Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/DFA4D52C1E1811F1898C0AC2DAE4EC9C.roa
File: DFA4D52C1E1811F1898C0AC2DAE4EC9C.roa (raw, json)
Hash identifier: kOm0142JJUOW9s0F04ks3a3A+Q9IWwXPVWfa2933t60=
Subject key identifier: 1E:F1:E0:36:CA:5A:CA:61:D5:84:BF:1B:A6:88:DD:AC:1C:D2:9D:56
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01BF1A
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/DFA4D52C1E1811F1898C0AC2DAE4EC9C.roa
Signing time: Thu 12 Mar 2026 13:39:21 +0000
ROA not before: Thu 12 Mar 2026 13:39:15 +0000
ROA not after: Sun 19 Apr 2026 13:39:15 +0000
asID: 11404
IP address blocks: 154.194.236.0/22 maxlen: 24
154.199.96.0/19 maxlen: 24
154.199.128.0/19 maxlen: 24
154.211.192.0/20 maxlen: 24
154.211.224.0/19 maxlen: 24
154.214.16.0/20 maxlen: 24
154.215.16.0/20 maxlen: 24
154.215.32.0/19 maxlen: 24
154.216.16.0/20 maxlen: 24
154.222.160.0/19 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Thu 26 Mar 2026 08:06:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 114458 (0x1bf1a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Mar 12 13:39:15 2026 GMT
Not After : Apr 19 13:39:15 2026 GMT
Subject: CN=69b2c209-25d5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:78:2c:fd:57:57:c3:ea:33:6f:2c:48:2e:68:
6c:24:eb:2b:31:f1:95:b6:32:42:de:1e:17:2e:92:
49:d7:c3:50:00:a5:0c:f2:2c:87:f9:32:70:43:19:
c5:32:c3:5b:16:36:9e:52:0c:db:0f:c2:15:e0:c2:
14:aa:a6:5e:1f:37:a1:e4:ca:43:6b:d0:09:d4:9b:
4c:54:64:45:54:73:cc:67:a1:15:a1:b9:ac:24:54:
1b:ae:05:1a:e6:67:ba:3e:4e:8a:2a:f5:47:ac:4d:
e7:e8:3c:2f:bd:c0:e6:11:40:ae:01:2d:56:82:19:
06:91:78:ef:6d:04:ef:99:c5:df:0b:d3:54:0b:44:
52:3b:d1:cb:dd:27:b7:0b:09:89:8f:19:df:6b:5f:
60:99:0f:eb:a5:b3:47:df:ff:9f:b5:9a:59:5b:ac:
16:71:06:a8:82:b9:fb:e7:c4:99:21:68:77:1d:95:
74:54:51:90:8d:03:aa:78:02:a9:15:36:7b:89:2c:
22:9b:e5:e0:2c:43:bd:c1:39:c8:05:e1:25:c4:b9:
ad:91:85:02:48:ff:6d:96:13:62:94:96:f4:50:06:
44:2b:ab:85:f6:08:ef:68:4e:6a:f2:3b:15:a3:b4:
c6:19:4c:c7:f2:b3:b1:a2:da:75:03:be:a7:ad:4a:
35:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:F1:E0:36:CA:5A:CA:61:D5:84:BF:1B:A6:88:DD:AC:1C:D2:9D:56
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/DFA4D52C1E1811F1898C0AC2DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.194.236.0/22
154.199.96.0-154.199.159.255
