Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D4818904244611F18952C7D1DAE4EC9C.roa
File: D4818904244611F18952C7D1DAE4EC9C.roa (raw, json)
Hash identifier: EOvdb2/owRs2o3/P8spW6kyC+PFcX4du0uPoAY/m+XY=
Subject key identifier: FF:84:04:66:51:58:42:2E:A9:39:2B:30:B9:6F:F8:38:E5:F5:0B:A9
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01C016
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D4818904244611F18952C7D1DAE4EC9C.roa
Signing time: Fri 20 Mar 2026 10:23:26 +0000
ROA not before: Fri 20 Mar 2026 10:23:20 +0000
ROA not after: Sun 26 Apr 2026 10:23:20 +0000
asID: 138915
IP address blocks: 154.203.135.0/24 maxlen: 24
154.203.137.0/24 maxlen: 24
154.203.138.0/24 maxlen: 24
154.203.139.0/24 maxlen: 24
154.203.140.0/24 maxlen: 24
154.203.141.0/24 maxlen: 24
154.203.146.0/24 maxlen: 24
154.203.147.0/24 maxlen: 24
154.203.148.0/24 maxlen: 24
154.203.169.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Thu 26 Mar 2026 08:06:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 114710 (0x1c016)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Mar 20 10:23:20 2026 GMT
Not After : Apr 26 10:23:20 2026 GMT
Subject: CN=69bd201e-814b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:1d:c3:90:f4:53:02:fe:e8:97:53:52:6c:21:
8a:1e:40:b3:fe:39:76:50:3d:38:10:a5:90:13:86:
a2:1c:ea:18:1c:eb:c0:2e:64:06:b5:f0:f9:08:0d:
65:11:bd:78:0b:01:63:c3:ce:9a:0f:89:6f:53:dd:
7f:7e:27:35:63:ca:4a:41:96:9e:2c:7b:be:ae:d5:
35:8b:2a:31:27:73:d9:a7:88:bb:34:80:a6:22:1b:
88:e6:1b:a2:83:2c:18:84:fb:25:a9:fe:be:45:86:
36:28:cc:5b:ae:2e:09:6a:47:c1:b0:86:a1:e1:df:
67:4b:a7:b3:5e:9b:95:45:5a:a5:22:36:5f:48:df:
2f:5f:32:dd:28:c5:14:3b:fa:88:73:9e:b5:77:7c:
5f:0a:10:78:51:f4:e6:81:87:f8:51:36:83:ee:a2:
3a:96:32:b6:d6:51:37:55:7f:1e:1a:07:d3:ff:f7:
3d:2e:da:25:ea:3c:56:15:f3:b1:4a:d9:bb:cc:eb:
d0:d1:ee:d4:31:59:2d:73:92:4a:4f:02:c5:e5:ba:
e0:12:72:02:aa:ed:df:fc:aa:0d:3b:6d:70:a4:98:
10:55:d8:0c:51:b1:88:54:c9:46:0b:09:08:f3:a7:
a2:c1:30:4f:f5:45:fe:97:87:d3:0b:f0:8b:08:45:
6a:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:84:04:66:51:58:42:2E:A9:39:2B:30:B9:6F:F8:38:E5:F5:0B:A9
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D4818904244611F18952C7D1DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.203.135.0/24
154.203.137.0-154.203.141.255
154.203.146.0-154.203.148.255
154.203.169.0/24
Signature Algorithm: sha256WithRSAEncryption
53:70:77:13:94:97:50:5b:7a:b8:02:ee:93:10:26:f2:83:52:
b3:86:85:64:4f:96:ad:18:61:9e:cc:44:ec:79:3b:6d:f6:c9:
05:68:48:83:25:47:4c:23:9b:a2:a3:d1:02:bf:26:64:0d:d6:
bb:9c:74:e1:8a:9f:7d:be:b6:58:34:2a:6f:d1:23:78:16:5e:
3c:62:2e:82:43:1a:28:6d:ba:bf:06:c7:5a:6d:08:76:fb:a2:
91:4f:3d:06:88:f6:b9:6c:1f:3e:2e:d4:95:3a:cd:67:f7:74:
62:37:17:be:af:5d:6b:21:6f:14:1b:dd:ec:ac:b5:38:47:35:
ce:40:99:9f:29:76:fb:f8:f1:b7:a6:69:96:6c:df:2f:8a:ba:
29:ad:99:38:e8:f0:4a:46:be:61:d1:f7:2f:4c:bb:0a:14:70:
5d:87:81:cf:86:eb:97:e0:e3:f7:5e:f0:32:f1:6d:e1:41:fc:
3d:8b:ee:83:c5:ed:ab:47:76:76:d4:41:b4:1c:b5:0e:22:59:
b8:83:d2:57:3f:71:34:a1:af:f3:93:76:4d:a7:7b:61:6d:ba:
6b:94:ee:86:0c:44:e3:f2:96:85:dd:74:80:74:bb:da:1a:e0:
b9:e0:dd:66:4a:cf:52:c9:94:f7:1f:19:06:87:e4:15:e2:a2:
ce:4f:a9:4c
-----BEGIN CERTIFICATE-----
MIIFpjCCBI6gAwIBAgIDAcAWMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjYwMzIwMTAyMzIwWhcNMjYwNDI2MTAyMzIwWjAYMRYw
FAYDVQQDEw02OWJkMjAxZS04MTRiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAuh3DkPRTAv7ol1NSbCGKHkCz/jl2UD04EKWQE4aiHOoYHOvALmQGtfD5
CA1lEb14CwFjw86aD4lvU91/fic1Y8pKQZaeLHu+rtU1iyoxJ3PZp4i7NICmIhuI
5huigywYhPslqf6+RYY2KMxbri4JakfBsIah4d9nS6ezXpuVRVqlIjZfSN8vXzLd
KMUUO/qIc561d3xfChB4UfTmgYf4UTaD7qI6ljK21lE3VX8eGgfT//c9Ltol6jxW
FfOxStm7zOvQ0e7UMVktc5JKTwLF5brgEnICqu3f/KoNO21wpJgQVdgMUbGIVMlG
CwkI86eiwTBP9UX+l4fTC/CLCEVqRQIDAQABo4ICxzCCAsMwHQYDVR0OBBYEFP+E
BGZRWEIuqTkrMLlv+Djl9QupMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9ENDgxODkwNDI0NDYxMUYxODk1MkM3RDFEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMEEGCCsGAQUFBwEHAQH/BDIwMDAuBAIAATAoAwQAmsuHMAwDBACay4kDBAGa
y4wwDAMEAZrLkgMEAJrLlAMEAJrLqTANBgkqhkiG9w0BAQsFAAOCAQEAU3B3E5SX
UFt6uALukxAm8oNSs4aFZE+WrRhhnsxE7Hk7bfbJBWhIgyVHTCOboqPRAr8mZA3W
u5x04Yqffb62WDQqb9EjeBZePGIugkMaKG26vwbHWm0IdvuikU89Boj2uWwfPi7U
lTrNZ/d0YjcXvq9dayFvFBvd7Ky1OEc1zkCZnyl2+/jxt6ZplmzfL4q6Ka2ZOOjw
Ska+YdH3L0y7ChRwXYeBz4brl+Dj917wMvFt4UH8PYvug8Xtq0d2dtRBtBy1DiJZ
uIPSVz9xNKGv85N2Tad7YW26a5TuhgxE4/KWhd10gHS72hrgueDdZkrPUsmU9x8Z
BofkFeKizk+pTA==
-----END CERTIFICATE-----
Generated at Tue Mar 24 16:15:56 2026 by rpki-client