Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D77606FC237F11F18A9544CBDAE4EC9C.roa
File: D77606FC237F11F18A9544CBDAE4EC9C.roa (raw, json)
Hash identifier: GKUUAE9oqnA2nBBhXp3T6p9amtIgtWeZUl0wJ+mcWuk=
Subject key identifier: 61:47:36:A1:DD:76:D2:29:BB:FF:2E:87:02:AA:38:82:A3:2A:1E:B8
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01BFDD
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D77606FC237F11F18A9544CBDAE4EC9C.roa
Signing time: Thu 19 Mar 2026 10:39:01 +0000
ROA not before: Thu 19 Mar 2026 10:38:56 +0000
ROA not after: Tue 28 Apr 2026 10:38:56 +0000
asID: 211826
IP address blocks: 154.194.55.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Thu 26 Mar 2026 08:06:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 114653 (0x1bfdd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Mar 19 10:38:56 2026 GMT
Not After : Apr 28 10:38:56 2026 GMT
Subject: CN=69bbd245-d7c0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:b8:aa:7d:ff:57:7e:f4:6d:96:0f:60:cc:37:
6f:0b:94:fa:27:57:e8:fe:d8:f4:c3:cb:cd:37:60:
62:7a:8d:39:14:92:61:48:58:e8:ec:98:0d:43:f1:
1b:98:26:00:3a:14:04:68:88:9c:ed:22:ff:97:52:
b4:4e:16:20:20:43:2b:8b:8e:41:8f:38:e4:7e:8d:
6c:ab:c2:03:c7:a1:96:f7:29:5c:af:2d:e2:5d:fa:
85:e7:94:cd:04:fd:ee:b3:30:e4:b1:1e:66:37:d9:
b7:62:e5:b3:6b:d8:75:10:a0:60:c5:7c:4e:42:54:
8f:a5:32:1a:99:d3:d4:9b:e5:25:20:95:a3:d0:ee:
11:bc:d7:ab:46:5a:f4:25:5b:1c:09:cd:ff:79:4e:
3e:fe:3a:fc:ab:22:1e:29:d5:c6:90:a5:78:a0:e8:
fb:d5:be:a2:1c:31:6f:ee:6c:21:af:e4:d0:5c:49:
ca:fe:18:dd:86:e6:80:22:4f:cb:f6:1f:af:4f:8a:
f0:ff:9c:94:9c:c9:3b:ff:9e:dd:98:e5:dd:84:85:
b4:fa:72:ea:0b:f7:8e:66:a3:91:e8:2d:9b:52:f5:
82:0c:a3:a3:cf:79:aa:47:ac:1b:7f:a6:42:49:e2:
f8:91:3f:b7:04:3d:2e:12:e9:01:b5:5d:21:5d:d2:
5c:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:47:36:A1:DD:76:D2:29:BB:FF:2E:87:02:AA:38:82:A3:2A:1E:B8
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D77606FC237F11F18A9544CBDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.194.55.0/24
Signature Algorithm: sha256WithRSAEncryption
39:7e:b8:49:46:cf:6b:9b:99:c6:87:9f:49:04:25:80:62:5b:
24:9f:a8:34:53:80:d6:6d:13:fe:e3:04:6b:0d:53:61:fa:1d:
01:0d:b2:79:76:7c:cf:23:da:d7:a4:f2:97:ca:c2:07:df:1c:
68:d2:17:27:db:5f:82:19:05:c7:d7:10:87:70:92:9f:ff:d7:
c5:86:61:28:1d:78:45:64:3c:2a:3f:fa:5f:87:84:04:51:6d:
11:ae:10:84:33:32:cd:ee:e4:7b:df:3c:13:f8:6d:51:53:e3:
b3:26:55:3e:fb:28:c2:6e:85:04:81:d6:7b:e0:f6:66:80:d7:
0b:da:d1:6d:97:74:bd:53:6e:85:1a:e1:ec:20:56:06:cf:ba:
cd:93:be:6f:95:a4:3b:73:de:d5:7a:47:13:89:be:51:b0:54:
61:6c:70:43:79:5e:85:8a:d2:aa:f0:79:70:de:81:61:ac:41:
1f:ac:c5:20:d2:9b:27:98:42:cf:e9:d8:da:32:75:ed:0c:30:
a0:66:bf:a2:7c:a6:6e:7f:a6:3f:97:4b:4d:47:af:bb:1c:49:
7a:8b:86:30:0f:4a:26:a9:8d:ef:03:2f:59:ef:2e:bc:f5:66:
24:31:70:d1:cb:48:43:d0:2a:21:3e:67:0f:ee:f5:9a:0c:be:
f5:1d:2e:2e
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAb/dMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjYwMzE5MTAzODU2WhcNMjYwNDI4MTAzODU2WjAYMRYw
FAYDVQQDEw02OWJiZDI0NS1kN2MwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA0biqff9XfvRtlg9gzDdvC5T6J1fo/tj0w8vNN2Bieo05FJJhSFjo7JgN
Q/EbmCYAOhQEaIic7SL/l1K0ThYgIEMri45Bjzjkfo1sq8IDx6GW9ylcry3iXfqF
55TNBP3uszDksR5mN9m3YuWza9h1EKBgxXxOQlSPpTIamdPUm+UlIJWj0O4RvNer
Rlr0JVscCc3/eU4+/jr8qyIeKdXGkKV4oOj71b6iHDFv7mwhr+TQXEnK/hjdhuaA
Ik/L9h+vT4rw/5yUnMk7/57dmOXdhIW0+nLqC/eOZqOR6C2bUvWCDKOjz3mqR6wb
f6ZCSeL4kT+3BD0uEukBtV0hXdJc+wIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFGFH
NqHddtIpu/8uhwKqOIKjKh64MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9ENzc2MDZGQzIzN0YxMUYxOEE5NTQ0Q0JEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmsI3MA0GCSqGSIb3DQEB
CwUAA4IBAQA5frhJRs9rm5nGh59JBCWAYlskn6g0U4DWbRP+4wRrDVNh+h0BDbJ5
dnzPI9rXpPKXysIH3xxo0hcn21+CGQXH1xCHcJKf/9fFhmEoHXhFZDwqP/pfh4QE
UW0RrhCEMzLN7uR73zwT+G1RU+OzJlU++yjCboUEgdZ74PZmgNcL2tFtl3S9U26F
GuHsIFYGz7rNk75vlaQ7c97VekcTib5RsFRhbHBDeV6FitKq8Hlw3oFhrEEfrMUg
0psnmELP6djaMnXtDDCgZr+ifKZuf6Y/l0tNR6+7HEl6i4YwD0omqY3vAy9Z7y68
9WYkMXDRy0hD0CohPmcP7vWaDL71HS4u
-----END CERTIFICATE-----
Generated at Tue Mar 24 16:14:22 2026 by rpki-client