Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/EBAC42821EB411F1A8D850D9DAE4EC9C.roa
File: EBAC42821EB411F1A8D850D9DAE4EC9C.roa (raw, json)
Hash identifier: bxAHktJHyrfzhPnGQohj7dtVDay+DDgXQG5aRwr9Wks=
Subject key identifier: 65:3B:A1:67:A6:7B:6D:5B:68:61:E4:5F:1D:35:6F:07:37:54:6F:F4
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01BF4B
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/EBAC42821EB411F1A8D850D9DAE4EC9C.roa
Signing time: Fri 13 Mar 2026 08:16:23 +0000
ROA not before: Fri 13 Mar 2026 08:16:17 +0000
ROA not after: Wed 29 Apr 2026 08:16:17 +0000
asID: 214143
IP address blocks: 154.81.132.0/22 maxlen: 24
154.81.138.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Thu 26 Mar 2026 08:06:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 114507 (0x1bf4b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Mar 13 08:16:17 2026 GMT
Not After : Apr 29 08:16:17 2026 GMT
Subject: CN=69b3c7d7-7940
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:7b:cd:01:8c:20:83:da:a5:61:0f:f5:78:6f:
b8:8e:75:1d:18:3e:6a:c7:24:c0:18:ec:53:c7:74:
b7:31:e4:eb:c8:bb:a0:90:ee:c3:b3:9c:1d:d6:b6:
64:eb:a2:cf:0f:7e:ce:da:76:93:f6:39:ac:70:39:
d1:30:cc:f7:b4:c7:aa:e2:b2:fb:d0:33:5c:b8:7e:
00:63:fc:44:0c:46:0b:b1:46:41:05:e0:5b:ee:84:
07:ea:6c:74:9d:76:d3:f3:6c:8f:43:2e:ea:1d:b1:
67:b5:31:9d:fd:34:8a:99:37:d2:e5:5f:0e:e6:cd:
ab:c4:18:e8:6d:a4:ec:86:a1:a7:b2:d6:47:3e:b0:
0f:28:38:74:ed:e5:e9:5e:22:3f:cf:d2:b9:24:c4:
b4:14:a8:5b:81:b1:dc:5b:37:e0:68:b5:ad:43:09:
4a:83:45:7a:a9:45:73:45:ef:93:bb:98:80:45:eb:
16:5d:d7:8c:4f:55:77:72:d4:44:93:a5:0d:08:bb:
31:6f:2c:1b:83:72:0c:8c:56:f6:ed:99:e9:a5:ad:
52:b6:ff:d3:9f:e0:cd:93:64:7a:5b:b3:45:2f:a9:
55:04:23:73:9b:8d:fd:63:d3:33:1f:3b:2e:4b:30:
85:66:37:e1:17:37:5d:30:d9:15:80:db:4f:cd:8d:
48:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:3B:A1:67:A6:7B:6D:5B:68:61:E4:5F:1D:35:6F:07:37:54:6F:F4
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/EBAC42821EB411F1A8D850D9DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.81.132.0/22
154.81.138.0/23
Signature Algorithm: sha256WithRSAEncryption
b6:6e:2e:dd:c5:9d:ce:e6:cf:62:3b:34:47:6f:af:e9:a5:8d:
26:cd:f3:7d:b2:20:0a:02:c7:64:c4:a3:9a:ce:73:c5:cd:c4:
03:2f:96:07:ee:e8:1f:a6:18:62:da:f3:16:b0:c5:5b:a5:6d:
bf:6a:7b:42:b4:57:2b:9f:63:45:0b:15:8c:ea:ba:63:00:c1:
a8:2c:31:fd:7f:5b:6b:75:b1:6b:d4:71:df:bf:b9:12:7d:02:
9d:fc:cb:dd:6c:5d:44:34:b5:85:1a:0c:e9:89:09:34:17:2a:
76:d3:d3:ef:b5:25:0b:8d:c0:c2:7a:c5:4d:fb:2e:4c:5d:66:
57:c5:24:a8:97:0a:26:6f:79:34:3a:1c:11:ba:54:4b:19:ed:
d9:70:6d:9f:5c:32:04:cc:f4:fb:86:af:c0:96:8c:61:2a:50:
35:be:db:b1:62:99:a6:2d:10:ce:b0:43:55:7f:39:81:e7:95:
52:62:9e:81:25:2e:79:d7:8f:bf:83:75:33:1d:54:89:c8:c9:
44:7c:65:e9:cc:99:07:c2:ce:bc:32:9a:cb:65:c3:d9:74:00:
9e:24:dd:cb:ca:85:4a:b1:90:fe:5d:a1:71:9c:9e:b0:10:84:
90:fc:af:d9:00:24:c2:f3:58:82:e3:42:42:b1:c4:29:4d:41:
e8:a0:e9:4d
-----BEGIN CERTIFICATE-----
MIIFijCCBHKgAwIBAgIDAb9LMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjYwMzEzMDgxNjE3WhcNMjYwNDI5MDgxNjE3WjAYMRYw
FAYDVQQDEw02OWIzYzdkNy03OTQwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAvHvNAYwgg9qlYQ/1eG+4jnUdGD5qxyTAGOxTx3S3MeTryLugkO7Ds5wd
1rZk66LPD37O2naT9jmscDnRMMz3tMeq4rL70DNcuH4AY/xEDEYLsUZBBeBb7oQH
6mx0nXbT82yPQy7qHbFntTGd/TSKmTfS5V8O5s2rxBjobaTshqGnstZHPrAPKDh0
7eXpXiI/z9K5JMS0FKhbgbHcWzfgaLWtQwlKg0V6qUVzRe+Tu5iAResWXdeMT1V3
ctREk6UNCLsxbywbg3IMjFb27Znppa1Stv/Tn+DNk2R6W7NFL6lVBCNzm439Y9Mz
HzsuSzCFZjfhFzddMNkVgNtPzY1IMwIDAQABo4ICqzCCAqcwHQYDVR0OBBYEFGU7
oWeme21baGHkXx01bwc3VG/0MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9FQkFDNDI4MjFFQjQxMUYxQThEODUwRDlEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCmlGEAwQBmlGKMA0GCSqG
SIb3DQEBCwUAA4IBAQC2bi7dxZ3O5s9iOzRHb6/ppY0mzfN9siAKAsdkxKOaznPF
zcQDL5YH7ugfphhi2vMWsMVbpW2/antCtFcrn2NFCxWM6rpjAMGoLDH9f1trdbFr
1HHfv7kSfQKd/MvdbF1ENLWFGgzpiQk0Fyp209PvtSULjcDCesVN+y5MXWZXxSSo
lwomb3k0OhwRulRLGe3ZcG2fXDIEzPT7hq/AloxhKlA1vtuxYpmmLRDOsENVfzmB
55VSYp6BJS5514+/g3UzHVSJyMlEfGXpzJkHws68MprLZcPZdACeJN3LyoVKsZD+
XaFxnJ6wEISQ/K/ZACTC81iC40JCscQpTUHooOlN
-----END CERTIFICATE-----
Generated at Tue Mar 24 16:13:51 2026 by rpki-client