154.211.192.0/20
154.211.224.0/19
154.214.16.0/20
154.215.16.0-154.215.63.255
154.216.16.0/20
154.222.160.0/19
Signature Algorithm: sha256WithRSAEncryption
27:aa:fd:f3:16:64:28:3a:44:52:87:ef:78:ba:41:f2:2b:a0:
f2:ea:a5:c2:ed:24:42:0d:d6:ec:de:eb:b6:2b:00:70:a4:19:
6d:bf:35:74:a4:4c:2a:51:60:5c:22:c1:5d:ea:29:73:07:96:
28:a5:1c:e5:7a:16:1b:b9:ec:f6:88:f3:c3:1a:ad:e0:30:5d:
6b:a0:76:e1:3d:00:b5:18:80:c8:6f:bc:ed:4d:99:c6:54:d9:
2b:b0:64:9e:c2:c2:40:27:4b:d8:3f:24:d7:05:5e:23:c5:69:
56:94:ff:67:fd:d6:de:64:f6:90:8d:9e:a0:3f:fa:11:57:40:
6d:1f:10:af:ea:9b:7d:7f:2e:34:a9:5d:1d:d0:05:b6:41:a9:
9c:4d:f1:59:75:82:c1:f1:16:97:64:ba:a5:90:5a:cb:e9:2f:
41:e4:94:ec:9d:c8:87:41:d8:1d:c4:79:da:61:e5:57:18:0d:
8d:90:d1:cb:85:1d:29:ca:c0:7b:d9:6e:5a:aa:47:8e:d4:4b:
84:5d:9a:16:98:07:c4:d6:70:cf:ca:c7:0e:a8:7e:91:e7:e2:
21:b4:61:ff:d7:9d:68:de:d3:14:81:be:81:3d:77:ff:e9:c5:
85:73:27:2e:65:5e:3a:e0:0a:ee:ab:04:94:64:05:f7:59:d3:
56:87:6b:7b
-----BEGIN CERTIFICATE-----
MIIFvjCCBKagAwIBAgIDAb8aMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjYwMzEyMTMzOTE1WhcNMjYwNDE5MTMzOTE1WjAYMRYw
FAYDVQQDEw02OWIyYzIwOS0yNWQ1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA0Hgs/VdXw+ozbyxILmhsJOsrMfGVtjJC3h4XLpJJ18NQAKUM8iyH+TJw
QxnFMsNbFjaeUgzbD8IV4MIUqqZeHzeh5MpDa9AJ1JtMVGRFVHPMZ6EVobmsJFQb
rgUa5me6Pk6KKvVHrE3n6DwvvcDmEUCuAS1WghkGkXjvbQTvmcXfC9NUC0RSO9HL
3Se3CwmJjxnfa19gmQ/rpbNH3/+ftZpZW6wWcQaogrn758SZIWh3HZV0VFGQjQOq
eAKpFTZ7iSwim+XgLEO9wTnIBeElxLmtkYUCSP9tlhNilJb0UAZEK6uF9gjvaE5q
8jsVo7TGGUzH8rOxotp1A76nrUo1AwIDAQABo4IC3zCCAtswHQYDVR0OBBYEFB7x
4DbKWsph1YS/G6aI3awc0p1WMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9ERkE0RDUyQzFFMTgxMUYxODk4QzBBQzJEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMFkGCCsGAQUFBwEHAQH/BEowSDBGBAIAATBAAwQCmsLsMAwDBAWax2ADBAWa
x4ADBASa08ADBAWa0+ADBASa1hAwDAMEBJrXEAMEBprXAAMEBJrYEAMEBZreoDAN
BgkqhkiG9w0BAQsFAAOCAQEAJ6r98xZkKDpEUofveLpB8iug8uqlwu0kQg3W7N7r
tisAcKQZbb81dKRMKlFgXCLBXeopcweWKKUc5XoWG7ns9ojzwxqt4DBda6B24T0A
tRiAyG+87U2ZxlTZK7BknsLCQCdL2D8k1wVeI8VpVpT/Z/3W3mT2kI2eoD/6EVdA
bR8Qr+qbfX8uNKldHdAFtkGpnE3xWXWCwfEWl2S6pZBay+kvQeSU7J3Ih0HYHcR5
2mHlVxgNjZDRy4UdKcrAe9luWqpHjtRLhF2aFpgHxNZwz8rHDqh+kefiIbRh/9ed
aN7TFIG+gT13/+nFhXMnLmVeOuAK7qsElGQF91nTVodrew==
-----END CERTIFICATE-----
Generated at Tue Mar 24 16:14:24 2026 by rpki-client