Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/C3C23688237C11F1A4ADF6B9DAE4EC9C.roa
File: C3C23688237C11F1A4ADF6B9DAE4EC9C.roa (raw, json)
Hash identifier: qZ0axjJWNwa19IK03IkKqX3fxKFm0eqdZPX1Yn9PA+k=
Subject key identifier: 3E:A4:1D:A2:32:F3:F0:E6:F1:0B:15:68:BA:99:49:E9:62:CE:D7:93
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01BFDB
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/C3C23688237C11F1A4ADF6B9DAE4EC9C.roa
Signing time: Thu 19 Mar 2026 10:17:00 +0000
ROA not before: Thu 19 Mar 2026 10:16:54 +0000
ROA not after: Fri 24 Apr 2026 10:16:54 +0000
asID: 58931
IP address blocks: 154.95.24.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Thu 26 Mar 2026 08:06:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 114651 (0x1bfdb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Mar 19 10:16:54 2026 GMT
Not After : Apr 24 10:16:54 2026 GMT
Subject: CN=69bbcd1c-7464
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f3:38:9d:d1:5a:72:70:b1:a0:f1:86:b9:9a:80:
c0:30:43:c1:61:93:dd:9a:f5:91:02:e0:71:ce:2e:
4d:6b:85:84:2a:30:f5:77:69:7e:4b:f8:81:41:9f:
86:8e:87:e3:78:eb:47:a3:30:43:15:77:36:6c:79:
be:73:67:37:ee:4b:01:65:c6:5b:07:a0:8f:a5:f8:
7b:1e:f0:01:f6:71:55:ba:ac:94:65:c1:4e:2e:ff:
36:59:68:bf:2e:9e:24:e4:05:30:98:3a:96:bb:d6:
5a:ad:77:8c:17:49:37:1a:1a:29:bb:49:06:34:76:
46:14:cd:df:5a:b2:64:ab:52:6c:53:41:57:7d:67:
93:fc:79:54:cb:a6:fa:2e:d8:21:96:bd:04:dd:5d:
6b:d0:6e:ea:63:7a:7b:45:7e:a8:ea:b3:2f:01:43:
a5:4f:6b:7a:64:d0:06:41:a5:6b:d4:f6:4a:78:23:
1e:68:31:2c:25:a1:76:48:b1:17:89:ab:3a:cf:20:
99:9b:aa:53:9d:73:40:80:12:49:24:f1:01:aa:cf:
64:42:3a:a1:e2:ff:6a:66:70:61:a6:c4:d1:69:71:
c3:cc:f4:83:56:e7:9f:5a:ac:81:3e:e8:fb:8d:3b:
ab:f1:5c:da:6b:aa:8d:7b:81:00:e2:c8:09:9e:29:
46:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:A4:1D:A2:32:F3:F0:E6:F1:0B:15:68:BA:99:49:E9:62:CE:D7:93
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/C3C23688237C11F1A4ADF6B9DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.95.24.0/24
Signature Algorithm: sha256WithRSAEncryption
a5:1c:bf:23:f6:c5:98:96:e8:d0:ff:d8:38:da:15:24:86:4c:
65:a1:dd:44:bb:15:48:b9:c1:f6:42:03:96:15:2f:b9:00:c0:
7a:fa:69:5b:48:f9:69:9e:21:5f:11:8a:c4:90:77:cd:0f:1b:
c6:6a:c1:1b:80:d6:ae:87:d7:66:e8:05:36:ae:22:ba:cf:aa:
00:9f:ac:fc:36:77:56:ac:7d:fd:41:9b:a9:da:4c:e5:80:4c:
06:ae:6f:bb:e0:bb:ff:08:19:5f:b5:08:25:c8:c8:c3:4c:eb:
3a:0e:1b:95:76:37:24:ba:0c:cf:a2:fd:4f:96:5b:df:44:c7:
d0:8c:2d:94:5f:4f:de:8c:43:e6:e2:13:ab:f7:de:f2:a6:7e:
49:e6:89:03:ef:70:a8:a6:26:2c:12:dc:e1:65:7f:5e:a6:db:
27:f0:12:33:cd:08:28:9f:1a:07:5f:16:2f:49:ff:46:a6:86:
c9:14:92:fb:0d:52:67:19:4d:ff:ee:35:6e:2f:ba:51:c5:5f:
e6:73:00:9d:53:d7:62:5c:35:0d:d9:1d:57:db:9b:5b:1f:8c:
23:e4:8b:43:0b:f2:24:dc:a7:7e:40:43:b2:25:b8:82:15:1e:
f8:67:80:a0:f7:63:ed:a3:cd:08:4f:8d:fd:f7:9d:f8:00:53:
06:86:c9:3f
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAb/bMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjYwMzE5MTAxNjU0WhcNMjYwNDI0MTAxNjU0WjAYMRYw
FAYDVQQDEw02OWJiY2QxYy03NDY0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA8zid0VpycLGg8Ya5moDAMEPBYZPdmvWRAuBxzi5Na4WEKjD1d2l+S/iB
QZ+GjofjeOtHozBDFXc2bHm+c2c37ksBZcZbB6CPpfh7HvAB9nFVuqyUZcFOLv82
WWi/Lp4k5AUwmDqWu9ZarXeMF0k3Ghopu0kGNHZGFM3fWrJkq1JsU0FXfWeT/HlU
y6b6Ltghlr0E3V1r0G7qY3p7RX6o6rMvAUOlT2t6ZNAGQaVr1PZKeCMeaDEsJaF2
SLEXias6zyCZm6pTnXNAgBJJJPEBqs9kQjqh4v9qZnBhpsTRaXHDzPSDVuefWqyB
Puj7jTur8Vzaa6qNe4EA4sgJnilGAwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFD6k
HaIy8/Dm8QsVaLqZSelizteTMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9DM0MyMzY4ODIzN0MxMUYxQTRBREY2QjlEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAml8YMA0GCSqGSIb3DQEB
CwUAA4IBAQClHL8j9sWYlujQ/9g42hUkhkxlod1EuxVIucH2QgOWFS+5AMB6+mlb
SPlpniFfEYrEkHfNDxvGasEbgNauh9dm6AU2riK6z6oAn6z8NndWrH39QZup2kzl
gEwGrm+74Lv/CBlftQglyMjDTOs6DhuVdjckugzPov1PllvfRMfQjC2UX0/ejEPm
4hOr997ypn5J5okD73CopiYsEtzhZX9eptsn8BIzzQgonxoHXxYvSf9GpobJFJL7
DVJnGU3/7jVuL7pRxV/mcwCdU9diXDUN2R1X25tbH4wj5ItDC/Ik3Kd+QEOyJbiC
FR74Z4Cg92Pto80IT4399534AFMGhsk/
-----END CERTIFICATE-----
Generated at Tue Mar 24 16:13:50 2026 by rpki-client