Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/BF08FA0626A511F183BC28A4DAE4EC9C.roa
File: BF08FA0626A511F183BC28A4DAE4EC9C.roa (raw, json)
Hash identifier: fHXOx7EzHKt5noZGtVzbp+yjW7FTDz8b6/+oKGT1YI0=
Subject key identifier: 90:88:48:D2:F1:B6:56:6D:15:58:1E:FB:EB:92:CF:DB:32:87:61:DC
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01C06D
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/BF08FA0626A511F183BC28A4DAE4EC9C.roa
Signing time: Mon 23 Mar 2026 10:47:55 +0000
ROA not before: Mon 23 Mar 2026 10:47:49 +0000
ROA not after: Mon 11 May 2026 10:47:49 +0000
asID: 214769
IP address blocks: 154.91.38.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Thu 26 Mar 2026 08:06:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 114797 (0x1c06d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Mar 23 10:47:49 2026 GMT
Not After : May 11 10:47:49 2026 GMT
Subject: CN=69c11a5a-2514
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:27:6a:2a:cf:86:f9:fe:28:69:34:d1:f2:55:
28:01:14:d5:13:a0:44:ef:95:b1:0f:82:7d:83:6a:
2f:30:9b:f1:88:57:21:c4:a1:3e:fa:d7:79:93:58:
f7:ba:e3:4b:86:52:68:1b:62:27:38:48:e1:0a:6f:
a1:33:fd:b3:43:4a:b0:2e:f0:5d:61:52:23:5d:5b:
1a:f5:fa:27:8b:b1:7d:65:37:08:83:4b:fa:c5:48:
03:c9:2c:e4:e3:59:46:ce:7e:8a:b6:fb:a3:4a:86:
85:65:4d:5c:22:21:e7:ac:4a:8e:46:9c:dd:fe:8f:
19:ae:f2:e9:90:b8:04:cb:3f:8b:34:02:40:c5:8b:
71:8e:1b:40:28:91:1a:35:a4:9b:b4:50:f1:df:70:
d3:08:3f:c3:86:e7:f6:f5:4e:2e:97:e2:f4:03:d4:
75:62:02:d3:30:e2:9a:54:de:b9:0b:da:53:66:4b:
5d:5b:83:1d:61:c3:f2:49:6c:1a:c2:11:ad:b7:f2:
5b:b4:e6:a9:ef:fb:5f:9b:54:a9:ca:c5:4a:c7:47:
23:0f:12:4f:4b:5f:14:a8:61:b2:09:7a:2b:48:db:
6b:78:74:f8:84:0c:5a:41:d1:7e:60:18:8d:05:b4:
df:b2:21:e6:93:41:73:8b:e3:67:a3:b8:4d:0a:ea:
15:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:88:48:D2:F1:B6:56:6D:15:58:1E:FB:EB:92:CF:DB:32:87:61:DC
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/BF08FA0626A511F183BC28A4DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.91.38.0/24
Signature Algorithm: sha256WithRSAEncryption
ae:64:a9:ed:3e:92:28:4c:60:66:75:f5:3b:c4:4e:f2:31:c8:
82:b4:9e:71:68:17:7d:9e:3b:c4:55:a5:21:e7:0a:bb:62:ed:
96:c7:15:40:8e:40:5a:3d:6d:b7:fe:a5:8b:96:95:7e:89:f2:
b0:f6:6a:5f:5e:47:25:19:9e:a8:5d:33:b5:fc:31:c0:a0:00:
50:ae:1f:ce:31:88:95:4d:d5:35:c1:e0:c8:b3:0e:32:ae:71:
18:e3:31:82:15:f8:ae:29:e7:ab:2e:17:71:61:e9:2b:d8:94:
23:9b:f6:f4:a9:d7:59:f7:9f:79:e6:3b:02:7a:f7:19:fe:21:
a6:b5:f3:b8:13:55:a2:2b:23:fe:df:ac:4b:cf:e6:08:81:8f:
22:6c:f5:e9:94:f2:85:73:11:07:75:e5:ba:02:d6:cd:3e:95:
44:9c:d9:04:9a:88:c2:5f:14:89:35:2c:d6:98:80:d9:76:01:
2b:a0:b4:67:5a:5e:b9:16:2a:74:da:2a:38:cd:67:3d:d3:7a:
f3:99:27:64:fb:2c:3c:a6:0c:43:99:c3:fa:8a:4b:9b:c4:be:
62:5d:b9:38:b5:17:fb:cc:9f:00:6c:1e:2c:d0:a8:61:d6:28:
8f:92:7e:bf:32:9c:25:6c:bf:6a:66:28:d5:04:b8:1e:f7:87:
05:9e:ae:f4
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAcBtMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjYwMzIzMTA0NzQ5WhcNMjYwNTExMTA0NzQ5WjAYMRYw
FAYDVQQDEw02OWMxMWE1YS0yNTE0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA5SdqKs+G+f4oaTTR8lUoARTVE6BE75WxD4J9g2ovMJvxiFchxKE++td5
k1j3uuNLhlJoG2InOEjhCm+hM/2zQ0qwLvBdYVIjXVsa9foni7F9ZTcIg0v6xUgD
ySzk41lGzn6KtvujSoaFZU1cIiHnrEqORpzd/o8ZrvLpkLgEyz+LNAJAxYtxjhtA
KJEaNaSbtFDx33DTCD/Dhuf29U4ul+L0A9R1YgLTMOKaVN65C9pTZktdW4MdYcPy
SWwawhGtt/JbtOap7/tfm1SpysVKx0cjDxJPS18UqGGyCXorSNtreHT4hAxaQdF+
YBiNBbTfsiHmk0Fzi+Nno7hNCuoVWQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFJCI
SNLxtlZtFVge++uSz9syh2HcMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9CRjA4RkEwNjI2QTUxMUYxODNCQzI4QTREQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmlsmMA0GCSqGSIb3DQEB
CwUAA4IBAQCuZKntPpIoTGBmdfU7xE7yMciCtJ5xaBd9njvEVaUh5wq7Yu2WxxVA
jkBaPW23/qWLlpV+ifKw9mpfXkclGZ6oXTO1/DHAoABQrh/OMYiVTdU1weDIsw4y
rnEY4zGCFfiuKeerLhdxYekr2JQjm/b0qddZ95955jsCevcZ/iGmtfO4E1WiKyP+
36xLz+YIgY8ibPXplPKFcxEHdeW6AtbNPpVEnNkEmojCXxSJNSzWmIDZdgEroLRn
Wl65Fip02io4zWc903rzmSdk+yw8pgxDmcP6ikubxL5iXbk4tRf7zJ8AbB4s0Khh
1iiPkn6/MpwlbL9qZijVBLge94cFnq70
-----END CERTIFICATE-----
Generated at Tue Mar 24 16:14:34 2026 by rpki-client