Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/E494F8A217C711F1AF6DF5AFDAE4EC9C.roa
File: E494F8A217C711F1AF6DF5AFDAE4EC9C.roa (raw, json)
Hash identifier: PZpAgddSeqU2FraVvpUM9BVIxBuKlu255qv4jH/1NZU=
Subject key identifier: 2F:DA:44:55:D4:17:29:27:B9:81:BD:2C:18:16:DB:4C:26:CF:D6:B0
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01BD75
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/E494F8A217C711F1AF6DF5AFDAE4EC9C.roa
Signing time: Wed 04 Mar 2026 12:44:33 +0000
ROA not before: Wed 04 Mar 2026 12:44:28 +0000
ROA not after: Fri 10 Apr 2026 12:44:28 +0000
asID: 395886
IP address blocks: 154.94.224.0/20 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Wed 25 Mar 2026 10:47:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 114037 (0x1bd75)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Mar 4 12:44:28 2026 GMT
Not After : Apr 10 12:44:28 2026 GMT
Subject: CN=69a82930-f74a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:53:77:84:4b:11:98:9b:c6:26:23:e2:a4:5d:
d1:73:5d:30:e7:04:e9:7e:86:dd:ca:e9:df:2b:e2:
f3:e4:d2:de:36:65:cc:51:cf:2c:67:30:2f:32:18:
00:2a:41:8a:ce:ad:d5:ca:e9:8b:1a:de:21:5d:46:
e1:71:72:57:1d:a0:3d:50:3a:cc:b2:02:58:85:16:
e2:82:3f:b2:26:fd:32:f9:26:89:fa:85:5a:17:e6:
e5:7a:78:6e:31:fe:9f:a1:58:eb:71:44:fc:ea:a0:
59:38:57:32:a1:f7:5a:48:0d:cb:5d:16:d3:ef:0d:
73:01:4f:56:a2:e3:40:f2:63:02:fb:a1:cb:51:14:
f1:a8:07:b6:06:4f:4f:5d:57:3c:30:ed:d4:41:85:
f9:66:b0:42:c8:05:1e:7f:97:00:76:02:c0:11:68:
c3:b9:33:45:5e:92:69:bd:a9:d7:18:00:88:ab:12:
e7:b4:4c:c6:4c:44:5e:2c:1a:10:1b:64:20:96:8d:
9d:ce:6f:60:04:38:82:0b:c6:10:35:b6:1c:02:a4:
9d:ad:cd:ab:11:fe:3c:94:50:23:be:d3:93:54:44:
8b:8e:fb:db:9d:68:35:d1:d9:9b:4c:30:86:98:64:
b2:b1:3e:87:46:b3:3c:cd:8a:64:e7:55:5b:f6:b1:
87:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:DA:44:55:D4:17:29:27:B9:81:BD:2C:18:16:DB:4C:26:CF:D6:B0
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/E494F8A217C711F1AF6DF5AFDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.94.224.0/20
Signature Algorithm: sha256WithRSAEncryption
50:dd:0f:08:45:6b:fa:57:a9:7f:0d:67:9f:2b:34:57:01:a5:
cd:f5:55:f4:a0:38:5c:aa:21:9d:92:3c:1e:c0:0a:2b:3e:c0:
5c:b1:03:cd:5a:64:d8:08:28:e2:1b:1c:ff:6f:78:d6:d8:18:
8d:7d:7a:27:e9:8e:9e:af:9a:af:d7:3f:4f:e3:6f:54:76:46:
4e:72:30:ae:c7:cb:55:2b:bf:1a:47:73:b2:cd:50:be:28:1a:
bc:7c:76:cd:88:54:95:ea:02:ba:9e:07:61:f0:0e:88:f3:db:
7c:28:02:ec:7c:cc:d2:47:14:cf:0b:d6:24:b8:30:20:f2:b5:
1c:e2:7d:d6:e3:d8:e3:e0:a5:7c:08:39:b7:bd:19:08:0d:66:
c5:0f:13:88:20:42:45:80:3e:82:2a:e2:8a:df:e4:da:7e:d4:
c3:4e:2a:1c:12:19:ed:33:92:fa:27:7b:03:73:4b:82:11:db:
6f:a9:f9:22:4f:8e:ec:2f:78:b9:30:a1:8c:5a:b7:34:bf:42:
54:5b:f7:89:89:b3:f9:e4:bc:f6:57:ff:75:a9:0f:82:e0:f8:
f9:81:b5:dc:d1:03:49:0f:3e:b7:a1:5d:9e:e8:42:f2:8c:fd:
a5:31:e8:5c:dd:21:05:15:70:37:c8:78:62:9c:03:b9:a0:94:
55:da:91:37
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAb11MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjYwMzA0MTI0NDI4WhcNMjYwNDEwMTI0NDI4WjAYMRYw
FAYDVQQDEw02OWE4MjkzMC1mNzRhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAzFN3hEsRmJvGJiPipF3Rc10w5wTpfobdyunfK+Lz5NLeNmXMUc8sZzAv
MhgAKkGKzq3VyumLGt4hXUbhcXJXHaA9UDrMsgJYhRbigj+yJv0y+SaJ+oVaF+bl
enhuMf6foVjrcUT86qBZOFcyofdaSA3LXRbT7w1zAU9WouNA8mMC+6HLURTxqAe2
Bk9PXVc8MO3UQYX5ZrBCyAUef5cAdgLAEWjDuTNFXpJpvanXGACIqxLntEzGTERe
LBoQG2Qglo2dzm9gBDiCC8YQNbYcAqSdrc2rEf48lFAjvtOTVESLjvvbnWg10dmb
TDCGmGSysT6HRrM8zYpk51Vb9rGH8wIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFC/a
RFXUFyknuYG9LBgW20wmz9awMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9FNDk0RjhBMjE3QzcxMUYxQUY2REY1QUZEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEml7gMA0GCSqGSIb3DQEB
CwUAA4IBAQBQ3Q8IRWv6V6l/DWefKzRXAaXN9VX0oDhcqiGdkjwewAorPsBcsQPN
WmTYCCjiGxz/b3jW2BiNfXon6Y6er5qv1z9P429UdkZOcjCux8tVK78aR3OyzVC+
KBq8fHbNiFSV6gK6ngdh8A6I89t8KALsfMzSRxTPC9YkuDAg8rUc4n3W49jj4KV8
CDm3vRkIDWbFDxOIIEJFgD6CKuKK3+TaftTDTiocEhntM5L6J3sDc0uCEdtvqfki
T47sL3i5MKGMWrc0v0JUW/eJibP55Lz2V/91qQ+C4Pj5gbXc0QNJDz63oV2e6ELy
jP2lMehc3SEFFXA3yHhinAO5oJRV2pE3
-----END CERTIFICATE-----
Generated at Mon Mar 23 20:17:48 2026 by rpki-client