Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D06A7F5C17CF11F18C435CE0DAE4EC9C.roa
File: D06A7F5C17CF11F18C435CE0DAE4EC9C.roa (raw, json)
Hash identifier: wEugCHKuUhnKafXbUWabnNe+sX2kDl9FMd6BV8sAZgQ=
Subject key identifier: 98:F1:70:76:8F:CC:9E:E2:B5:F2:0E:69:1D:44:F1:EF:D3:62:D9:3E
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01BD83
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D06A7F5C17CF11F18C435CE0DAE4EC9C.roa
Signing time: Wed 04 Mar 2026 13:41:15 +0000
ROA not before: Wed 04 Mar 2026 13:41:10 +0000
ROA not after: Wed 25 Mar 2026 13:41:10 +0000
asID: 54801
IP address blocks: 154.198.9.0/24 maxlen: 24
154.198.10.0/24 maxlen: 24
154.200.241.0/24 maxlen: 24
154.200.242.0/24 maxlen: 24
154.200.248.0/23 maxlen: 24
154.201.7.0/24 maxlen: 24
154.201.8.0/22 maxlen: 24
154.201.40.0/23 maxlen: 24
154.213.211.0/24 maxlen: 24
154.213.212.0/24 maxlen: 24
154.222.77.0/24 maxlen: 24
154.222.78.0/24 maxlen: 24
154.222.136.0/23 maxlen: 24
154.222.146.0/23 maxlen: 24
154.223.230.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Wed 25 Mar 2026 13:41:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 114051 (0x1bd83)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Mar 4 13:41:10 2026 GMT
Not After : Mar 25 13:41:10 2026 GMT
Subject: CN=69a8367b-254e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:2b:97:76:cc:66:db:31:c5:fd:85:e0:e8:ae:
bb:18:ea:3b:69:ed:3f:4b:91:9c:fb:ca:f8:14:ad:
2a:52:07:09:86:17:38:7b:ac:74:21:34:ae:16:4f:
d1:c6:54:00:e0:32:cb:fe:96:a6:46:63:e3:d7:0a:
4b:87:94:01:74:93:42:2a:fb:6c:1e:01:1c:c9:1b:
d2:fa:ed:3e:a8:49:23:54:4f:36:ea:80:44:66:e2:
47:64:5a:84:fa:f9:72:de:71:66:82:4f:06:3a:98:
7e:c9:c3:9e:bc:e2:74:fe:c3:f0:d2:30:7b:bb:52:
ba:7b:6d:2c:5c:b2:e0:a3:b0:a2:fb:e9:cf:04:8d:
32:9b:c7:f5:b7:6e:77:a7:7f:82:17:a6:1f:a1:48:
3f:5a:82:14:f4:6b:7b:23:38:2e:c9:31:15:91:71:
5b:41:aa:c7:f6:c7:f7:04:7d:f9:5d:7f:67:bd:12:
57:bd:2e:38:12:75:5a:8f:b4:3d:8f:82:d5:89:d7:
95:bd:d2:77:ab:b9:44:14:85:0f:4c:9a:20:4e:89:
c1:11:03:01:03:27:64:4a:5b:6e:70:8b:3f:92:42:
50:cf:34:db:95:6c:38:06:57:e3:74:d4:0b:bd:6c:
de:48:8d:cf:ef:08:2e:ad:c6:03:ac:ba:5e:2e:d1:
ad:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:F1:70:76:8F:CC:9E:E2:B5:F2:0E:69:1D:44:F1:EF:D3:62:D9:3E
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D06A7F5C17CF11F18C435CE0DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.198.9.0-154.198.10.255
154.200.241.0-154.200.242.255
