Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/E89D2A301E2211F1B29C5A7CDAE4EC9C.roa
File: E89D2A301E2211F1B29C5A7CDAE4EC9C.roa (raw, json)
Hash identifier: 5suEuyjC1fqr0VLUIe5gbjMDyRnZEy0cfRnrqACNq44=
Subject key identifier: C4:38:4D:65:25:47:8B:51:8E:3E:B1:12:04:0F:F8:34:3F:46:24:4F
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01BF24
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/E89D2A301E2211F1B29C5A7CDAE4EC9C.roa
Signing time: Thu 12 Mar 2026 14:51:10 +0000
ROA not before: Thu 12 Mar 2026 14:51:06 +0000
ROA not after: Sat 13 Jun 2026 14:51:06 +0000
asID: 139880
IP address blocks: 154.199.32.0/20 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 14 Mar 2026 00:06:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 114468 (0x1bf24)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Mar 12 14:51:06 2026 GMT
Not After : Jun 13 14:51:06 2026 GMT
Subject: CN=69b2d2de-d943
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:00:89:94:dc:14:21:5b:f0:68:27:7e:7b:68:
40:63:58:a8:8d:ab:df:ab:85:36:df:ac:a6:fa:92:
3a:54:64:df:5c:10:ea:10:14:52:1f:ca:8e:9c:13:
58:a4:8b:5e:02:df:bd:bb:63:66:92:4a:94:95:5b:
72:fd:ca:51:b2:99:e2:7f:97:16:5b:06:11:51:41:
dc:70:e4:e0:a7:38:c1:ef:d7:af:21:11:83:c9:90:
c0:2e:d1:61:ad:a1:92:0a:a4:70:37:d0:2a:37:fe:
73:e6:8f:23:93:2a:93:d1:30:c2:ad:8f:e3:fe:52:
ff:aa:f9:ae:9c:9b:d9:ea:94:c5:8b:94:43:35:4b:
0d:72:f0:2e:fc:36:2d:f0:eb:0c:1e:d8:a2:0b:dc:
26:65:9f:13:e8:9d:93:57:95:d3:4a:40:ae:cc:6c:
ef:15:04:65:bb:c4:e2:a5:fb:c7:22:d4:1e:8e:e3:
99:f4:f6:b1:60:7e:a4:7f:15:4a:d4:34:a0:37:53:
15:4b:3d:2f:31:3f:8f:5e:64:7c:aa:e0:cb:f9:48:
e8:04:5c:cb:33:a8:42:02:b5:c4:d5:ee:21:8b:ff:
2a:ea:fb:04:10:48:32:6d:eb:f0:97:59:d9:b8:35:
05:eb:2d:ea:98:12:29:0b:0c:2e:15:4e:85:12:14:
de:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:38:4D:65:25:47:8B:51:8E:3E:B1:12:04:0F:F8:34:3F:46:24:4F
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/E89D2A301E2211F1B29C5A7CDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.199.32.0/20
Signature Algorithm: sha256WithRSAEncryption
1d:d3:c9:8f:fb:a2:39:6c:b9:ad:17:1e:dd:b0:dd:1d:91:56:
39:01:67:8b:b9:63:2c:c8:6a:e0:46:b1:f2:32:58:ee:95:a7:
b5:38:58:69:29:dd:cc:5b:06:ba:0c:44:e9:3e:83:a3:33:d1:
07:36:66:93:1d:1d:8b:db:3e:67:ef:23:a2:4d:f8:dd:58:60:
0b:b9:3b:19:fa:88:94:9a:8f:c5:4f:14:05:8a:12:d5:38:49:
a6:a1:21:67:07:37:a4:88:5b:ec:b0:f6:0d:1a:ab:95:e5:4a:
34:0d:57:f0:20:b9:ed:d8:69:4c:25:62:b8:0f:81:ac:7a:26:
11:88:1f:97:8d:d1:08:cf:4f:f8:7e:d4:84:8c:1f:92:d3:64:
bc:07:39:de:d4:2d:d3:33:59:39:8e:e7:42:b6:10:c2:41:2c:
84:a1:64:26:97:41:88:e0:7d:4e:0a:17:6f:78:e4:70:7a:7c:
3d:5c:37:56:62:b7:2d:31:08:a3:00:b2:06:55:86:db:cf:a5:
ab:76:8b:16:aa:70:98:b8:c5:8e:ec:ca:6b:0b:64:aa:25:8d:
7d:c2:2a:b2:aa:a5:0a:bb:1a:a3:95:59:11:a6:db:9e:1f:de:
c8:8f:6e:80:ce:e0:5e:17:38:82:43:f0:3c:eb:1f:a5:32:f3:
d3:f2:c4:fa
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAb8kMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjYwMzEyMTQ1MTA2WhcNMjYwNjEzMTQ1MTA2WjAYMRYw
FAYDVQQDEw02OWIyZDJkZS1kOTQzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEApACJlNwUIVvwaCd+e2hAY1iojavfq4U236ym+pI6VGTfXBDqEBRSH8qO
nBNYpIteAt+9u2NmkkqUlVty/cpRspnif5cWWwYRUUHccOTgpzjB79evIRGDyZDA
LtFhraGSCqRwN9AqN/5z5o8jkyqT0TDCrY/j/lL/qvmunJvZ6pTFi5RDNUsNcvAu
/DYt8OsMHtiiC9wmZZ8T6J2TV5XTSkCuzGzvFQRlu8TipfvHItQejuOZ9PaxYH6k
fxVK1DSgN1MVSz0vMT+PXmR8quDL+UjoBFzLM6hCArXE1e4hi/8q6vsEEEgybevw
l1nZuDUF6y3qmBIpCwwuFU6FEhTeqQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFMQ4
TWUlR4tRjj6xEgQP+DQ/RiRPMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9FODlEMkEzMDFFMjIxMUYxQjI5QzVBN0NEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEmscgMA0GCSqGSIb3DQEB
CwUAA4IBAQAd08mP+6I5bLmtFx7dsN0dkVY5AWeLuWMsyGrgRrHyMljulae1OFhp
Kd3MWwa6DETpPoOjM9EHNmaTHR2L2z5n7yOiTfjdWGALuTsZ+oiUmo/FTxQFihLV
OEmmoSFnBzekiFvssPYNGquV5Uo0DVfwILnt2GlMJWK4D4GseiYRiB+XjdEIz0/4
ftSEjB+S02S8Bzne1C3TM1k5judCthDCQSyEoWQml0GI4H1OChdveORwenw9XDdW
YrctMQijALIGVYbbz6WrdosWqnCYuMWO7MprC2SqJY19wiqyqqUKuxqjlVkRptue
H97Ij26AzuBeFziCQ/A86x+lMvPT8sT6
-----END CERTIFICATE-----
Generated at Fri Mar 13 01:26:29 2026 by rpki-client