Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/BF58CCE61C7011F1A488E397DAE4EC9C.roa
File: BF58CCE61C7011F1A488E397DAE4EC9C.roa (raw, json)
Hash identifier: pO0bTO2bXDj6/XK9xGUXDuDAxwLMXrm9KPai3jmAssY=
Subject key identifier: 65:BB:B4:D8:35:9F:0A:93:8C:E6:2E:91:B6:0D:B6:59:2A:0A:79:EA
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01BEB9
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/BF58CCE61C7011F1A488E397DAE4EC9C.roa
Signing time: Tue 10 Mar 2026 11:03:20 +0000
ROA not before: Tue 10 Mar 2026 11:03:15 +0000
ROA not after: Thu 16 Apr 2026 11:03:15 +0000
asID: 151407
IP address blocks: 154.88.64.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 14 Mar 2026 00:06:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 114361 (0x1beb9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Mar 10 11:03:15 2026 GMT
Not After : Apr 16 11:03:15 2026 GMT
Subject: CN=69affa78-e5cb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:dd:d6:81:db:e6:be:47:2c:0e:f2:59:ea:3d:
ac:07:2b:cc:50:c3:d2:24:c6:18:c2:d4:cc:70:92:
21:7e:9f:cb:71:09:b6:4a:ca:f9:f3:55:b0:ab:11:
76:a5:14:c7:e4:d9:ba:41:6d:d1:b0:33:9c:38:fa:
f9:25:92:65:64:ef:2b:3e:1e:e4:60:5c:0c:c6:ea:
5e:27:3f:60:a2:d8:19:f1:fd:e1:26:40:1a:95:21:
17:4b:59:cd:5f:8c:9b:e9:11:0e:a2:ea:84:3c:d0:
b0:81:57:25:f7:33:83:c1:2d:4e:33:6d:98:6c:6a:
c5:c9:89:39:d6:55:f1:54:18:13:fa:ed:aa:e9:4b:
70:de:a1:40:1c:05:1d:f7:db:5c:a7:19:6d:9e:b4:
65:b7:98:7f:3a:f6:39:8e:ae:8f:b8:7c:f2:e5:b1:
2e:e4:95:2c:3f:47:f1:c1:20:d5:24:ce:05:68:d0:
97:27:21:9e:c5:58:8e:86:81:c0:92:72:72:4f:eb:
5d:02:81:fe:23:01:8a:e1:d1:bb:1f:3e:09:81:aa:
e9:95:91:66:27:37:cb:e4:a9:6d:97:eb:e9:a0:b6:
21:53:7c:38:f3:08:6e:60:31:ed:79:16:a4:bb:e3:
fc:f1:42:ff:db:01:99:af:4e:04:8e:91:72:d8:5e:
11:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:BB:B4:D8:35:9F:0A:93:8C:E6:2E:91:B6:0D:B6:59:2A:0A:79:EA
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/BF58CCE61C7011F1A488E397DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.88.64.0/23
Signature Algorithm: sha256WithRSAEncryption
0d:1e:87:bf:ca:93:ec:29:fc:05:1a:fb:84:79:6f:09:1f:4a:
ee:28:a4:02:94:ff:d7:6e:99:dd:48:20:b4:e2:ec:ed:e4:5d:
f1:cd:ba:bd:fd:ee:fe:fc:5d:6a:5c:4c:5a:18:2b:fa:07:a5:
44:8b:bb:08:6b:14:c0:1d:0f:93:b4:73:d0:db:3f:6b:fc:ab:
04:94:ba:e2:74:40:cc:d8:14:08:9b:36:84:1d:d0:c6:3c:56:
c3:16:14:93:9e:81:a8:80:7f:ba:f2:29:f5:65:c9:68:90:1a:
99:90:8b:04:20:61:ab:e3:09:35:1e:0e:a9:56:a2:72:e2:44:
96:1d:23:e7:a0:3e:a6:f8:90:e9:56:b7:cf:47:14:52:64:c4:
86:a4:f9:a7:48:f3:8c:9f:aa:53:53:c0:73:46:39:9e:b4:48:
47:85:ab:d3:e8:aa:87:06:28:91:bc:0f:6e:83:6f:db:9c:2b:
39:79:36:29:16:0c:91:5c:45:0b:d2:ab:26:c1:1b:fe:4f:d8:
67:87:8c:1b:20:dc:24:3b:36:6f:36:22:c1:04:a9:71:97:c3:
e7:7e:4b:06:f5:c6:7e:15:f3:22:51:75:9c:76:a5:7b:f7:dd:
45:d9:e4:ee:8b:6e:55:29:b7:6c:53:16:dd:dc:5a:e9:97:04:
a9:36:ec:5b
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAb65MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjYwMzEwMTEwMzE1WhcNMjYwNDE2MTEwMzE1WjAYMRYw
FAYDVQQDEw02OWFmZmE3OC1lNWNiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAx93WgdvmvkcsDvJZ6j2sByvMUMPSJMYYwtTMcJIhfp/LcQm2Ssr581Ww
qxF2pRTH5Nm6QW3RsDOcOPr5JZJlZO8rPh7kYFwMxupeJz9gotgZ8f3hJkAalSEX
S1nNX4yb6REOouqEPNCwgVcl9zODwS1OM22YbGrFyYk51lXxVBgT+u2q6Utw3qFA
HAUd99tcpxltnrRlt5h/OvY5jq6PuHzy5bEu5JUsP0fxwSDVJM4FaNCXJyGexViO
hoHAknJyT+tdAoH+IwGK4dG7Hz4JgarplZFmJzfL5Kltl+vpoLYhU3w48whuYDHt
eRaku+P88UL/2wGZr04EjpFy2F4RrwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFGW7
tNg1nwqTjOYukbYNtlkqCnnqMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9CRjU4Q0NFNjFDNzAxMUYxQTQ4OEUzOTdEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBmlhAMA0GCSqGSIb3DQEB
CwUAA4IBAQANHoe/ypPsKfwFGvuEeW8JH0ruKKQClP/XbpndSCC04uzt5F3xzbq9
/e7+/F1qXExaGCv6B6VEi7sIaxTAHQ+TtHPQ2z9r/KsElLridEDM2BQImzaEHdDG
PFbDFhSTnoGogH+68in1ZclokBqZkIsEIGGr4wk1Hg6pVqJy4kSWHSPnoD6m+JDp
VrfPRxRSZMSGpPmnSPOMn6pTU8BzRjmetEhHhavT6KqHBiiRvA9ug2/bnCs5eTYp
FgyRXEUL0qsmwRv+T9hnh4wbINwkOzZvNiLBBKlxl8PnfksG9cZ+FfMiUXWcdqV7
991F2eTui25VKbdsUxbd3FrplwSpNuxb
-----END CERTIFICATE-----
Generated at Fri Mar 13 00:16:47 2026 by rpki-client