154.200.248.0/23
154.201.7.0-154.201.11.255
154.201.40.0/23
154.213.211.0-154.213.212.255
154.222.77.0-154.222.78.255
154.222.136.0/23
154.222.146.0/23
154.223.230.0/23
Signature Algorithm: sha256WithRSAEncryption
8f:4b:b5:c0:50:46:20:3c:9a:0d:34:e5:59:19:ed:af:bd:5d:
ba:48:24:e8:8f:c8:06:f3:42:c2:fd:71:40:c1:18:a6:77:a7:
ac:aa:0d:22:d2:6f:26:5f:74:3a:c5:56:ae:cd:4b:ea:b1:36:
0d:72:68:e5:8d:f5:15:c9:72:2a:2a:17:92:43:b8:d9:d1:05:
e1:2b:c5:28:e7:79:2e:da:a0:8d:5a:44:c1:ab:46:64:c7:e3:
8e:96:c8:eb:fb:30:58:92:a7:84:68:c2:df:8f:55:09:a3:d6:
4f:7a:9f:86:b9:34:28:e8:22:f6:c6:20:47:4d:02:55:33:48:
32:7d:0a:f2:ac:27:63:38:cf:59:5a:81:f3:49:7c:66:42:4d:
d4:3b:d1:b2:96:4d:88:fb:a5:39:33:e7:fc:8f:87:c3:25:ac:
bf:ae:23:f7:bb:d4:da:e3:b5:10:c2:7d:ff:e7:ba:7c:ad:80:
a5:c3:8d:db:26:39:5e:b9:79:c5:a4:22:a1:a3:0e:c7:6d:c0:
39:cb:66:c8:92:22:4e:35:96:b5:62:53:78:be:f5:69:b6:d7:
47:4d:d5:7e:a6:62:f3:f6:e3:9b:6c:52:2b:02:37:71:f9:d8:
83:fa:c0:76:2d:ed:ab:41:7a:44:d3:80:e9:01:96:8d:ba:44:
bf:69:44:1b
-----BEGIN CERTIFICATE-----
MIIF4jCCBMqgAwIBAgIDAb2DMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjYwMzA0MTM0MTEwWhcNMjYwMzI1MTM0MTEwWjAYMRYw
FAYDVQQDEw02OWE4MzY3Yi0yNTRlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAySuXdsxm2zHF/YXg6K67GOo7ae0/S5Gc+8r4FK0qUgcJhhc4e6x0ITSu
Fk/RxlQA4DLL/pamRmPj1wpLh5QBdJNCKvtsHgEcyRvS+u0+qEkjVE826oBEZuJH
ZFqE+vly3nFmgk8GOph+ycOevOJ0/sPw0jB7u1K6e20sXLLgo7Ci++nPBI0ym8f1
t253p3+CF6YfoUg/WoIU9Gt7IzguyTEVkXFbQarH9sf3BH35XX9nvRJXvS44EnVa
j7Q9j4LVideVvdJ3q7lEFIUPTJogTonBEQMBAydkSltucIs/kkJQzzTblWw4Blfj
dNQLvWzeSI3P7wgurcYDrLpeLtGt1QIDAQABo4IDAzCCAv8wHQYDVR0OBBYEFJjx
cHaPzJ7itfIOaR1E8e/TYtk+MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9EMDZBN0Y1QzE3Q0YxMUYxOEM0MzVDRTBEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMH0GCCsGAQUFBwEHAQH/BG4wbDBqBAIAATBkMAwDBACaxgkDBACaxgowDAME
AJrI8QMEAJrI8gMEAZrI+DAMAwQAmskHAwQCmskIAwQBmskoMAwDBACa1dMDBACa
1dQwDAMEAJreTQMEAJreTgMEAZreiAMEAZrekgMEAZrf5jANBgkqhkiG9w0BAQsF
AAOCAQEAj0u1wFBGIDyaDTTlWRntr71dukgk6I/IBvNCwv1xQMEYpnenrKoNItJv
Jl90OsVWrs1L6rE2DXJo5Y31FclyKioXkkO42dEF4SvFKOd5LtqgjVpEwatGZMfj
jpbI6/swWJKnhGjC349VCaPWT3qfhrk0KOgi9sYgR00CVTNIMn0K8qwnYzjPWVqB
80l8ZkJN1DvRspZNiPulOTPn/I+HwyWsv64j97vU2uO1EMJ9/+e6fK2ApcON2yY5
Xrl5xaQioaMOx23AOctmyJIiTjWWtWJTeL71abbXR03VfqZi8/bjm2xSKwI3cfnY
g/rAdi3tq0F6RNOA6QGWjbpEv2lEGw==
-----END CERTIFICATE-----
Generated at Tue Mar 24 16:14:24 2026 by rpki-client