV564w==
-----END CERTIFICATE-----
Generated at Tue Mar 24 16:19:14 2026 by rpki-client